virus dans mon ordinateur, demande d'aide!

[claire7]

Bonjour, après des pub intempestives s'ouvrant, un ralentissement très important de mon ordi, je voudrais de l'aide.

J'ai fait l'analyse avec combofix que je vous joins.

Si vous pouviez l'analyser et me dire ce qui cloche car je ne m'en sors vraiment pas toute seule.

Merci pour votre aide.

 

ComboFix 09-04-27.02 - art 27/04/2009 21:10.3 - NTFSx86

Microsoft Windows XP Professionnel 5.1.2600.0.1252.33.1036.18.511.231 [GMT 2:00]

Lancé depuis: c:\documents and settings\art\Bureau\ComboFix.exe

.

 

((((((((((((((((((((((((((((( Fichiers créés du 2009-05-27 au 2009-4-27 ))))))))))))))))))))))))))))))))))))

.

 

2009-04-26 16:52 . 2009-04-26 16:52 -------- d-----w c:\program files\eBay

2009-04-26 16:52 . 2009-04-26 16:52 -------- d-----w c:\documents and settings\All Users.WINDOWS\eBay

2009-04-25 07:58 . 2009-04-25 08:09 -------- d-----w C:\rsit

2009-04-23 21:09 . 2009-04-23 21:11 -------- d-----w c:\program files\CCleaner

2009-04-23 20:09 . 2009-04-23 20:13 -------- d-----w c:\program files\Spybot - Search & Destroy

2009-04-23 20:09 . 2009-04-24 08:39 -------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy

2009-04-23 08:07 . 2009-04-23 08:07 -------- d-----w c:\documents and settings\art\Application Data\Malwarebytes

2009-04-23 08:07 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys

2009-04-23 08:07 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys

2009-04-23 08:07 . 2009-04-23 08:07 -------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes

2009-04-23 08:07 . 2009-04-23 08:07 -------- d-----w c:\program files\Malwarebytes' Anti-Malware

2009-04-22 08:31 . 2009-04-22 08:31 -------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Avira

2009-04-22 08:31 . 2009-04-22 08:31 -------- d-----w c:\program files\Avira

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-04-27 17:39 . 2006-08-01 07:46 -------- d-----w c:\program files\OpenOffice.org1.1.4

2009-04-26 16:53 . 2004-07-16 12:00 -------- d--h--w c:\program files\InstallShield Installation Information

2009-04-24 11:59 . 2009-02-10 08:00 -------- d-----w c:\program files\Lettriq

2009-04-24 07:34 . 2007-04-21 07:48 -------- d-----w c:\program files\Google

2009-04-23 20:55 . 2004-07-17 15:43 -------- d-----w c:\program files\Common Files

2009-03-29 11:46 . 2006-07-26 20:14 70892 ----a-w c:\windows\system32\perfc00C.dat

2009-03-29 11:46 . 2006-07-26 20:14 426020 ----a-w c:\windows\system32\perfh00C.dat

2009-03-27 11:07 . 2009-03-27 11:07 -------- d-----w c:\program files\KeirNet

2009-03-20 13:23 . 2009-03-20 13:23 49152 ----a-r c:\windows\system32\inetwh32.dll

2009-03-20 13:23 . 2009-03-20 13:23 1044480 ----a-r c:\windows\system32\roboex32.dll

2009-03-09 18:46 . 2008-10-24 19:07 4212 ---h--w c:\windows\system32\zllictbl.dat

2009-02-20 12:49 . 2006-09-04 14:02 70384 ----a-w c:\documents and settings\art\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2008-10-24 13:03 . 2008-10-24 13:03 19804 ----a-w c:\program files\Fichiers communs\desadat.reg

2008-10-24 13:03 . 2008-10-24 13:03 13213 ----a-w c:\program files\Fichiers communs\eqajo.dl

2008-10-24 13:03 . 2008-10-24 13:03 12748 ----a-w c:\program files\Fichiers communs\ikan.db

2008-10-24 13:03 . 2008-10-24 13:03 12605 ----a-w c:\program files\Fichiers communs\hypu.reg

