EDITH

BONSOIR, suis désolée je dois fermer un sujet, je ne savais pas qu'il était impossible d'en avoir deux , merci pour ton aide.. Edith

bonjour, je ne vois pas ma réponse alors je réécris le nom du fichier est bien "iastor". J'ai un message d'erreur avant chaque déconnexion de mon pc "Windows doit redémarrer lanceur de processus serveur DCOM s'est terminé de façon inattendue".

si cela peut aider, toujours le même message avant la deconnexion de mon pc "Windows doit maintenant redémarrer le lanceur de processus serveur DCOM s'est terminé de façon inattendue", à la reconnexion Norton bloque tjs des tentatives d'intrusion

bonjour, il s'agit bien du fichier "IASTOR", une erreur de ma part..

Fichier iaStor.sys reçu le 2010.02.07 21:47:35 (UTC)Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.02.07 - AhnLab-V3 5.0.0.2 2010.02.06 - AntiVir 7.9.1.160 2010.02.07 - Antiy-AVL 2.0.3.7 2010.02.05 - Authentium 5.2.0.5 2010.02.07 - Avast 4.8.1351.0 2010.02.07 - AVG 9.0.0.730 2010.02.07 - BitDefender 7.2 2010.02.07 - CAT-QuickHeal 10.00 2010.02.06 - ClamAV 0.96.0.0-git 2010.02.07 - Comodo 3854 2010.02.07 - DrWeb 5.0.1.12222 2010.02.07 - eSafe 7.0.17.0 2010.02.07 - eTrust-Vet 35.2.7286 2010.02.05 - F-Prot 4.5.1.85 2010.02.07 - F-Secure 9.0.15370.0 2010.02.07 - Fortinet 4.0.14.0 2010.02.07 - GData 19 2010.02.07 - Ikarus T3.1.1.80.0 2010.02.07 - Jiangmin 13.0.900 2010.02.07 - K7AntiVirus 7.10.968 2010.02.06 - Kaspersky 7.0.0.125 2010.02.07 - McAfee 5885 2010.02.07 - McAfee+Artemis 5885 2010.02.07 - McAfee-GW-Edition 6.8.5 2010.02.07 - Microsoft 1.5406 2010.02.07 - NOD32 4845 2010.02.07 - Norman 6.04.03 2010.02.07 - nProtect 2009.1.8.0 2010.02.07 - Panda 10.0.2.2 2010.02.07 - PCTools 7.0.3.5 2010.02.07 - Prevx 3.0 2010.02.07 - Rising 22.33.06.04 2010.02.07 - Sophos 4.50.0 2010.02.07 - Sunbelt 3.2.1858.2 2010.02.07 - TheHacker 6.5.1.0.182 2010.02.07 - TrendMicro 9.120.0.1004 2010.02.07 - VBA32 3.12.12.1 2010.02.05 - ViRobot 2010.2.5.2174 2010.02.05 - VirusBuster 5.0.21.0 2010.02.07 - Information additionnelle File size: 304920 bytes MD5 : 997e8f5939f2d12cd9f2e6b395724c16 SHA1 : 31901f9ced1659e73d001ef9b729d7ed4e110797 SHA256: c22f10bade29da6f7eb79d9f5d81d9fbec17d4d4f8b25e0af4e5ceae28e8abf6 PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0xC3005<BR>timedatestamp.....: 0x46018619 (Wed Mar 21 20:23:05 2007)<BR>machinetype.......: 0x14C (Intel I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x436C8 0x43800 6.47 7c022f875be31a66d52b222e8da287df<BR>.rdata 0x45000 0xB5C 0xC00 5.60 b43a9a8fb651e2e89632bb7c2f4e286b<BR>.data 0x46000 0x7C720 0x1000 4.80 3abe2d97cbb55bd6552af2e51999d4bc<BR>INIT 0xC3000 0xD50 0xE00 5.52 46854faa1c8753b4325f748f7dd548d6<BR>.rsrc 0xC4000 0x458 0x600 2.61 dab25a72e6fedc4cc3430246e93ffaad<BR>.reloc 0xC5000 0x1F96 0x2000 5.53 dde75ed07d43dc6968e757d165dd9fdc<BR><BR>( 2 imports )<BR><BR>> hal.dll: KfAcquireSpinLock, KfReleaseSpinLock, ExAcquireFastMutex, ExReleaseFastMutex, KeStallExecutionProcessor, KeGetCurrentIrql<BR>> ntoskrnl.exe: ZwClose, ZwQueryValueKey, DbgPrint, ZwOpenKey, InterlockedPopEntrySList, IofCompleteRequest, KeSetEvent, PoSetPowerState, _aullshr, IoFreeWorkItem, IoUnregisterPlugPlayNotification, ObfDereferenceObject, KeWaitForSingleObject, IofCallDriver, IoBuildDeviceIoControlRequest, KeInitializeEvent, memcpy, IoGetDeviceObjectPointer, IoQueueWorkItem, IoAllocateWorkItem, IoRegisterPlugPlayNotification, KeClearEvent, WRITE_REGISTER_ULONG, READ_REGISTER_ULONG, ObReferenceObjectByHandle, MmGetPhysicalAddress, KeCancelTimer, KeSetTimerEx, KeInitializeTimerEx, memmove, KeDelayExecutionThread, _aulldiv, strncpy, strncmp, _purecall, sprintf, _allmul, InterlockedPushEntrySList, RtlCompareMemory, IoInvalidateDeviceRelations, KeSetTimer, ExSystemTimeToLocalTime, KeQuerySystemTime, MmUnmapIoSpace, MmMapIoSpace, RtlWriteRegistryValue, ZwCreateKey, swprintf, KeLeaveCriticalRegion, KeEnterCriticalRegion, MmMapLockedPagesSpecifyCache, ExDeleteNPagedLookasideList, KeBugCheck, PsTerminateSystemThread, KeWaitForMultipleObjects, KeSetPriorityThread, PsCreateSystemThread, ExInitializeNPagedLookasideList, memset, _aulldvrm, PoRequestPowerIrp, PoStartNextPowerIrp, PoCallDriver, IoReleaseRemoveLockEx, IoAcquireRemoveLockEx, IoFreeIrp, IoAllocateIrp, IoGetAttachedDeviceReference, _alldiv, IoDeleteSymbolicLink, IoAttachDeviceToDeviceStack, IoCreateSymbolicLink, IoGetConfigurationInformation, IoInitializeRemoveLockEx, IoCreateDevice, RtlUnicodeStringToInteger, wcsncpy, wcsstr, IoDeleteDevice, IoDetachDevice, _wcsupr, IoGetDeviceProperty, ZwCreateDirectoryObject, KeInitializeDpc, KeInitializeTimer, ExRegisterCallback, ExCreateCallback, IoConnectInterrupt, IoReportResourceForDetection, ExUnregisterCallback, IoDisconnectInterrupt, IoReleaseRemoveLockAndWaitEx, RtlCheckRegistryKey, KeRemoveQueueDpc, KeQueryTimeIncrement, KeTickCount, IoFreeMdl, MmProbeAndLockPages, IoAllocateMdl, strncat, RtlAnsiStringToUnicodeString, RtlInitAnsiString, ObfReferenceObject, PoRegisterDeviceForIdleDetection, IoInvalidateDeviceState, IoWriteErrorLogEntry, IoAllocateErrorLogEntry, IoGetDmaAdapter, strstr, RtlCreateRegistryKey, RtlCopyUnicodeString, KeInsertQueueDpc, KefAcquireSpinLockAtDpcLevel, KefReleaseSpinLockFromDpcLevel, IoRequestDeviceEject, KeBugCheckEx, RtlUnwind, RtlInitUnicodeString, ExAllocatePoolWithTag, RtlAppendUnicodeToString, RtlAppendUnicodeStringToString, RtlQueryRegistryValues, _aullrem, ExFreePoolWithTag<BR><BR>( 0 exports )<BR> TrID : File type identification<BR>Win64 Executable Generic (87.2%)<BR>Win32 Executable Generic (8.6%)<BR>Generic Win/DOS Executable (2.0%)<BR>DOS Executable Generic (2.0%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) ssdeep: 6144:1T5EaniYRjsT1SzUPLA/y3MJyCV9VolxyrTX:LRje4kqy8JD9aHQX PEiD : - RDS : NSRL Reference Data Set<BR>- Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.02.07 - AhnLab-V3 5.0.0.2 2010.02.06 - AntiVir 7.9.1.160 2010.02.07 - Antiy-AVL 2.0.3.7 2010.02.05 - Authentium 5.2.0.5 2010.02.07 - Avast 4.8.1351.0 2010.02.07 - AVG 9.0.0.730 2010.02.07 - BitDefender 7.2 2010.02.07 - CAT-QuickHeal 10.00 2010.02.06 - ClamAV 0.96.0.0-git 2010.02.07 - Comodo 3854 2010.02.07 - DrWeb 5.0.1.12222 2010.02.07 - eSafe 7.0.17.0 2010.02.07 - eTrust-Vet 35.2.7286 2010.02.05 - F-Prot 4.5.1.85 2010.02.07 - F-Secure 9.0.15370.0 2010.02.07 - Fortinet 4.0.14.0 2010.02.07 - GData 19 2010.02.07 - Ikarus T3.1.1.80.0 2010.02.07 - Jiangmin 13.0.900 2010.02.07 - K7AntiVirus 7.10.968 2010.02.06 - Kaspersky 7.0.0.125 2010.02.07 - McAfee 5885 2010.02.07 - McAfee+Artemis 5885 2010.02.07 - McAfee-GW-Edition 6.8.5 2010.02.07 - Microsoft 1.5406 2010.02.07 - NOD32 4845 2010.02.07 - Norman 6.04.03 2010.02.07 - nProtect 2009.1.8.0 2010.02.07 - Panda 10.0.2.2 2010.02.07 - PCTools 7.0.3.5 2010.02.07 - Prevx 3.0 2010.02.07 - Rising 22.33.06.04 2010.02.07 - Sophos 4.50.0 2010.02.07 - Sunbelt 3.2.1858.2 2010.02.07 - TheHacker 6.5.1.0.182 2010.02.07 - TrendMicro 9.120.0.1004 2010.02.07 - VBA32 3.12.12.1 2010.02.05 - ViRobot 2010.2.5.2174 2010.02.05 - VirusBuster 5.0.21.0 2010.02.07 - Information additionnelle File size: 304920 bytes MD5 : 997e8f5939f2d12cd9f2e6b395724c16 SHA1 : 31901f9ced1659e73d001ef9b729d7ed4e110797 SHA256: c22f10bade29da6f7eb79d9f5d81d9fbec17d4d4f8b25e0af4e5ceae28e8abf6 PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0xC3005<BR>timedatestamp.....: 0x46018619 (Wed Mar 21 20:23:05 2007)<BR>machinetype.......: 0x14C (Intel