Aller au contenu

Sebaou01

Membres
  • Compteur de contenus

    10
  • Inscription

  • Dernière visite

Autres informations

  • Votre config
    Lenovo T420 - Windows Seven
  • Mes langues
    Francais

Sebaou01's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Bonjour, Une piste suite à ces dernieres vérifications ? Que puis initier à présent pour identifier la source de ce problème est vraiment genant au jour le jour. Merci d'avance de votre aide.
  2. Bonjour, Désolé mon cas est casse-pied....je ne pense pas avoir loupé qqchose dans toutes les opérations demandées, c'est à désespérer. Avec DrWeb CureIt exécuté en mode sans échec: il a été trouvé juste ceci: launchmyhelp.exe C:\Windows\SysWOW64 Win32.HLLC.Winatch Irréparable.Quarantaine. Kaspersky Virus Removal Tool exécuté lui aussi en mode sans échec (il fallait peut ^^etre le faire en mode standard ?) n'a rine trouvé de plus. le pb ^^ est toujours là.
  3. Bonsoir, Comme pressenti , MRT n'a rien trouvé. Par contre, on regardant le sujet suivant sur le forum, [Résolu] Double accent - Forums Zebulon.fr J'ai essayé de redémarrer en mode sans échec et là le probléme n'est pas présent. En repassant en mode windows normal, le problème réapparait. Est ce que cela peut aider au diagnostic ? Merci d'avance.
  4. Mea culpa, on ne m'y pendra plus d'aller télécharger des softs sur le premier site venu... Le problème ^^ est présent dans toutes les applications d'IE à FF en passant par Word... Bref généralisé. Que puis-je faire à présent pour essayer de le solutionner? Un grand merci pour l'aide apportée.
  5. Bonsoir, Je commence à me demander si la source du problème n'est pas autre chose qu'une virus ou autre malware. Le rapport ESET donne uniquement ceci: D:\Documents\Download\Personnel\3D Block\SoftonicDownloader_pour_domination.exe Win32/SoftonicDownloader.D application cleaned by deleting - quarantined Et le problème est malheuresement toujours là...
  6. Bonjour, J'ai basculé sur les claviers Francais (Monaco avec le m^^me pb) ou (Suisse mais stuture de clavier différente), puis vers un clavier Querty ( Anglais UK de base)en supprimant le clavier Francais puis en l'ajoutant à nouveau pour y rebasculer sans succès. La machine est rapide , elle récente et le disque principal est SSD. Après le passage de ComboxFix, le problème est toujours là. Il y a eu qqs messages lié à l'antivirus Symantec Real Time, que j'ai normalement plus ou moins réussi à désactiver pour l'exécution. Merci pour votre persévérabce sur mon cas. Voici le rapport: ComboFix 12-10-19.01 - venant 20/10/2012 9:38.2.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8075.5044 [GMT 2:00] Running from: c:\users\IBM_ADMIN\Desktop\ComboFix.exe AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} FW: Symantec Endpoint Protection *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\SysWow64\EuFfLDB.exe . . ((((((((((((((((((((((((( Files Created from 2012-09-20 to 2012-10-20 ))))))))))))))))))))))))))))))) . . 2012-10-20 07:42 . 2012-10-20 07:42 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-19 21:12 . 2012-10-19 21:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-10-19 21:12 . 2012-09-29 17:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-19 19:42 . 2012-10-19 20:57 -------- d-----w- c:\program files (x86)\ZHPDiag 2012-10-19 19:14 . 2012-10-19 19:40 -------- d-----w- C:\UsbFix 2012-10-19 18:13 . 2012-10-19 18:13 -------- d-----w- c:\program files (x86)\Trend Micro 2012-10-18 21:05 . 2012-10-18 21:05 -------- d-----w- c:\programdata\Kaspersky Lab 2012-10-18 20:38 . 2012-10-18 20:38 -------- d-----w- c:\windows\SysWow64\Liste Spéciale 2012-10-18 20:37 . 2012-10-19 21:01 -------- d-----w- C:\ZHP 2012-10-18 18:47 . 2012-10-18 18:47 -------- d-----w- c:\users\IBM_ADMIN\AppData\Local\Macromedia 2012-10-18 06:40 . 2012-10-18 06:47 -------- d-----w- c:\users\IBM_ADMIN\AppData\Roaming\Systweak 2012-10-18 06:40 . 2012-09-21 10:05 17080 ----a-w- c:\windows\system32\roboot64.exe 2012-10-17 22:18 . 2012-10-17 22:18 -------- d-----w- c:\users\IBM_ADMIN\AppData\Local\Apps 2012-10-17 15:53 . 2012-10-17 15:53 -------- d-----w- c:\users\IBM_ADMIN\AppData\Roaming\Malwarebytes 2012-10-17 15:53 . 2012-10-17 15:53 -------- d-----w- c:\programdata\Malwarebytes 2012-10-17 14:19 . 2012-10-17 14:19 -------- d-----w- c:\program files (x86)\My Company Name 2012-10-17 14:08 . 2012-10-17 14:08 -------- d-----w- C:\notes8bkp 2012-10-16 19:45 . 2012-10-16 19:47 -------- d-----w- C:\Notes_Preferences_Backup 2012-10-16 09:46 . 2012-10-16 09:46 67072 ----a-w- c:\windows\system32\EuFfLDB.exe 2012-10-13 13:26 . 2012-10-13 13:26 -------- d-----w- c:\users\IBM_ADMIN\AppData\Roaming\YourFileDownloader 2012-10-09 15:03 . 2012-10-09 15:03 -------- d-----w- c:\program files (x86)\TechSmith 2012-10-09 15:01 . 2012-10-09 15:01 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-10-03 08:04 . 2012-10-16 20:28 -------- d-----w- C:\swd 2012-09-28 20:34 . 2012-09-28 20:34 -------- d-----w- c:\windows\system32\20-20 Technologies . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-19 19:27 . 2012-10-19 19:26 267994563 ----a-w- C:\UsbFix_Upload_Me_IBM-PBNRC21.zip 2012-10-15 20:03 . 2012-09-12 15:43 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-15 20:03 . 2012-05-07 12:15 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-02 18:08 . 2010-11-11 06:13 233120 ----a-w- c:\windows\system32\drivers\wpshelper.sys 2012-09-14 08:37 . 