2008-10-23 16:54 . 2008-10-23 16:54 18417 ----a-w c:\program files\Fichiers communs\suwutojoz.com

2008-10-23 16:54 . 2008-10-23 16:54 17191 ----a-w c:\program files\Fichiers communs\syvuhupo.bat

2008-10-23 16:54 . 2008-10-23 16:54 12618 ----a-w c:\program files\Fichiers communs\duxi.dll

2008-10-23 16:54 . 2008-10-23 16:54 11952 ----a-w c:\program files\Fichiers communs\orusan.lib

2007-04-21 07:48 . 2007-04-21 07:48 69120 -csha-w c:\program files\Thumbs.db

2007-04-21 07:46 . 2007-04-21 07:46 14994144 ----a-w c:\program files\GoogleEarthWin_EARE.exe

2007-03-05 19:30 . 2007-03-05 19:29 7613870 ----a-w c:\program files\gimp-2.2.8-i586-setup.zip

2006-12-28 09:37 . 2006-12-28 09:36 539648 ----a-w c:\program files\ytb612_efgsip.exe

2006-10-04 08:44 . 2006-10-04 08:44 10462920 ----a-w c:\program files\XLVIEWER.EXE

2006-09-23 17:30 . 2006-09-23 17:30 4034727 ----a-w c:\program files\wjchess.exe

2005-05-27 13:44 . 2005-05-27 13:44 8709995 ----a-w c:\program files\instantphoto_setup.exe

2005-05-20 07:45 . 2005-05-20 07:45 2270016 ----a-w c:\program files\Belebele3.zip

2005-02-22 17:32 . 2005-02-22 17:32 8054797 ----a-w c:\program files\DesignWorkshop.exe

2004-07-16 12:17 . 2004-07-16 12:17 1412 ----a-w c:\program files\Tele2 ADSL.lnk

.

 

((((((((((((((((((((((((((((( SnapShot@2009-04-23_07.55.45 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-04-27 17:39 . 2009-04-27 17:39 16384 c:\windows\Temp\Perflib_Perfdata_7c.dat

+ 2009-04-27 17:39 . 2009-04-27 17:39 16384 c:\windows\Temp\Perflib_Perfdata_5a4.dat

+ 2009-04-27 17:39 . 2009-04-27 17:39 16384 c:\windows\Temp\Perflib_Perfdata_4d4.dat

+ 2006-07-26 20:41 . 2001-08-28 12:00 19429 c:\windows\system32\MsDtc\Trace\msdtcvtr.bat

- 2006-07-26 20:48 . 2009-04-23 06:47 65536 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

+ 2006-07-26 20:48 . 2009-04-26 08:42 65536 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

- 2006-07-26 20:48 . 2009-04-23 06:47 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat

+ 2006-07-26 20:48 . 2009-04-26 08:42 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat

- 2006-07-26 20:48 . 2009-04-23 06:47 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

+ 2006-07-26 20:48 . 2009-04-26 08:42 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

+ 2008-10-24 13:03 . 2008-10-24 13:03 19040 c:\windows\amugy.bat

+ 2009-04-26 16:53 . 2009-04-26 16:53 2494 c:\windows\Installer\{69640730-B830-4C24-BB5C-222DA1260548}\ARPPRODUCTICON.exe

+ 2006-07-26 22:27 . 2009-04-27 17:43 204318 c:\windows\system32\inetsrv\MetaBase.bin

+ 2008-10-24 20:46 . 2009-04-27 18:03 262144 c:\windows\system32\config\systemprofile\NtUser.dat

- 2008-10-24 20:46 . 2009-04-23 07:38 262144 c:\windows\system32\config\systemprofile\NtUser.dat

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\ctfmon.exe" [2001-08-28 13312]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2001-08-02 1077277]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-04-27 282624]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-10 136600]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-07-27 271672]

"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 185632]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]

"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2001-08-28 13312]

"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-08-17 439872]

 

c:\documents and settings\art\Menu D‚marrer\Programmes\D‚marrage\

ADILOOK Fran‡ais sur disque C.LNK - c:\coktel\ADI4\ADILOOK.EXE [1997-12-11 186880]

OpenOffice.org 1.1.4.lnk - c:\program files\OpenOffice.org1.1.4\program\quickstart.exe [2004-10-28 61440]

 

c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\

Adobe Gamma Loader.exe.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2004-7-16 98304]

Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2004-7-16 98304]

Hyperappel du Petit Larousse 2009.lnk - c:\program files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe [2009-1-26 237568]

Picture Package Menu.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2004-12-26 151552]

Picture Package VCD Maker.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2004-12-26 106496]

 

R2 pr2aqb2l;Lettriq Drivers Auto Removal (pr2aqb2l); [x]

S0 avgntmgr;avgntmgr;c:\windows\SYSTEM32\DRIVERS\avgntmgr.sys [2008-01-21 22336]

S0 pe3aqb2l;Lettriq Environment Driver (pe3aqb2l);c:\windows\system32\drivers\pe3aqb2l.sys [2008-12-04 68720]

S0 pf2aqb2l;Lettriq File System Driver (pf2aqb2l);c:\windows\system32\drivers\pf2aqb2l.sys [2008-12-04 83568]

S1 aswSP;avast! Self Protection; [x]

S1 avgntdd;avgntdd;c:\windows\system32\DRIVERS\avgntdd.sys [2008-05-09 45376]

 

.

Contenu du dossier 'Tâches planifiées'

 

2009-04-13 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34]

.

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://home.neuf.fr/

uDefault_Search_URL = hxxp://www.google.com/ie

mStart Page = about:blank

uInternet Settings,ProxyOverride = localhost

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: {{8354F0FE-550E-4E14-AFE1-E5CEF9009311}

IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm

DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} - hxxp://www.presslabo.com/importer/MypixUploader.cab

DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} - file://d:\content\include\XPPatchInstaller.CAB

DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} - file://d:\content\include\msSecUcd.cab

DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} - hxxp://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab

DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab

FF - ProfilePath - c:\documents and settings\art\Application Data\Mozilla\Firefox\Profiles\ehhbyd39.default\

FF - prefs.js: browser.startup.homepage - hxxp://tempsreel.nouvelobs.com/index.html

 

---- PARAMETRES FIREFOX ----

FF - user.js: yahoo.homepage.dontask - true.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-04-27 21:29

Windows 5.1.2600 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_USERS\S-1-5-21-1757981266-706699826-725345543-1006\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

--------------------- DLLs chargées dans les processus actifs ---------------------

 

- - - - - - - > 'winlogon.exe'(648)

c:\windows\system32\ODBC32.dll

c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

 

- - - - - - - > 'lsass.exe'(704)

c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\System32\dssenh.dll

 

- - - - - - - > 'explorer.exe'(2276)

c:\windows\System32\msi.dll

c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll

c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA

c:\windows\system32\WS2_32.dll

c:\windows\system32\WS2HELP.dll

.

Heure de fin: 2009-04-27 21:31

ComboFix-quarantined-files.txt 2009-04-27 19:29

ComboFix2.txt 2009-04-27 18:30

ComboFix3.txt 2009-04-23 07:57

 

Avant-CF: 61 658 177 536 octets libres

Après-CF: 61 655 040 000 octets libres

 

166

[claire7]

Un petit up, en espérant que quelqu'un pourra m'aider !

Ci-dessus, le résultat de l'analyse combofix.

[Thanos]

salut

 

J'analyse ton rapport et te laisse une réponse...

[Thanos]

claire7, il y a certains outils de désinfection dont il faut se méfier car ils sont très puissants (ComboFix en fait partie!). Mal utilisés, ils peuvent faire plus de mal qu'autre chose: n'hésite pas à venir demander conseil avant de désinfecter

 

On va continuer comme ceci =>

 

Poste moi le rapport nommé ComboFix-quarantined-files.txt qui se trouve dans le dossier Qoobox.