I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x436C8 0x43800 6.47 7c022f875be31a66d52b222e8da287df<BR>.rdata 0x45000 0xB5C 0xC00 5.60 b43a9a8fb651e2e89632bb7c2f4e286b<BR>.data 0x46000 0x7C720 0x1000 4.80 3abe2d97cbb55bd6552af2e51999d4bc<BR>INIT 0xC3000 0xD50 0xE00 5.52 46854faa1c8753b4325f748f7dd548d6<BR>.rsrc 0xC4000 0x458 0x600 2.61 dab25a72e6fedc4cc3430246e93ffaad<BR>.reloc 0xC5000 0x1F96 0x2000 5.53 dde75ed07d43dc6968e757d165dd9fdc<BR><BR>( 2 imports )<BR><BR>> hal.dll: KfAcquireSpinLock, KfReleaseSpinLock, ExAcquireFastMutex, ExReleaseFastMutex, KeStallExecutionProcessor, KeGetCurrentIrql<BR>> ntoskrnl.exe: ZwClose, ZwQueryValueKey, DbgPrint, ZwOpenKey, InterlockedPopEntrySList, IofCompleteRequest, KeSetEvent, PoSetPowerState, _aullshr, IoFreeWorkItem, IoUnregisterPlugPlayNotification, ObfDereferenceObject, KeWaitForSingleObject, IofCallDriver, IoBuildDeviceIoControlRequest, KeInitializeEvent, memcpy, IoGetDeviceObjectPointer, IoQueueWorkItem, IoAllocateWorkItem, IoRegisterPlugPlayNotification, KeClearEvent, WRITE_REGISTER_ULONG, READ_REGISTER_ULONG, ObReferenceObjectByHandle, MmGetPhysicalAddress, KeCancelTimer, KeSetTimerEx, KeInitializeTimerEx, memmove, KeDelayExecutionThread, _aulldiv, strncpy, strncmp, _purecall, sprintf, _allmul, InterlockedPushEntrySList, RtlCompareMemory, IoInvalidateDeviceRelations, KeSetTimer, ExSystemTimeToLocalTime, KeQuerySystemTime, MmUnmapIoSpace, MmMapIoSpace, RtlWriteRegistryValue, ZwCreateKey, swprintf, KeLeaveCriticalRegion, KeEnterCriticalRegion, MmMapLockedPagesSpecifyCache, ExDeleteNPagedLookasideList, KeBugCheck, PsTerminateSystemThread, KeWaitForMultipleObjects, KeSetPriorityThread, PsCreateSystemThread, ExInitializeNPagedLookasideList, memset, _aulldvrm, PoRequestPowerIrp, PoStartNextPowerIrp, PoCallDriver, IoReleaseRemoveLockEx, IoAcquireRemoveLockEx, IoFreeIrp, IoAllocateIrp, IoGetAttachedDeviceReference, _alldiv, IoDeleteSymbolicLink, IoAttachDeviceToDeviceStack, IoCreateSymbolicLink, IoGetConfigurationInformation, IoInitializeRemoveLockEx, IoCreateDevice, RtlUnicodeStringToInteger, wcsncpy, wcsstr, IoDeleteDevice, IoDetachDevice, _wcsupr, IoGetDeviceProperty, ZwCreateDirectoryObject, KeInitializeDpc, KeInitializeTimer, ExRegisterCallback, ExCreateCallback, IoConnectInterrupt, IoReportResourceForDetection, ExUnregisterCallback, IoDisconnectInterrupt, IoReleaseRemoveLockAndWaitEx, RtlCheckRegistryKey, KeRemoveQueueDpc, KeQueryTimeIncrement, KeTickCount, IoFreeMdl, MmProbeAndLockPages, IoAllocateMdl, strncat, RtlAnsiStringToUnicodeString, RtlInitAnsiString, ObfReferenceObject, PoRegisterDeviceForIdleDetection, IoInvalidateDeviceState, IoWriteErrorLogEntry, IoAllocateErrorLogEntry, IoGetDmaAdapter, strstr, RtlCreateRegistryKey, RtlCopyUnicodeString, KeInsertQueueDpc, KefAcquireSpinLockAtDpcLevel, KefReleaseSpinLockFromDpcLevel, IoRequestDeviceEject, KeBugCheckEx, RtlUnwind, RtlInitUnicodeString, ExAllocatePoolWithTag, RtlAppendUnicodeToString, RtlAppendUnicodeStringToString, RtlQueryRegistryValues, _aullrem, ExFreePoolWithTag<BR><BR>( 0 exports )<BR> TrID : File type identification<BR>Win64 Executable Generic (87.2%)<BR>Win32 Executable Generic (8.6%)<BR>Generic Win/DOS Executable (2.0%)<BR>DOS Executable Generic (2.0%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) ssdeep: 6144:1T5EaniYRjsT1SzUPLA/y3MJyCV9VolxyrTX:LRje4kqy8JD9aHQX PEiD : - RDS : NSRL Reference Data Set<BR>- l'analyse a été faite deux fois, la 1ere fois le pc a planté, merci..

Zone affectée : C:/WINDOWS/SYSTEM32/drivers/jastor.sys

j'ai des attaques de backdoor à la connexion, bloquées par Norton, mon pc se déconnecte toutes les heures environ, j'ai un message d'erreur avant la deconnexion qui parle de "com".. tout ce que je peux dire, merci..