2012-09-14 08:37 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-09-14 08:37 . 2012-09-14 08:37 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2012-09-14 08:37 . 2012-09-14 08:37 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2012-09-14 08:37 . 2012-09-14 08:37 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2012-09-14 08:37 . 2012-09-14 08:37 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-09-14 08:37 . 2012-09-14 08:37 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2012-09-14 08:37 . 2012-09-14 08:37 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-09-14 08:37 . 2012-09-14 08:37 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2012-09-14 08:37 . 2012-09-14 08:37 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-09-14 08:37 . 2012-09-14 08:37 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-09-14 08:37 . 2012-09-14 08:37 89088 ----a-w- c:\windows\system32\ie4uinit.exe 2012-09-14 08:37 . 2012-09-14 08:37 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-09-14 08:37 . 2012-09-14 08:37 82432 ----a-w- c:\windows\system32\icardie.dll 2012-09-14 08:37 . 2012-09-14 08:37 816640 ----a-w- c:\windows\system32\jscript.dll 2012-09-14 08:37 . 2012-09-14 08:37 76800 ----a-w- c:\windows\system32\tdc.ocx 2012-09-14 08:37 . 2012-09-14 08:37 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-09-14 08:37 . 2012-09-14 08:37 65024 ----a-w- c:\windows\system32\pngfilt.dll 2012-09-14 08:37 . 2012-09-14 08:37 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2012-09-14 08:37 . 2012-09-14 08:37 55296 ----a-w- c:\windows\system32\msfeedsbs.dll 2012-09-14 08:37 . 2012-09-14 08:37 534528 ----a-w- c:\windows\system32\ieapfltr.dll 2012-09-14 08:37 . 2012-09-14 08:37 49664 ----a-w- c:\windows\system32\imgutil.dll 2012-09-14 08:37 . 2012-09-14 08:37 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-09-14 08:37 . 2012-09-14 08:37 452608 ----a-w- c:\windows\system32\dxtmsft.dll 2012-09-14 08:37 . 2012-09-14 08:37 448512 ----a-w- c:\windows\system32\html.iec 2012-09-14 08:37 . 2012-09-14 08:37 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-09-14 08:37 . 2012-09-14 08:37 39936 ----a-w- c:\windows\system32\iernonce.dll 2012-09-14 08:37 . 2012-09-14 08:37 3695416 ----a-w- c:\windows\system32\ieapfltr.dat 2012-09-14 08:37 . 2012-09-14 08:37 367104 ----a-w- c:\windows\SysWow64\html.iec 2012-09-14 08:37 . 2012-09-14 08:37 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2012-09-14 08:37 . 2012-09-14 08:37 282112 ----a-w- c:\windows\system32\dxtrans.dll 2012-09-14 08:37 . 2012-09-14 08:37 267776 ----a-w- c:\windows\system32\ieaksie.dll 2012-09-14 08:37 . 2012-09-14 08:37 248320 ----a-w- c:\windows\system32\ieui.dll 2012-09-14 08:37 . 2012-09-14 08:37 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-09-14 08:37 . 2012-09-14 08:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-09-14 08:37 . 2012-09-14 08:37 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-09-14 08:37 . 2012-09-14 08:37 2312704 ----a-w- c:\windows\system32\jscript9.dll 2012-09-14 08:37 . 2012-09-14 08:37 222208 ----a-w- c:\windows\system32\msls31.dll 2012-09-14 08:37 . 2012-09-14 08:37 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-09-14 08:37 . 2012-09-14 08:37 197120 ----a-w- c:\windows\system32\msrating.dll 2012-09-14 08:37 . 2012-09-14 08:37 17809920 ----a-w- c:\windows\system32\mshtml.dll 2012-09-14 08:37 . 2012-09-14 08:37 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-09-14 08:37 . 2012-09-14 08:37 163840 ----a-w- c:\windows\system32\ieakui.dll 2012-09-14 08:37 . 2012-09-14 08:37 160256 ----a-w- c:\windows\system32\ieakeng.dll 2012-09-14 08:37 . 2012-09-14 08:37 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2012-09-14 08:37 . 2012-09-14 08:37 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2012-09-14 08:37 . 2012-09-14 08:37 149504 ----a-w- c:\windows\system32\occache.dll 2012-09-14 08:37 . 2012-09-14 08:37 145920 ----a-w- c:\windows\system32\iepeers.dll 2012-09-14 08:37 . 2012-09-14 08:37 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-09-14 08:37 . 2012-09-14 08:37 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-09-14 08:37 . 2012-09-14 08:37 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-09-14 08:37 . 2012-09-14 08:37 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-09-14 08:37 . 2012-09-14 08:37 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-09-14 08:37 . 2012-09-14 08:37 12288 ----a-w- c:\windows\system32\mshta.exe 2012-09-14 08:37 . 2012-09-14 08:37 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2012-09-14 08:37 . 2012-09-14 08:37 114176 ----a-w- c:\windows\system32\admparse.dll 2012-09-14 08:37 . 2012-09-14 08:37 111616 ----a-w- c:\windows\system32\iesysprep.dll 2012-09-14 08:37 . 2012-09-14 08:37 10925568 ----a-w- c:\windows\system32\ieframe.dll 2012-09-14 08:37 . 2012-09-14 08:37 10752 ----a-w- c:\windows\system32\msfeedssync.exe 2012-09-14 08:37 . 2012-09-14 08:37 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2012-09-14 08:37 . 2012-09-14 08:37 85504 ----a-w- c:\windows\system32\iesetup.dll 2012-09-14 08:37 . 2012-09-14 08:37 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-09-14 08:37 . 2012-09-14 08:37 697344 ----a-w- c:\windows\system32\msfeeds.dll 2012-09-14 08:37 . 2012-09-14 08:37 603648 ----a-w- c:\windows\system32\vbscript.dll 2012-09-14 08:37 . 2012-09-14 08:37 403248 ----a-w- c:\windows\system32\iedkcs32.dll 2012-09-14 08:37 . 