Ce dossier tu le trouveras dans le répertoire C:\

 

- J'aimerai stp que tu fasses analyser un fichier pour lequel je n'ai aucune info >

 

Rend toi à cette adresse => http://www.virustotal.com/

 

Tu as une case nommée "Parcourir": tu cliques dessus et une fenêtre s'ouvre=> copie/colle ceci dans le champs à droite de "Nom du Fichier" en bas de page >> c:\program files\Fichiers communs\duxi.dll

 

Clique maintenant sur "ouvrir" en bas de la fenêtre puis sur "Envoyer le fichier". Le scan de ce fichier va débuter. Tu n'as plus qu'à sélectionner puis copier /coller l'analyse dans ton prochain message.

Note: les fichiers uploadés sont mis en attente, car le virusscan est sollicité! patiente (un message t'indique le temps que ca prendra pour faire analyser)

 

Note: il arrive parfois que le fichier ait déjà été analysé. Si c'est le cas, clique sur le bouton Reanalyse file now

Fais de même avec ce fichier => c:\program files\Fichiers communs\suwutojoz.com

 

- Tu as désinstallé Avast ? il y a des restes! Utilise ce programme pour finir le nettoyage =>

 

Télécharge aswClear.exe sur le bureau.

Exécute l'utilitaire téléchargé

Clique sur Uninstall

Redémarre l'ordinateur.

 

- Fais ce scan stp =>

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  
• Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit
  

 

Poste les rapports demandés stp

 

Edit: hi Marie

Modifié le 28 avril 2009 par Thanos

[claire7]

Bonjour merci pour ton aide, j'espère arriver à faire tout ce que tu me demandes.

 

Je te tiens au courant des résultats et te les poste.

[claire7]

voici le fichier demandé :

ComboFix-quarantined-files.txt

 

2009-04-23 07:56:26 . 2009-04-23 07:56:26 183 ----a-w C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-yaiwoqm.reg.dat

2009-04-23 07:56:26 . 2009-04-23 07:56:26 150 ----a-w C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-Widget Neuf.reg.dat

2009-04-23 07:53:37 . 2009-04-27 19:27:11 7,456 ----a-w C:\Qoobox\Quarantine\Registry_backups\tcpip.reg

2009-04-23 07:37:01 . 2009-04-27 19:10:19 162 ----a-w C:\Qoobox\Quarantine\catchme.log

2009-04-18 09:27:46 . 2009-04-23 07:52:53 1,591 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Application Data\yaiwoqm_navps.dat.vir

2009-04-18 09:27:46 . 2009-04-18 09:27:44 354,107 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Application Data\yaiwoqm_nav.dat.vir

2009-04-18 09:27:46 . 2009-04-23 07:52:45 3,255 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Application Data\yaiwoqm.dat.vir

2009-04-18 09:27:45 . 2009-04-18 09:27:45 269,824 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Application Data\yaiwoqm.exe.vir

2008-10-24 13:03:22 . 2008-10-24 13:03:22 18,780 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Temporary Internet Files\abisude.exe.vir

2008-10-24 13:02:51 . 2008-10-24 20:45:12 1,604 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Menu Démarrer\Programmes\XP_AntiSpyware\Uninstall.lnk.vir

2008-10-24 13:02:51 . 2008-10-24 13:02:51 1,592 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Menu Démarrer\Programmes\XP_AntiSpyware\XP_AntiSpyware.lnk.vir

2008-10-23 16:54:23 . 2008-10-23 16:54:23 17,764 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Temporary Internet Files\kynun.com.vir

2008-10-23 16:54:23 . 2008-10-23 16:54:23 11,220 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Temporary Internet Files\ivyhy.reg.vir

2008-10-23 16:54:22 . 2008-10-23 16:54:22 17,494 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Temporary Internet Files\tijupyqi.inf.vir

2008-10-23 16:54:15 . 2006-12-21 23:07:56 86,070 ----a-w C:\Qoobox\Quarantine\C\Program Files\XP_AntiSpyware\pthreadVC2.dll.vir

2006-07-26 23:15:42 . 2001-11-05 00:49:14 69,632 -c--a-w C:\Qoobox\Quarantine\C\WINDOWS\Pp.exe.vir