Rapport de diagnostic Le rapport de diagnostic de Norton 360 Premier Edition recueille des informations au sujet de votre ordinateur, y compris le système d'exploitation, les programmes et le matériel. Utilisez ce rapport pour identifier les problèmes et les réparer. Si nécessaire, le rapport peut être enregistré, envoyé par courrier électronique ou imprimé pour être examiné par vos amis, votre famille ou des techniciens. Rapport généré le: 07/02/2010 (20:57) -------------------------------------------------------------------------------- Statut Norton 360 Premier Edition Masquer les détails Cette section fournit l'état global et de catégorie pour Norton 360, y compris les dernières analyses, mises à jour et sauvegardes. Fonction Détails Version : 3.8.0.41 Etat opérationnel Protégé Sécurité de l'ordinateur Protégé Protection de l'identité Protégé Sauvegarder Désactivé Optimisation de l'ordinateur Protégé Analyse antivirus et antispyware Dernière exécution : 07/02/2010 Mises à jour de la protection Dernière mise à jour : 07/02/2010 Sauvegarder Jamais exécuté Système d'exploitation Masquer les détails Cette section fournit les détails importants du système d'exploitation comprenant la version, la date de la dernière mise à jour et bien d'autres informations. Fonction Détails Système d'exploitation Microsoft® Windows Vista™ Édition Familiale Premium Niveau de correctif Service Pack 2 Date d'installation 10/12/2007 Code pays 33 Version de la langue du SE 1036 Page de code ANSI 1252 Paramètre régional système 040c Version d'Internet Explorer 8.0.6001.18882 Mise à jour Windows Automatique Date du dernier correctif Windows 27/01/2010 chemin d'accès C:\Program Files\Common Files\Microsoft Shared\Windows Live; C:\Windows\system32; C:\Windows; C:\Windows\System32\Wbem; C:\Program Files\Common Files\Roxio Shared\DLLShared\; C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\; C:\Program Files\Common Files\DivX Shared\ Date du dernier correctif Windows 13/01/2010 Utilisation des ressources Masquer les détails Cette section décrit l'utilisation des ressources principales comprenant : la mémoire vive, l'espace disque et le fichier de pagination. Fonction Détails Taille du fichier de pagination 3 361Mo Fichier de pagination libre 97% Taille de la mémoire physique 3 061Mo Mémoire physique libre 54% Type de disque Disque fixe ID de disque C Espace disque total 178Go Espace disque disp. 109Go Programmes de démarrage Masquer les détails Cette section décrit les programmes qui démarrent automatiquement quand vous démarrez votre ordinateur. Désactiver ou retarder les éléments de démarrage peut améliorer les performances du système. Programme à démarrage automatique Emplacement Fournisseur du logiciel Description Sidebar %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem Microsoft Corporation Volet Windows WindowsWelcomeCenter rundll32.exe oobefldr.dll,ShowWelcomeCenter Microsoft Corporation Centre d'accueil OneNote 2007 - Capture d'écran et lancement OneNote 2007 - Capture d'écran et lancement.lnk Outil de notification Live Search Outil de notification Live Search.lnk SmpcSys C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe Packard Bell BV SmpSys.exe ISUSPM "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler Macrovision Corporation Macrovision Software Manager ehTray.exe C:\Windows\ehome\ehTray.exe Microsoft Corporation Media Center Tray Applet Sidebar C:\Program Files\Windows Sidebar\sidebar.exe Microsoft Corporation Volet Windows WMPNSCFG C:\Program Files\Windows Media Player\WMPNSCFG.exe Microsoft Corporation Application de configuration du service Partage réseau du Lecteur Windows Media Windows Defender %ProgramFiles%\Windows Defender\MSASCui.exe -hide Microsoft Corporation Windows Defender User Interface JMB36X IDE Setup C:\Windows\RaidTool\xInsIDE.exe SynTPEnh C:\Program Files\Synaptics\SynTP\SynTPEnh.exe Synaptics, Inc. Synaptics TouchPad Enhancements RoxWatchTray "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" Sonic Solutions RoxMMTrayApp Module IAAnotif "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" Intel Corporation Event Monitor User Notification Tool NvSvc RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart NVIDIA Corporation NVIDIA Driver Helper Service, Version 156.54 NvCplDaemon RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup NVIDIA Corporation NVIDIA Display Properties Extension NvMediaCenter RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit NVIDIA Corporation NVIDIA Media Center Library neuf_VOD C:\Program Files\neuf_VOD\neuf_VOD.exe GLOW ENTERTAINMENT GROUP SA Lecteur glowria GrooveMonitor "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" Microsoft Corporation GrooveMonitor Utility SunJavaUpdateSched "C:\Program Files\Java\jre6\bin\jusched.exe" Sun Microsystems, Inc. Java Platform SE binary Adobe Reader Speed Launcher "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" Adobe Systems Incorporated Adobe Acrobat SpeedLauncher Adobe ARM "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Adobe Systems Incorporated Adobe Reader and Acrobat Manager Malwarebytes Anti-Malware (reboot) "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript Malwarebytes Corporation Malwarebytes' Anti-Malware Tau Monitor C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe Agnitum Ltd. Tau monitor Programmes installés Masquer les détails Cette section décrit les programmes qui sont installés sur votre ordinateur, la version et la date à laquelle vous les avez installés. Supprimer des programmes inutilisés ou inutiles peut améliorer les performances. Nom Version Auteur Installé Informations Package de pilotes Windows - ITE Tech.Inc. (itecir) HIDClass (01/05/2007 5.0.0003.2) 01/05/2007 5.0.0003.2 ITE Tech.Inc. 10/12/2007 Adobe Flash Player 10 ActiveX 10.0.22.87 Adobe Systems Incorporated 01/03/2009 http://www.adobe.com/go/flashplayer_support/ Adobe Flash Player 10 Plugin 10.0.32.18 Adobe Systems Incorporated 08/11/2009 http://www.adobe.com/go/getflashplayer Adobe Reader 8 10/12/2007 Agnitum Tauscan 1.7 1.70.1414 Agnitum Ltd. 05/02/2010 http://www.agnitum.com/support/ CCleaner 2.28 Piriform 04/02/2010 Conexant HD Audio 4.36.7.60 Conexant 29/12/2009 Creator 9 10/12/2007 DivX Plus DirectShow Filters DivX, Inc. 23/10/2009 Microsoft Office Enterprise 2007 12.0.6425.1000 Microsoft Corporation 05/06/2009 Firefox 10/12/2007 Flash Player 9 Internet Explorer 10/12/2007 Google Desktop 5.9.0911.03589 Google 08/12/2009 http://desktop.google.com/help.html?hl=fr Google BAE 10/12/2007 GoogleDesktop 10/12/2007 GoogleToolbar 10/12/2007 Google Earth 10/12/2007 HijackThis 2.0.2 2.0.2 TrendMicro 05/02/2010 Packard Bell ImageWriter 10/12/2007 Infocentre Rev. 2.0 10/12/2007 Packard Bell LCD Test 10/12/2007 Microsoft .NET Framework 1.1 Security Update (KB953297) 15/10/2009 Malwarebytes' Anti-Malware Malwarebytes Corporation 07/02/2010 http://www.malwarebytes.org Messenger Plus! Live 4.83.0.376 Yuna Software 17/01/2010 http://www.msgpluslive.net Metaboli 10/12/2007 Microsoft .NET Framework 1.1 22/12/2007 Module linguistique Microsoft .NET Framework 3.5 SP1- fra Microsoft Corporation 20/02/2009 http://go.microsoft.com/fwlink/?LinkId=120337 Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 19/02/2009 http://go.microsoft.com/fwlink/?LinkId=120337 Mozilla Firefox (3.0.16) 3.0.16 (fr) Mozilla 11/01/2010 http://fr.www.mozilla.com/fr/ Norton 360 Premier Edition 3.8.0.41 Symantec Corporation 03/02/2010 http://www.symantec.com/fr/fr/support/index.jsp Norton 360 10/12/2007 ADSL Neuf 10/12/2007 Neuf - Kit de connexion 7.2.12.0 Neuf 29/04/2008 http://abonnes.neuf.fr Désinstallation du Lecteur Neuf VOD 08/10/2008 NVIDIA Drivers 24/09/2008 1-Calc (Pocket PC) from Omega One Omega One 08/01/2010 http://www.1calc.com Microsoft® Office Trial 2007 10/12/2007 Packard Bell Demo 10/12/2007 Picasa 3 3.1 Google, Inc. 18/05/2009 http://photos.google.com/ Picasa2 10/12/2007 SetUp My PC 10/12/2007 Shockwave player 10 10/12/2007 StuffPlug 3 3.5.590 iAvatars.com 16/03/2009 Synaptics Pointing Device Driver 9.1.22.0 Synaptics 02/11/2007 Packard Bell Updator 10/12/2007 µTorrent 1.8.4 01/11/2009 http://www.utorrent.com Viewpoint Media Player 08/04/2009 VideoLAN VLC media player 0.8.6d 0.8.6d VideoLAN Team 24/12/2007 http://www.videolan.org Windows Live OneCare safety scanner Microsoft Corporation 03/04/2009 Installation Windows Live 14.0.8089.0726 Microsoft Corporation 02/01/2010 http://support.live.com/ Archiveur WinRAR 24/12/2007 Microsoft Works 9 SE 10/12/2007 Xvid 1.1.3 final uninstall 1.1 Xvid team (Koepi) 17/01/2008 http://forum.doom9.org/forumdisplay.php?f=52 Microsoft Works 9.7.0621 Microsoft Corporation 11/06/2009 http://go.microsoft.com/fwlink/?LinkId=6831 HDReg France 2.0.0 Acxiom 02/11/2007 Assistant de connexion Windows Live ID 6.500.3146.0 Microsoft Corporation 29/12/2009 Outil de téléchargement Windows Live 14.0.8014.1029 Microsoft Corporation 17/12/2008 http://go.microsoft.com/fwlink/?LinkId=118310 Windows Live FolderShare 14.0.8089.726 Microsoft Corporation 02/01/2010 Google Toolbar for Internet Explorer Google Inc. 30/01/2010 Java 6 Update 17 6.0.170 Sun Microsystems, Inc. 19/03/2009 http://java.com Roxio Update Manager 6.0.0 Roxio 13/01/2009 http://www.roxio.com/ Java 6 Update 3 1.6.0.30 Sun Microsystems, Inc. 26/12/2007 http://java.com Java 6 Update 4 1.6.0.40 Sun Microsystems, Inc. 12/05/2008 http://java.com Java 6 Update 5 1.6.0.50 Sun Microsystems, Inc. 11/05/2008 http://java.com Java 6 Update 7 1.6.0.70 Sun Microsystems, Inc. 24/09/2008 http://java.com SeaTools for Windows 1.1.0.9 Packard Bell B.V. 24/02/2008 http://www.packardbell.com/support/ JMB36X Raid Configurer 1.00.0000 JMICRON Technology Corp. 02/11/2007 http://www.JMICRON.com OpenOffice.org Installer 1.0 1.0.9221 Sun Microsystems 24/09/2008 http://www.sun.com/getopenoffice Symantec Technical Support Advanced Chat Controls 3.5.3 Symantec Corporation 11/05/2009 http://www.symantec.com RICOH R5C83x/84x Flash Media Controller Driver Ver.3.50.03 3.50.03 10/12/2007 Windows Media Player Firefox Plugin 1.0.0.8 Microsoft Corp 26/02/2008 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 8.0.50727.4053 Microsoft Corporation 29/07/2009 DivX Codec 6.9.1 DivX, Inc. 23/10/2009 Microsoft Silverlight 3.0.50106.0 Microsoft Corporation 20/01/2010 http://go.microsoft.com/fwlink/?LinkID=91955 DivX