2012-09-14 08:37 30720 ----a-w- c:\windows\system32\licmgr10.dll 2012-09-14 08:37 . 2012-09-14 08:37 249344 ----a-w- c:\windows\system32\webcheck.dll 2012-09-14 08:37 . 2012-09-14 08:37 237056 ----a-w- c:\windows\system32\url.dll 2012-09-14 08:37 . 2012-09-14 08:37 165888 ----a-w- c:\windows\system32\iexpress.exe 2012-09-14 08:37 . 2012-09-14 08:37 160256 ----a-w- c:\windows\system32\wextract.exe 2012-09-14 08:37 . 2012-09-14 08:37 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-09-14 08:37 . 2012-09-14 08:37 103936 ----a-w- c:\windows\system32\inseng.dll 2012-09-12 07:11 . 2012-09-12 07:11 123066 ----a-w- c:\windows\SysWow64\PGPlspRollback.reg 2012-07-31 09:31 . 2012-09-12 15:29 87152 ----a-w- c:\windows\system32\cpwmon64.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NetSP - restore settings on power failure"="c:\program files (x86)\AT&T Network Client\NetSP.exe" [2010-09-09 53600] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2011-03-24 115560] "C4EBReg"="c:\program files (x86)\C4ebreg\c4ebreg.exe" [2012-05-24 499000] "Isamtray"="c:\program files (x86)\C4ebreg\isamtray.exe" [2012-05-24 314680] "ACWLIcon"="c:\program files (x86)\Lenovo\Access Connections\ACWLIcon.exe" [2011-04-14 193896] "ACTray"="c:\program files (x86)\Lenovo\Access Connections\ACTray.exe" [2011-04-14 431464] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "stgclean"="c:\sdwork\w32maing.exe" [2012-07-25 291328] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "GrpConv"="grpconv -o" [X] "Malwarebytes Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-09-29 766536] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AT&T Global Network Client Monitor.lnk - c:\windows\Installer\{007AAB7C-E893-48BD-9DA2-7F417CA16322}\NetGM1_89563E53ECF44E868145468A128BDC83.exe [2012-5-7 91504] Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2010-12-18 1202976] PGP Tray.lnk - c:\windows\Installer\{806D3984-9484-470A-BC63-3B7F65488B58}\Icon6560581611.exe [2012-9-12 55296] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "FilterAdministratorToken"= 1 (0x1) "SoftwareSASGeneration"= 3 (0x3) "UacDisableNotify"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au] "NoAutoUpdate"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2011-05-31 41320] R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-04-04 45496] R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-05-31 59240] R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032] R2 LNSUSvc;Lotus Notes Smart Upgrade Service;c:\notes\SUService.exe [2011-09-16 189832] R2 Lotus Notes Diagnostics;Lotus Notes Diagnostics;c:\notes\nsd.exe [2012-07-19 4448256] R2 NetClientSvc;AT&T Global Network Client Service;c:\program files (x86)\AT&T Network Client\NetClientSvc.exe [2010-09-09 349536] R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-04-20 144232] R2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-03-29 64952] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-15 250808] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 71168] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k60x64.sys [2009-06-10 220672] R3 ecnssndis; Mobile Broadband Driver;c:\windows\System32\Drivers\wwuss64.sys [2012-04-27 26664] R3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\System32\Drivers\wwussf64.sys [2012-04-27 30248] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-04-27 117248] R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2012-04-27 13952] R3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2012-04-27 56344] R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2012-04-27 91648] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-04-27 86016] R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\drivers\ew_juextctrl.sys [2012-04-27 29696] R3 huawei_update;huawei_update;c:\windows\system32\drivers\ew_hwupgrade.sys [2012-04-27 22528] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2012-04-27 158976] R3 l36wgps; Mobile Broadband GPS Port;c:\windows\system32\drivers\l36wgps64.sys [2012-04-27 101416] R3 Mbm3CBus;F3507g Mobile Broadband Device (WDM);c:\windows\system32\drivers\Mbm3CBus.sys [2012-04-27 411208] R3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM);c:\windows\system32\drivers\Mbm3DevMt.sys [2012-04-27 419912] R3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2012-04-27 56344] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2012-04-27 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2012-04-27 181248] R3 rimspci;rimspci;c:\windows\system32\drivers\rimspe64.sys [2012-04-27 61952] R3 rixdpcie;rixdpcie;c:\windows\system32\drivers\rixdpe64.sys [2012-04-27 55808] R3 TRCTARGET;Tivoli Endpoint Manager for Remote Control - Target;c:\program files (x86)\IBM\Tivoli\Remote Control\Target\trc_base.exe [2012-02-09 745472] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-29 1255736] S0 Pgpwdefs;Pgpwdefs;c:\windows\system32\DRIVERS\Pgpwdefs.sys [2012-07-21 15848] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024] S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2011-01-13 23664] S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136] S2 NetLogSvc;AT&T Global Network Client Logging Service;c:\program files (x86)\AT&T Network Client\NetLogSvc.exe [2010-09-09 79200] S2 PGP RDD Service;PGP RDD Service;c:\program files (x86)\PGP Corporation\PGP Desktop\RDDService.exe [2012-07-21 1588544] S2 