2004-07-22 15:15:43 . 2004-07-22 15:15:43 1,024 ----a-w C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\History\search.vir

2004-07-22 15:11:29 . 2004-07-22 15:11:29 78 ----a-w C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\settings.dat.vir

2004-07-22 15:11:29 . 2004-07-22 15:11:29 522 ----a-w C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\settings.htm.vir

2004-07-22 15:11:14 . 2004-07-22 15:11:14 16 ----a-w C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\s_pid.dat.vir

2004-07-16 12:07:18 . 2004-07-16 12:07:18 8,192 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\dubois\Cookies\MM2048.DAT.vir

2004-07-16 12:07:18 . 2004-07-16 12:07:18 8,192 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\dubois\Cookies\MM256.DAT.vir

[claire7]

Analyse due c:\program files\Fichiers communs\duxi.dll

Fichier duxi.dll reçu le 2009.04.29 14:28:32 (CET)

Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE

Résultat: 0/40 (0%)

 

Antivirus Version Dernière mise à jour Résultat

a-squared 4.0.0.101 2009.04.29 -

AhnLab-V3 5.0.0.2 2009.04.29 -

AntiVir 7.9.0.156 2009.04.29 -

Antiy-AVL 2.0.3.1 2009.04.29 -

Authentium 5.1.2.4 2009.04.29 -

Avast 4.8.1335.0 2009.04.28 -

AVG 8.5.0.287 2009.04.29 -

BitDefender 7.2 2009.04.29 -

CAT-QuickHeal 10.00 2009.04.29 -

ClamAV 0.94.1 2009.04.29 -

Comodo 1141 2009.04.29 -

DrWeb 4.44.0.09170 2009.04.29 -

eSafe 7.0.17.0 2009.04.27 -

eTrust-Vet 31.6.6482 2009.04.29 -

F-Prot 4.4.4.56 2009.04.29 -

F-Secure 8.0.14470.0 2009.04.29 -

Fortinet 3.117.0.0 2009.04.29 -

GData 19 2009.04.29 -

Ikarus T3.1.1.49.0 2009.04.29 -

K7AntiVirus 7.10.719 2009.04.29 -

Kaspersky 7.0.0.125 2009.04.29 -

McAfee 5599 2009.04.28 -

McAfee+Artemis 5599 2009.04.28 -

McAfee-GW-Edition 6.7.6 2009.04.29 -

Microsoft 1.4602 2009.04.29 -

NOD32 4042 2009.04.29 -

Norman 6.00.06 2009.04.28 -

nProtect 2009.1.8.0 2009.04.29 -

Panda 10.0.0.14 2009.04.28 -

PCTools 4.4.2.0 2009.04.29 -

Prevx1 3.0 2009.04.29 -

Rising 21.27.22.00 2009.04.29 -

Sophos 4.41.0 2009.04.29 -

Sunbelt 3.2.1858.2 2009.04.28 -

Symantec 1.4.4.12 2009.04.29 -

TheHacker 6.3.4.1.317 2009.04.29 -

TrendMicro 8.950.0.1092 2009.04.29 -

VBA32 3.12.10.3 2009.04.29 -

ViRobot 2009.4.29.1715 2009.04.29 -

VirusBuster 4.6.5.0 2009.04.28 -

Information additionnelle

File size: 12618 bytes

MD5...: 66077861039f786f098ae4e21bedded9

SHA1..: b34da44cb45cf40598a2c9e5677bfded01080537

SHA256: fca88b57568e75955f33e701f12c69cf42ce0c70d48e4dd074b032e747b09141

SHA512: 0e0f7c1879fab1d304dc5a880ed4903257708411f6f7ff45111b2762ff02d6d2

06c272418f5c0c57120127dc93a1e55f067bb06a045661544be3f962331b1475

ssdeep: 192:IesmknaEGTA6BDWuhY8oTdUmmocXzC6CD42Xgboy0fMjqCWOe551SmHWQrJh

es4d:pkvElxCTdUkcXzpFinVf83W9HWoJHs

PEiD..: -

TrID..: File type identification

MPEG Video (100.0%)