Player 7.2.0 DivX, Inc. 23/10/2009 Module de compatibilité pour Microsoft Office System 2007 12.0.6425.1000 Microsoft Corporation 11/11/2009 http://www.microsoft.com/support Intel® Matrix Storage Manager 10/12/2007 Microsoft Office Outlook Connector 12.0.6423.1000 Microsoft Corporation 05/10/2009 Conseiller de mise à niveau vers Windows 7 2.0.5000.0 Microsoft Corporation 29/12/2009 Adobe Reader 9.3 - Français 9.3.0 Adobe Systems Incorporated 26/01/2010 http://www.adobe.fr/support/main.html Spelling Dictionaries Support For Adobe Reader 9 9.0.0 Adobe Systems Incorporated 06/03/2009 http://www.adobe.com/support/main.html Microsoft Office Live Add-in 1.4 2.0.3008.0 Microsoft Corporation 29/12/2009 http://www.officelive.com DivX Converter 7.1.0 DivX, Inc. 23/10/2009 Spybot - Search & Destroy 1.6.2 Safer Networking Limited 09/09/2009 http://www.safer-networking.org/index.php?page=support DivX Web Player 1.5.0 DivX,Inc. 23/10/2009 Marvell Miniport Driver 10.0.4.3 Marvell 02/11/2007 http://www.marvell.com/yukon/support ITECIR Driver 1.00.000 ITE 02/11/2007 Notification Live Search 17/12/2008 Internet Explorer 8.0.6001.18882 Microsoft Corporation http://support.microsoft.com/ Profil de matériel Masquer les détails Cette section répertorie et caractérise les périphériques et composants clés sur ce système. Fonction Détails Fabricant de l'ordinateur Packard Bell BV Modèle EasyNote MB85 Fabricant de carte mère Packard Bell BV Produit PB2A UC Intel® Core2 Duo CPU T7500 @ 2.20GHz Version x64 Family 6 Model 15 Stepping 11 Largeur des données 64bits Taille en cache L2 4 096Ko Vitesse approximative de l'horloge actuelle 2 201Mhz Vitesse approximative de l'horloge maximale 2 201Mhz BIOS Ver 1.00PARTTBL Date 15/10/2007 Version PacBel - 6040000 Emplacements mémoire disponibles sur la carte mère 2 Puce mémoire M1 Mémoire 2147483648 Vitesse 667ns Puce mémoire M2 Mémoire 2147483648 Vitesse 667ns Dispositif de carte mère HD-Audio Etat Désactivé Emplacement système PCI Slot J8B3 Etat Inconnu Emplacement système PCI Slot S9B1 Etat Inconnu Emplacement système PEG Slot J6B2 Etat Utilisé Emplacement système PCI Express Slot J6B1 Etat Utilisé Emplacement système PCI Express Slot J6D1 Etat Disponibilité Emplacement système PCI Express Slot J8B4 Etat Utilisé Emplacement système PCI Express Slot J8D1 Etat Disponibilité Emplacement système PCI Express Slot J7B1 Etat Disponibilité Lecteur CD Optiarc DVD RW AD-7530B ATA Device Type de support DVD Writer Version NX02 Fabricant de la carte vidéo NVIDIA Carte vidéo NVIDIA GeForce 8600M GS RAM 512Mo Mode 1280 x 800 x 4294967296 couleurs Pilote nvd3dum.dll,nvwgf2um.dll Date 16/08/2007 Version 7.15.11.5654 Adaptateur réseau Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller Nom du service yukonwlh Adaptateur réseau Intel® PRO/Wireless 3945ABG Network Connection Nom du service NETw4v32 Fabricant son Conexant Modèle Conexant High Definition SmartAudio HD2 Imprimante Send To Microsoft OneNote Driver Imprimante Microsoft XPS Document Writer Imprimante hp psc 1200 series Site Web http://go.microsoft.com/fwlink/?LinkID=37&...mp;sbp=Printers Nombre d'UC logiques actives 2 Contrôle de connectivité réseau Masquer les détails Cette section vérifie l'état de connexion réseau de votre système. - Vérification de l'état Résultat Etat de la connexion physique le Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller Support déconnecté Etat de la connexion physique le Intel® PRO/Wireless 3945ABG Network Connection Connecté Etat de la configuration réseau Réseau local détecté, LAN, Service d'accès distant installé Itinéraire réseau défini Oui 192.168.1.1 passerelle activée Intel® PRO/Wireless 3945ABG Network Connection Accessible 0.0.0.0 passerelle activée Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller Aucun Réponse rapide Contrôle d'hôte de réseau Internet étendu Aucun Réponse rapide Test de résolution de système DNS (DNS) Réussi pour http://www.symantec.fr Serveur Norton LiveUpdate Accessible Points de restauration du système Masquer les détails Cette section répertorie les points de restauration système qui ont été marqués. Type de point de contrôle Date Windows Update 13/01/2010 Point de contrôle planifié 14/01/2010 Point de contrôle planifié 15/01/2010 Point de contrôle planifié 16/01/2010 Point de contrôle planifié 17/01/2010 Point de contrôle planifié 18/01/2010 Point de contrôle planifié 19/01/2010 Point de contrôle planifié 20/01/2010 Opération de restauration 04/02/2010 Nettoyage de registre Norton 3 04/02/2010 Installed SUPERAntiSpyware Free Edition 04/02/2010 Opération de restauration 04/02/2010 --------------------------------------------------------------------------------

JE n'arrive pas a t envoyer le rapport de Norton il est dit : backdoor tidser inf détecté par analyseur de virus , suppression manuelle requise

Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3701 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 07/02/2010 20:22:42 mbam-log-2010-02-07 (20-22-42).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 249273 Temps écoulé: 1 hour(s), 12 minute(s), 32 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) voici le rapport, merci..