risdxc;risdxc;c:\windows\system32\drivers\risdxc64.sys [2012-04-27 98816] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984] S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2012-04-27 166016] S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2012-04-27 425000] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-04-27 39464] S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2012-04-27 292864] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2012-04-27 316080] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-11 138912] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-04-27 317440] S3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys [2012-04-27 118016] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 8505856] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 7631621DRV *NewlyCreated* - 89953577 . Contents of the 'Scheduled Tasks' folder . 2012-10-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-12 20:03] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-27 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-27 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-27 418840] "TpShocks"="TpShocks.exe" [2011-01-14 380776] "AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2011-04-14 31592] "LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2011-05-31 40808] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm Trusted Zone: ibm.com\w3-03 TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{07F8DB4C-E40A-4104-BD35-071AE5C53BC4}: NameServer = 9.64.163.21,9.64.162.21 TCP: Interfaces\{56881DA6-77FF-40A0-96AD-8E28AC6C46BB}: NameServer = 192.168.10.110 FF - ProfilePath - c:\users\IBM_ADMIN\AppData\Roaming\Mozilla\Firefox\Profiles\q7atmnm0.default\ FF - prefs.js: browser.startup.homepage - hxxp://w3.ibm.com FF - ExtSQL: 2012-09-19 14:23; {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}; c:\users\IBM_ADMIN\AppData\Roaming\Mozilla\Firefox\Profiles\q7atmnm0.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}.xpi . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-RunOnce-<NO NAME> - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-10-20 09:44:46 ComboFix-quarantined-files.txt 2012-10-20 07:44 . Pre-Run: 57 376 800 768 bytes free Post-Run: 57 561 583 616 bytes free . - - End Of File - - 0D4D2AC92F88753A427406EEE3D1A91D
  7. Un grand merci en tout cas pour cette assistance. voici les trois éléments demandés. Le pb est lui toujours présent ~~ Voici le rapport ZHPFix: Rapport de ZHPFix 1.3.05 par Nicolas Coolman, Update du 09/10/2012 Fichier d'export Registre : Run by venant at 19/10/2012 23:01:52 Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601) Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com ========== Task ========== DELETED Task: DealPlyUpdate ========== Summary ========== 1 : Task End of clean in 00mn 01s ========== Report File ========== C:\ZHP\ZHPFix[R1].txt - 19/10/2012 23:01:52 [422] Ensuit le rapport SFT : Lien CJoint.com BJtxjqDAx1y enfin le rapport MBAM: J'avais déjà installé MBAM qui m'avait trouvé un trojan. Malwarebytes Anti-Malware (Essai) 1.65.1.1000 www.malwarebytes.org Version de la base de données: v2012.10.19.14 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 venant :: IBM-PBNRC21 [administrateur] Protection: Désactivé 19/10/2012 23:18:42 mbam-log-2012-10-19 (23-18-42).txt Type d'examen: Examen complet (C:\|D:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 418331 Temps écoulé: 23 minute(s), 30 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 0 (Aucun élément nuisible détecté) (fin)
  8. Malheuresement le problème est toujours présent... ^^ Voici le rapport ZHPDiag: Rapport sur Cjoint
  9. Bonsoir, Merci de l'aide apportée. Voici es deux fichiers de log USBfix demandée. D'abord le résultat du "research" USBFix: ############################## | UsbFix V 7.097 | [Research] User: venant (Administrator) # IBM-PBNRC21 Updated 02/09/2012 by El Desaparecido Started at 21:16:47 | 19/10/2012 Website: http://eldesaparecido.com Forum: SosVirus • Portail Suspicious file ? : http://eldesaparecido.com/upload.php Contact: [email protected] PC: LENOVO (4180AG8) (x64-based PC CPU: Intel® Core i5-2520M CPU @ 2.50GHz (2501) RAM -> [Total : 8075 | Free : 4652] BIOS: Default System BIOS BOOT: Normal boot OS: Microsoft Windows 7 Professional (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: Symantec Endpoint Protection [Enabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 119 Gb (51 Mb free - 43%) [Local Disk] # NTFS D:\ -> Fixed drive # 298 Gb (255 Mb free - 86%) [New Volume] # NTFS ################## | Active Processes | C:\Windows\system32\csrss.exe (540) C:\Windows\system32\csrss.exe (636) C:\Windows\system32\wininit.exe (644) C:\Windows\system32\services.exe (696) C:\Windows\system32\lsass.exe (704) C:\Windows\system32\lsm.exe (716) C:\Windows\system32\winlogon.exe (740) C:\Windows\system32\svchost.exe (848) C:\Windows\system32\ibmpmsvc.exe (912) C:\Windows\system32\svchost.exe (968) C:\Windows\System32\svchost.exe (456) C:\Windows\System32\svchost.exe (568) C:\Windows\system32\svchost.exe (1108) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe (1212) C:\Windows\system32\svchost.exe (1336) C:\Windows\system32\WLANExt.exe (1452) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (1460) C:\Windows\system32\conhost.exe (1468) C:\Windows\system32\Dwm.exe (1588) C:\Windows\Explorer.EXE (1604) C:\Windows\System32\spoolsv.exe (1904) C:\Windows\system32\taskhost.exe (1912) C:\Windows\system32\svchost.exe (1972) C:\Windows\system32\svchost.exe (2012) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe (2032) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe (2068) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (2104) C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe (2148) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe (2320) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (2508) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (2568) C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClient.exe (2628) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe (2664) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (2752) C:\Windows\system32\svchost.exe (2792) C:\Program Files (x86)\C4ebreg\c4ebreg.exe (2860) c:\sdwork\issimsvc.exe (2884) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe (2920) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe (2944) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (2968) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe (3000) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe (3036) c:\notes\SUService.exe (1508) c:\notes\nsd.exe (2692) C:\Program Files (x86)\AT&T Network Client\netcfgsvr.exe (2276) C:\Program Files (x86)\AT&T Network Client\NetClientSvc.exe (2292) C:\Program Files (x86)\AT&T Network Client\NetLogSvc.exe (3076) C:\Program Files (x86)\PGP Corporation\PGP Desktop\RDDService.exe (3152) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (3188) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe (3260) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (3368) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe (3492) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (3512) C:\Windows\system32\wbem\unsecapp.exe (3892) C:\Windows\system32\svchost.exe (3996) C:\Windows\System32\rundll32.exe (4268) C:\Windows\system32\rundll32.exe (4308) C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE (4340) C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE (4372) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe (4728) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (4896) C:\Windows\System32\igfxtray.exe (4424) C:\Windows\System32\hkcmd.exe (4512) C:\Windows\System32\igfxpers.exe (4176) C:\Windows\System32\TpShocks.exe (4652) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (5072) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (4388) C:\Program Files\Windows Sidebar\sidebar.exe (1616) C:\Windows\System32\StikyNot.exe (4260) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (4128) C:\Program Files (x86)\C4ebreg\isamtray.exe (464) C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe (4156) C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe (1632) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (1636) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (4624) C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe (4028) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (1732) C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPcbt64.exe (1220) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe (5592) C:\Windows\SysWOW64\RunDll32.exe (5500) C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClientUI.exe (6992) C:\Windows\system32\svchost.exe (3164) C:\Program Files\Internet Explorer\iexplore.exe (3712) C:\Program Files\Internet Explorer\iexplore.exe (6700) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_4_402_287_ActiveX.exe (3652) C:\Program Files\Internet Explorer\iexplore.exe (7040) C:\Program Files (x86)\AT&T Network Client\NetClient.exe (4304) C:\Program Files (x86)\AT&T Network Client\NetMsg.exe (6912) C:\Program Files (x86)\AT&T Network Client\SwiApiMux.exe (5632) C:\Program Files\Internet Explorer\iexplore.exe (1028) C:\Program Files (x86)\Internet Explorer\IELowutil.exe (6744) c:\sdwork\issimgui.exe (7984) C:\Windows\system32\svchost.exe (9160) C:\Windows\system32\wbem\wmiprvse.exe (8848) C:\notes\nlnotes.exe (8344) C:\notes\ntaskldr.EXE (3772) C:\Program Files\Internet Explorer\iexplore.exe (5364) C:\UsbFix\Go.exe (7428) ################## | Files # Infected Folders | ################## | Registry | ################## | Mountpoints2 | ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) ################## | E.O.F | et le résultat après l'action "deletion" ############################## | UsbFix V 7.097 | [Deletion] User: venant (Administrator) # IBM-PBNRC21 Updated 02/09/2012 by El Desaparecido Started at 21:24:37 | 19/10/2012 Website: http://eldesaparecido.com Forum: SosVirus • Portail Suspicious file ? : http://eldesaparecido.com/upload.php Contact: [email protected] PC: LENOVO (4180AG8) (x64-based PC CPU: Intel® Core i5-2520M CPU @ 2.50GHz (2501) RAM -> [Total : 8075 | Free : 4606] BIOS: Default System BIOS BOOT: Normal boot OS: Microsoft Windows 7 Professional (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: Symantec Endpoint Protection [Enabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 119 Gb (51 Mb free - 43%) [Local Disk] # NTFS ################## | Active Processes | C:\Windows\system32\csrss.exe (540) C:\Windows\system32\csrss.exe (636) C:\Windows\system32\wininit.exe (644) C:\Windows\system32\services.exe (696) C:\Windows\system32\lsass.exe (704) C:\Windows\system32\lsm.exe (716) C:\Windows\system32\winlogon.exe (740) C:\Windows\system32\svchost.exe (848) C:\Windows\system32\ibmpmsvc.exe (912) C:\Windows\system32\svchost.exe (968) C:\Windows\System32\svchost.exe (456) C:\Windows\System32\svchost.exe (568) C:\Windows\system32\svchost.exe (1108) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe (1212) C:\Windows\system32\svchost.exe (1336) C:\Windows\system32\WLANExt.exe (1452) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (1460) C:\Windows\system32\conhost.exe (1468) C:\Windows\system32\Dwm.exe (1588) C:\Windows\Explorer.EXE (1604) C:\Windows\System32\spoolsv.exe (1904) C:\Windows\system32\taskhost.exe (1912) C:\Windows\system32\svchost.exe (1972) C:\Windows\system32\svchost.exe (2012) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe (2032) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe (2068) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (2104) C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe (2148) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe (2320) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (2508) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (2568) C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClient.exe (2628) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe (2664) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (2752) C:\Windows\system32\svchost.exe (2792) C:\Program Files (x86)\C4ebreg\c4ebreg.exe (2860) c:\sdwork\issimsvc.exe (2884) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe (2920) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe (2944) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (2968) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe (3000) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe (3036) c:\notes\SUService.exe (1508) c:\notes\nsd.exe (2692) C:\Program Files (x86)\AT&T Network Client\netcfgsvr.exe (2276) C:\Program Files (x86)\AT&T Network Client\NetClientSvc.exe (2292) C:\Program Files (x86)\AT&T Network Client\NetLogSvc.exe (3076) C:\Program Files (x86)\PGP Corporation\PGP Desktop\RDDService.exe (3152) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (3188) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe (3260) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (3368) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe (3492) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (3512) C:\Windows\system32\wbem\unsecapp.exe (3892) C:\Windows\system32\svchost.exe (3996) C:\Windows\System32\rundll32.exe (4268) C:\Windows\system32\rundll32.exe (4308) C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE (4340) C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE (4372) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe (4728) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (4896) C:\Windows\System32\igfxtray.exe (4424) C:\Windows\System32\hkcmd.exe (4512) C:\Windows\System32\igfxpers.exe (4176) C:\Windows\System32\TpShocks.exe (4652) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (5072) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (4388) C:\Program Files\Windows Sidebar\sidebar.exe (1616) C:\Windows\System32\StikyNot.exe (4260) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (4128) C:\Program Files (x86)\C4ebreg\isamtray.exe (464) C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe (4156) C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe (1632) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (1636) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (4624) C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe (4028) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (1732) C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPcbt64.exe (1220) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe (5592) C:\Windows\SysWOW64\RunDll32.exe (5500) C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClientUI.exe (6992) C:\Windows\system32\svchost.exe (3164) C:\Program Files\Internet Explorer\iexplore.exe (3712) C:\Program Files\Internet Explorer\iexplore.exe (6700) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_4_402_287_ActiveX.exe (3652) C:\Program Files\Internet Explorer\iexplore.exe (7040) C:\Program Files (x86)\AT&T Network Client\NetClient.exe (4304) C:\Program Files (x86)\AT&T Network Client\NetMsg.exe (6912) C:\Program Files (x86)\AT&T Network Client\SwiApiMux.exe (5632) C:\Program Files\Internet Explorer\iexplore.exe (1028) C:\Program Files (x86)\Internet Explorer\IELowutil.exe (6744) c:\sdwork\issimgui.exe (7984) C:\Windows\system32\svchost.exe (9160) C:\Windows\system32\wbem\wmiprvse.exe (8848) C:\notes\nlnotes.exe (8344) C:\notes\ntaskldr.EXE (3772) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE (7432) C:\Windows\splwow64.exe (1224) C:\Program Files\Internet Explorer\iexplore.exe (4044) C:\UsbFix\Go.exe (7940) ################## | Stopped processes | Stopped! C:\Windows\system32\ibmpmsvc.exe (912) Stopped! C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe (1212) Stopped! C:\Windows\system32\WLANExt.exe (1452) Stopped! C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (1460) Stopped! C:\Windows\System32\spoolsv.exe (1904) Stopped! C:\Windows\system32\taskhost.exe (1912) Stopped! C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe (2032) Stopped! C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe (2068) Stopped! C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (2104) Stopped! C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe (2148) Stopped! C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (2508) Stopped! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (2568) Stopped! C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClient.exe (2628) Stopped! C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe (2664) Stopped! C:\Program Files\Intel\WiFi\bin\EvtEng.exe (2752) Stopped! C:\Program Files (x86)\C4ebreg\c4ebreg.exe (2860) Stopped! c:\sdwork\issimsvc.exe (2884) Stopped! C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe (2920) Stopped! C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe (2944) Stopped! C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (2968) Stopped! C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe (3000) Stopped! C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe (3036) Stopped! c:\notes\SUService.exe (1508) Stopped! c:\notes\nsd.exe (2692) Stopped! C:\Program Files (x86)\AT&T Network Client\netcfgsvr.exe (2276) Stopped! C:\Program Files (x86)\AT&T Network Client\NetClientSvc.exe (2292) Stopped! C:\Program Files (x86)\AT&T Network Client\NetLogSvc.exe (3076) Stopped! C:\Program Files (x86)\PGP Corporation\PGP Desktop\RDDService.exe (3152) Stopped! C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (3188) Stopped! C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe (3260) Stopped! C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (3368) Stopped! C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe (3492) Stopped! C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (3512) Stopped! C:\Windows\System32\rundll32.exe (4268) Stopped! C:\Windows\system32\rundll32.exe (4308) Stopped! C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE (4340) Stopped! C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE (4372) Stopped! C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe (4728) Stopped! C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (4896) Stopped! C:\Windows\System32\igfxtray.exe (4424) Stopped! C:\Windows\System32\hkcmd.exe (4512) Stopped! C:\Windows\System32\igfxpers.exe (4176) Stopped! C:\Windows\System32\TpShocks.exe (4652) Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (5072) Stopped! C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (4388) Stopped! C:\Program Files\Windows Sidebar\sidebar.exe (1616) Stopped! C:\Windows\System32\StikyNot.exe (4260) Stopped! C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (4128) Stopped! C:\Program Files (x86)\C4ebreg\isamtray.exe (464) Stopped! C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe (4156) Stopped! C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe (1632) Stopped! C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (1636) Stopped! C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (4624) Stopped! C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe (4028) Stopped! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (1732) Stopped! C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPcbt64.exe (1220) Stopped! C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe (5592) Stopped! C:\Windows\SysWOW64\RunDll32.exe (5500) Stopped! C:\Program Files\Internet Explorer\iexplore.exe (3712) Stopped! C:\Program Files\Internet Explorer\iexplore.exe (6700) Stopped! C:\Windows\system32\Macromed\Flash\FlashUtil64_11_4_402_287_ActiveX.exe (3652) Stopped! C:\Program Files\Internet Explorer\iexplore.exe (7040) Stopped! C:\Program Files (x86)\AT&T Network Client\NetClient.exe (4304) Stopped! C:\Program Files (x86)\AT&T Network Client\NetMsg.exe (6912) Stopped! C:\Program Files (x86)\AT&T Network Client\SwiApiMux.exe (5632) Stopped! C:\Program Files (x86)\Internet Explorer\IELowutil.exe (6744) Stopped! c:\sdwork\issimgui.exe (7984) Stopped! C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE (7432) Stopped! C:\Windows\splwow64.exe (1224) ################## | Files # Infected Folders | Deleted ! C:\$RECYCLE.BIN\S-1-5-21-1105943368-1710301214-1692348533-1000 (!) Temporary files deleted. ################## | Registry | ################## | Mountpoints2 | ################## | Listing | [19/10/2012 - 21:26:07 | SHD ] C:\$RECYCLE.BIN [07/05/2012 - 11:18:42 | | 26] C:\appname [18/10/2012 - 21:06:33 | RASD ] C:\Autorun.inf [15/07/2011 - 21:34:47 | D ] C:\Boot [20/11/2010 - 14:40:07 | RAS | 383786] C:\bootmgr [29/06/2010 - 09:39:33 | | 8192] C:\BOOTSECT.BAK [17/10/2012 - 22:20:58 | | 28783] C:\ComboFix.txt [12/09/2012 - 16:45:55 | | 3150] C:\cpsweb.log [14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings [06/08/2012 - 10:50:52 | D ] C:\Drivers [07/05/2012 - 11:17:30 | D ] C:\EFI [18/10/2012 - 22:25:27 | ASH | 6350622720] C:\hiberfil.sys [07/05/2012 - 14:22:08 | | 17181] C:\INSTALL.LOG [30/11/2010 - 21:47:08 | D ] C:\Intel [07/05/2012 - 11:18:44 | | 148480] C:\lai.exe [02/12/2006 - 05:37:14 | | 904704] C:\msdia80.dll [12/09/2012 - 17:14:04 | RD ] C:\MSOCache [17/10/2012 - 16:19:49 | D ] C:\notes [17/10/2012 - 16:08:42 | D ] C:\notes8bkp [16/10/2012 - 21:47:42 | D ] C:\Notes_Preferences_Backup [18/10/2012 - 22:25:35 | ASH | 8467496960] C:\pagefile.sys [14/07/2009 - 05:20:08 | D ] C:\PerfLogs [12/09/2012 - 09:17:41 | | 1048576] C:\PGPWDE00 [12/09/2012 - 09:17:41 | RASH | 1048576] C:\PGPWDE01 [12/09/2012 - 09:17:41 | RASH | 4194304] C:\PGPWDE02 [07/05/2012 - 11:38:42 | D ] C:\pnp [07/05/2012 - 11:18:43 | | 818] C:\pnp64.xml [14/09/2012 - 16:15:11 | D ] C:\Program Files [19/10/2012 - 20:13:24 | D ] C:\Program Files (x86) [18/10/2012 - 23:05:16 | D ] C:\ProgramData [06/08/2012 - 22:52:07 | D ] C:\Recovery [19/10/2012 - 11:26:56 | D ] C:\sdwork [07/05/2012 - 11:18:42 | | 202] C:\servers.ini [11/09/2012 - 14:05:36 | | 42] C:\setupisam.log [18/10/2012 - 22:25:59 | | 34124] C:\SUService.log [16/10/2012 - 22:28:57 | D ] C:\swd [19/10/2012 - 18:06:31 | SHD ] C:\System Volume Information [17/10/2012 - 11:05:19 | D ] C:\temp [07/05/2012 - 14:16:30 | D ] C:\tsm_images [19/10/2012 - 21:26:07 | D ] C:\UsbFix [19/10/2012 - 21:25:51 | A | 13057] C:\UsbFix.txt [29/06/2010 - 06:27:14 | D ] C:\Users [07/05/2012 - 11:38:43 | D ] C:\w764drive [17/10/2012 - 22:49:17 | D ] C:\Windows [07/08/2012 - 02:26:41 | D ] C:\Windows.old [26/09/2012 - 10:41:43 | | 16141] C:\YtriaInstall.log [18/10/2012 - 22:50:14 | D ] C:\ZHP ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_IBM-PBNRC21.zip http://eldesaparecido.com/upload.php Thank you for your contribution. ################## | E.O.F |
  10. Bonjour, Depuis plusieurs jours mes touches d'accent circonflexe, tilde ou tréma notamment ne fonctionnement plus correctement, chaque caractère est doublé. Après quelques recherches sur des symptomes similaires il semblerait que mon PC soit infecté. Mon antivirus Symantec SEP ne détecte rien. Je sollicite de l'aide pour confirmer la source de ce probléme et si c'est bien une infection de la machine m'aider à la puger. Merci d'avance de votre aide. Voila le log de HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:35:05, on 19/10/2012 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe C:\Program Files (x86)\C4ebreg\isamtray.exe C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClientUI.exe C:\notes\nlnotes.exe C:\notes\ntaskldr.EXE C:\Program Files (x86)\AT&T Network Client\NetClient.exe C:\Program Files (x86)\AT&T Network Client\NetMsg.exe C:\Program Files (x86)\AT&T Network Client\SwiApiMux.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe c:\sdwork\issimgui.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:tabs R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\Userinit.exe, O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\IBM\Java60\jre\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\IBM\Java60\jre\bin\jp2ssv.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [C4EBReg] "C:\Program Files (x86)\C4ebreg\c4ebreg.exe" /q O4 - HKLM\..\Run: [isamtray] "C:\Program Files (x86)\C4ebreg\isamtray.exe" O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe O4 - HKLM\..\Run: [ACTray] C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [stgclean] c:\sdwork\w32maing.exe /cleanup O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o O4 - HKCU\..\Run: [NetSP - restore settings on power failure] "C:\Program Files (x86)\AT&T Network Client\NetSP.exe" -show O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - Global Startup: AT&T Global Network Client Monitor.lnk = ? O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: PGP Tray.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{07F8DB4C-E40A-4104-BD35-071AE5C53BC4}: Domain = ibm.com O17 - HKLM\System\CCS\Services\Tcpip\..\{07F8DB4C-E40A-4104-BD35-071AE5C53BC4}: NameServer = 9.64.163.21,9.64.162.21 O17 - HKLM\System\CCS\Services\Tcpip\..\{56881DA6-77FF-40A0-96AD-8E28AC6C46BB}: NameServer = 192.168.10.110 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ibm.com,home O17 - HKLM\System\CS1\Services\Tcpip\..\{07F8DB4C-E40A-4104-BD35-071AE5C53BC4}: Domain = ibm.com O17 - HKLM\System\CS1\Services\Tcpip\..\{07F8DB4C-E40A-4104-BD35-071AE5C53BC4}: NameServer = 9.64.163.21,9.64.162.21 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = ibm.com,home O17 - HKLM\System\CS2\Services\Tcpip\..\{07F8DB4C-E40A-4104-BD35-071AE5C53BC4}: Domain = ibm.com O17 - HKLM\System\CS2\Services\Tcpip\..\{07F8DB4C-E40A-4104-BD35-071AE5C53BC4}: NameServer = 9.64.163.21,9.64.162.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ibm.com,home O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BES Client (BESClient) - IBM Corp. - C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClient.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing) O23 - Service: IBM Standard Asset Manager Service (ISAMSvc) - IBM Corp. - C:\Program Files (x86)\C4ebreg\c4ebreg.exe O23 - Service: ISSI (ISSIMon) - IBM Corp. - c:\sdwork\issimsvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Lotus Notes Smart Upgrade Service (LNSUSvc) - IBM Corp - c:\notes\SUService.exe O23 - Service: Lotus Notes Diagnostics - IBM - c:\notes\nsd.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: AT&T Network Configuration Service (netcfgsvr) - AT&T - C:\Program Files (x86)\AT&T Network Client\netcfgsvr.exe O23 - Service: AT&T Global Network Client Service (NetClientSvc) - AT&T - C:\Program Files (x86)\AT&T Network Client\NetClientSvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: AT&T Global Network Client Logging Service (NetLogSvc) - AT&T - C:\Program Files (x86)\AT&T Network Client\NetLogSvc.exe O23 - Service: PGP RDD Service - Symantec Corporation - C:\Program Files (x86)\PGP Corporation\PGP Desktop\RDDService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing) O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe O23 - Service: Tivoli Endpoint Manager for Remote Control - Target (TRCTARGET) - IBM Corporation - C:\Program Files (x86)\IBM\Tivoli\Remote Control\Target\trc_base.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13302 bytes
×
×
  • Créer...