Logfile of random's system information tool 1.06 (written by random/random) Run by PAWLAK at 2010-02-07 17:34:06 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 111 GB (61%) free of 183 GB Total RAM: 3062 MB (59% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:34:13, on 07/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\System32\rundll32.exe C:\Program Files\neuf_VOD\neuf_VOD.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Agnitum\Tauscan 1.7\Taumon.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Users\PAWLAK\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Users\PAWLAK\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Internet Explorer\IELowutil.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe C:\Users\PAWLAK\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\PAWLAK.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NC NUMERICABLE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [neuf_VOD] C:\Program Files\neuf_VOD\neuf_VOD.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [Tau Monitor] C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Outil de notification Live Search.lnk = C:\Users\PAWLAK\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1265110327972 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1265147500130 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A25CD7FB-8389-4E63-B292-C0C513D8A724}: NameServer = 86.64.145.140,84.103.237.140 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing) O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- End of file - 11853 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Extension de garantie.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HDReg.job C:\Windows\tasks\Norton Security Scan for PAWLAK.job C:\Windows\tasks\User_Feed_Synchronization-{058B07B2-81C0-4E5C-910D-EDDF257ACF12}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Symantec NCO BHO - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll [2009-08-22 378736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.DLL [2009-08-22 107896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-30 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-01-30 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}] CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll [2009-08-22 378736] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-30 279664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-23 857648] "RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-01-11 232184] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-03-21 174872] "NvSvc"=C:\Windows\system32\nvsvc.dll [2007-08-16 86016] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-08-16 8478720] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-08-16 81920] "neuf_VOD"=C:\Program Files\neuf_VOD\neuf_VOD.exe [2007-09-26 389120] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000] "Tau Monitor"=C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe [2004-04-07 125440] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2007-07-19 1120568] "ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2007-08-30 205480] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] C:\Users\PAWLAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE Outil de notification Live Search.lnk - C:\Users\PAWLAK\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "DisableStatusMessages"=0 "DisableTaskMgr"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=149 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-02-06 16:21:39 ----D---- C:\rsit 2010-02-05 22:37:20 ----D---- C:\Program Files\Trend Micro 2010-02-05 17:58:07 ----D---- C:\Program Files\Agnitum 2010-02-05 16:04:33 ----D---- C:\Program Files\Norton Security Scan 2010-02-05 16:01:19 ----D---- C:\Windows\BDOSCAN8 2010-02-04 20:02:04 ----A---- C:\Windows\ntbtlog.txt 2010-02-04 15:01:43 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2010-02-04 14:59:51 ----D---- C:\Users\PAWLAK\AppData\Roaming\SUPERAntiSpyware.com 2010-02-04 14:59:51 ----D---- C:\Program Files\SUPERAntiSpyware 2010-02-04 14:56:22 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2010-02-04 14:41:47 ----D---- C:\Users\PAWLAK\AppData\Roaming\Yahoo! 2010-02-04 14:41:46 ----D---- C:\Program Files\Yahoo! 2010-02-04 14:41:23 ----D---- C:\Program Files\CCleaner 2010-02-03 22:49:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-03 21:44:16 ----D---- C:\Users\PAWLAK\AppData\Roaming\Malwarebytes 2010-02-03 21:44:09 ----D---- C:\ProgramData\Malwarebytes 2010-01-22 08:53:00 ----A---- C:\Windows\system32\mshtml.dll 2010-01-22 08:52:59 ----A---- C:\Windows\system32\ieframe.dll 2010-01-22 08:52:58 ----A---- C:\Windows\system32\wininet.dll 2010-01-22 08:52:58 ----A---- C:\Windows\system32\urlmon.dll 2010-01-22 08:52:58 ----A---- C:\Windows\system32\occache.dll 2010-01-22 08:52:58 ----A---- C:\Windows\system32\msfeeds.dll 2010-01-22 08:52:58 ----A---- C:\Windows\system32\iertutil.dll 2010-01-22 08:52:58 ----A---- C:\Windows\system32\iedkcs32.dll 2010-01-22 08:52:57 ----A---- C:\Windows\system32\msfeedssync.exe 2010-01-22 08:52:57 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-01-22 08:52:57 ----A---- C:\Windows\system32\jsproxy.dll 2010-01-22 08:52:57 ----A---- C:\Windows\system32\ieUnatt.exe 2010-01-22 08:52:57 ----A---- C:\Windows\system32\ieui.dll 2010-01-22 08:52:57 ----A---- C:\Windows\system32\iesysprep.dll 2010-01-22 08:52:57 ----A---- C:\Windows\system32\iesetup.dll 2010-01-22 08:52:57 ----A---- C:\Windows\system32\iepeers.dll 2010-01-22 08:52:57 ----A---- C:\Windows\system32\ie4uinit.exe 2010-01-22 08:52:56 ----A---- C:\Windows\system32\iernonce.dll 2010-01-13 09:46:45 ----A---- C:\Windows\system32\t2embed.dll 2010-01-13 09:46:45 ----A---- C:\Windows\system32\fontsub.dll 2010-01-10 21:16:54 ----D---- C:\ProgramData\IncrediMail 2010-01-10 21:16:52 ----D---- C:\ProgramData\IM 2010-01-08 12:13:39 ----D---- C:\Program Files\Omega One ======List of files/folders modified in the last 1 months====== 2010-02-07 17:34:05 ----D---- C:\Windows\Temp 2010-02-07 17:30:59 ----D---- C:\Windows\Prefetch 2010-02-07 14:14:12 ----D---- C:\Windows\system32\drivers 2010-02-07 09:54:19 ----SHD---- C:\System Volume Information 2010-02-06 17:16:26 ----D---- C:\Windows\system32\catroot2 2010-02-05 22:37:20 ----RD---- C:\Program Files 2010-02-05 18:08:37 ----AD---- C:\Windows\System32 2010-02-05 18:06:04 ----D---- C:\Windows\system32\Tasks 2010-02-05 16:09:13 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-02-05 16:04:37 ----D---- C:\Windows\Tasks 2010-02-05 16:04:33 ----D---- C:\ProgramData\Norton 2010-02-05 16:04:32 ----D---- C:\ProgramData\Symantec 2010-02-05 16:04:28 ----D---- C:\Program Files\NortonInstaller 2010-02-05 16:01:21 ----SD---- C:\Windows\Downloaded Program Files 2010-02-05 16:01:19 ----D---- C:\Windows 2010-02-05 12:56:53 ----D---- C:\Users\PAWLAK\AppData\Roaming\uTorrent 2010-02-05 10:59:41 ----D---- C:\Windows\inf 2010-02-05 10:59:41 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-02-05 10:49:28 ----SHD---- C:\Windows\Installer 2010-02-05 10:49:25 ----SD---- C:\ProgramData\Microsoft 2010-02-05 10:49:24 ----D---- C:\Windows\system32\catroot 2010-02-04 22:23:11 ----HD---- C:\ProgramData 2010-02-04 19:51:21 ----D---- C:\Windows\system32\wbem 2010-02-04 19:50:08 ----D---- C:\Program Files\Common Files\InstallShield 2010-02-04 19:50:08 ----D---- C:\Program Files\Common Files\Adobe 2010-02-04 19:50:02 ----D---- C:\Windows\winsxs 2010-02-04 19:50:02 ----D---- C:\Windows\system32\spool 2010-02-04 19:50:02 ----D---- C:\Windows\system32\migration 2010-02-04 19:50:02 ----D---- C:\Windows\system32\CodeIntegrity 2010-02-04 19:50:01 ----D---- C:\Program Files\Windows Mail 2010-02-04 19:50:01 ----D---- C:\Program Files\Mozilla Firefox 2010-02-04 19:50:01 ----D---- C:\Program Files\Microsoft Works 2010-02-04 19:50:01 ----D---- C:\Program Files\Microsoft Silverlight 2010-02-04 19:50:01 ----D---- C:\Program Files\Messenger Plus! Live 2010-02-04 19:50:01 ----D---- C:\Program Files\Internet Explorer 2010-02-04 19:50:00 ----D---- C:\Windows\registration 2010-02-04 18:40:02 ----D---- C:\Windows\system32\config 2010-02-04 18:39:55 ----D---- C:\Windows\system32\Msdtc 2010-02-04 18:39:54 ----D---- C:\Program Files\Common Files 2010-02-04 14:46:48 ----D---- C:\Windows\Minidump 2010-02-04 14:46:48 ----D---- C:\Windows\Debug 2010-02-04 11:37:49 ----HD---- C:\Program Files\InstallShield Installation Information 2010-02-03 23:10:35 ----D---- C:\Windows\Performance 2010-02-03 19:46:29 ----D---- C:\Windows\LiveKernelReports 2010-02-01 20:08:20 ----SD---- C:\Users\PAWLAK\AppData\Roaming\Microsoft 2010-01-30 22:47:26 ----D---- C:\Program Files\Google 2010-01-26 22:46:02 ----D---- C:\ProgramData\Adobe 2010-01-17 09:24:10 ----D---- C:\ProgramData\Messenger Plus! 2010-01-13 22:03:49 ----D---- C:\ProgramData\Microsoft Help ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys [2009-08-22 259632] R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\N360\0308000.029\ccHPx86.sys [2009-08-22 482432] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-02-04 371248] R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100204.001\IDSvix86.sys [2009-10-28 343088] R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\N360\0308000.029\SRTSP.SYS [2009-08-22 308272] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\N360\0308000.029\SRTSPX.SYS [2009-08-22 43696] R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-08-22 25648] R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\N360\0308000.029\SYMTDI.SYS [2009-08-22 217136] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-08-26 102448] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-09-09 26600] R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-01-08 46592] R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100206.035\NAVENG.SYS [2010-02-04 84912] R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100206.035\NAVEX15.SYS [2010-02-04 1324720] R3 NETw4v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-30 2219520] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-08-16 7610784] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-09-11 124976] R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360\0308000.029\SYMFW.SYS [2009-08-22 89904] R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS [2009-08-22 48688] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-23 182584] R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-07-13 163328] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 NETw3v32;Pilote de carte Intel® PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096] R2 N360;Norton 360; C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe [2009-08-22 117640] R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-01-11 166648] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808] R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-01-11 887544] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30 135664] S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-07 30192] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-18 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728] S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe [2008-02-01 394704] -----------------EOF----------------- je n'ai qu'un fichier, je n'ai pas info.txt, merci..

Bonjour, Mon antivirus Norton a trouvé un backdoor tidserf inf, qu'il ne peut supprimer, mon pc est sans cesse déconnecté, je ne sais plus quoi faire pour m'en débarasser, merci de bien vouloir m'aider

Bonsoir, qui peut m'aider à me débarasser de mon virus, svp?? merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:38:53, on 05/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\System32\rundll32.exe C:\Program Files\neuf_VOD\neuf_VOD.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Agnitum\Tauscan 1.7\Taumon.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Users\PAWLAK\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Users\PAWLAK\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NC NUMERICABLE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [neuf_VOD] C:\Program Files\neuf_VOD\neuf_VOD.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [Tau Monitor] C:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Outil de notification Live Search.lnk = C:\Users\PAWLAK\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1265110327972 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1265147500130 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A25CD7FB-8389-4E63-B292-C0C513D8A724}: NameServer = 86.64.145.140,84.103.237.140 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing) O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- End of file - 12024 bytes