PEInfo: -

PDFiD.: -

RDS...: NSRL Reference Data Set

-

[claire7]

Analyse de c:\program files\Fichiers communs\suwutojoz.com

Fichier suwutojoz.com reçu le 2009.04.29 14:40:10 (CET)

Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE

Résultat: 0/40 (0%)

 

Antivirus Version Dernière mise à jour Résultat

a-squared 4.0.0.101 2009.04.29 -

AhnLab-V3 5.0.0.2 2009.04.29 -

AntiVir 7.9.0.156 2009.04.29 -

Antiy-AVL 2.0.3.1 2009.04.29 -

Authentium 5.1.2.4 2009.04.29 -

Avast 4.8.1335.0 2009.04.28 -

AVG 8.5.0.287 2009.04.29 -

BitDefender 7.2 2009.04.29 -

CAT-QuickHeal 10.00 2009.04.29 -

ClamAV 0.94.1 2009.04.29 -

Comodo 1141 2009.04.29 -

DrWeb 4.44.0.09170 2009.04.29 -

eSafe 7.0.17.0 2009.04.27 -

eTrust-Vet 31.6.6482 2009.04.29 -

F-Prot 4.4.4.56 2009.04.29 -

F-Secure 8.0.14470.0 2009.04.29 -

Fortinet 3.117.0.0 2009.04.29 -

GData 19 2009.04.29 -

Ikarus T3.1.1.49.0 2009.04.29 -

K7AntiVirus 7.10.719 2009.04.29 -

Kaspersky 7.0.0.125 2009.04.29 -

McAfee 5599 2009.04.28 -

McAfee+Artemis 5599 2009.04.28 -

McAfee-GW-Edition 6.7.6 2009.04.29 -

Microsoft 1.4602 2009.04.29 -

NOD32 4042 2009.04.29 -

Norman 6.00.06 2009.04.28 -

nProtect 2009.1.8.0 2009.04.29 -

Panda 10.0.0.14 2009.04.28 -

PCTools 4.4.2.0 2009.04.29 -

Prevx1 3.0 2009.04.29 -

Rising 21.27.22.00 2009.04.29 -

Sophos 4.41.0 2009.04.29 -

Sunbelt 3.2.1858.2 2009.04.28 -

Symantec 1.4.4.12 2009.04.29 -

TheHacker 6.3.4.1.317 2009.04.29 -

TrendMicro 8.950.0.1092 2009.04.29 -

VBA32 3.12.10.3 2009.04.29 -

ViRobot 2009.4.29.1715 2009.04.29 -

VirusBuster 4.6.5.0 2009.04.28 -

Information additionnelle

File size: 18417 bytes

MD5...: 3a51857fa8b4a1d7fc6163a716fb7bf6

SHA1..: 95b386d5404721f5fcaae734ebcfe4d6b3f6043f

SHA256: e3ed975c5db1819a63a7cebe53d2941b96517c60d4a46ee7b34d5c2356d270d2

SHA512: 98c93775ea7f1b8f3940625bf99f251c66006e31ee1234181844402d2b10f29c

58d290ae880b49f72b37210efa384d38e4f1941e67d3f5a342ccfe83a79eb346

ssdeep: 384:Q9qaAwblgzLU8FZqq45arWRRc2XAKFuCGtwl7s7VYERr:OqaxizI8p4oWR3A

KGtwlQdRr

PEiD..: -

TrID..: File type identification

Unknown!

PEInfo: -

PDFiD.: -

RDS...: NSRL Reference Data Set

-

[claire7]

info.txt logfile of random's system information tool 1.06 2009-04-29 22:34:48

 

======Uninstall list======

 

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C1B8CBC-9118-11D7-86D3-00055DF3561E}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe

Adobe Illustrator 9.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Illustrator 9.0\Uninst.isu" -c"C:\Program Files\Adobe\Illustrator 9.0\Uninst.dll"

Adobe Photoshop 6.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"

Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}

Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log

Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"

ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

Au Pays Des Jouets-->D:\setup.exe -funinst.ins

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]-->C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe

Encyclopédie Microsoft Encarta 98-->RunDll32 C:\PROGRA~1\MICROS~4\ENCYCL~1\UNENC98.DLL,Uninstall C:\PROGRA~1\MICROS~4\ENCYCL~1\SETUP98F\INST98F.LOG

EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG

EPSON CardMonitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst

EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x40c -UnInstall

EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27F650A9-6FAB-41C8-8621-92FF0118B0C4}\SETUP.EXE" -l0x40c UNINST

EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST

EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst

EPSON PhotoStarter3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst

EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything

EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u

EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r

EPSON Smart Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\Setup.exe" -l0x40c Uninstall

EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything

ESPRX420 Guide de réf.-->C:\Program Files\EPSON\TPMANUAL\ESPRX420\REF_G\DOCUNINS.EXE

ESPRX420 Guide des logiciels-->C:\Program Files\EPSON\TPMANUAL\ESPRX420\PQU_G\DOCUNINS.EXE

Favorit-->"c:\documents and settings\art\local settings\application data\yaiwoqm.exe" -uninstall

Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}

HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

InfraRecorder-->C:\Program Files\InfraRecorder\uninstall.exe

IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe

iTunes-->MsiExec.exe /I{ABCE1C63-56ED-41FF-BEAF-57321F70DC49}

Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}

Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}

Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Lettriq-->"C:\Program Files\Lettriq\unins000.exe"

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}

Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe

PDFCreator 0.8.0-->C:\Program Files\PDFCreator\unins000.exe

Petit Larousse 2009-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{422FADA9-FED2-41D7-B5FA-472BB98B7784}\Setup.exe" -l0x40c

PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"

PhotoImpression 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66C8BE35-8BBB-472B-96C7-C7C9A499F988}\SETUP.EXE" -l0x40c

Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"

Picture Package-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x40c UNINSTALL

PIF DESIGNER2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}\SETUP.EXE" -l0x40c anything

Pilotes NVIDIA nForce pour Windows 2000/XP-->rundll32.exe C:\WINDOWS\System32\NVNFINST.DLL,NvUninstallCrush

PM100 Guide d'utilisation-->C:\Program Files\EPSON\TPMANUAL\PM100\REF_G\DOCUNINS.EXE

Prassi PrimoCD Plus 2.0 (French)-->C:\WINDOWS\Unin.exe /U:C:\Program Files\Prassi PrimoCD Plus 2.0 (French)\Unin01.in

QuickTime for Windows (32-bit)-->C:\WINDOWS\QTW32DEL.EXE

QuickTime-->MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}

RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG

Scooby-Doo, Panique dans la Ville fantôme-->C:\Program Files\Mindscape\Scooby-Doo, Panique dans la Ville fantôme\uninstal.exe

Sony USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" UNINSTALL

Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"

The GIMP 2.2.8-->"C:\Program Files\GIMP-2.0\unins000.exe"

Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}

Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"

Windows XP Hotfix (SP1) [see Q312370 for more information]-->C:\WINDOWS\$NtUninstallQ312370$\spuninst\spuninst.exe

WJChess2D-->C:\PROGRA~1\JeffProd\WJCHES~1\UNWISE.EXE C:\PROGRA~1\JeffProd\WJCHES~1\INSTALL.LOG

 

======Hosts File======

 

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

 

======System event log======

 

Computer Name: LOULOU

Event Code: 26

Message: Application popup :  : Machine Check:

 

Record Number: 12705

Source Name: Application Popup

Time Written: 20090323183654.000000+060

Event Type: Informations

User:

 

Computer Name: LOULOU

Event Code: 26

Message: Application popup :  : Machine Check: Regs

 

Record Number: 12704

Source Name: Application Popup

Time Written: 20090323183653.000000+060

Event Type: Informations

User:

 

Computer Name: LOULOU

Event Code: 26

Message: Application popup :  : Machine Check:

 

Record Number: 12703

Source Name: Application Popup

Time Written: 20090323183653.000000+060

Event Type: Informations

User:

 

Computer Name: LOULOU

Event Code: 6005

Message: Le service d'Enregistrement d'événement a démarré.

 

Record Number: 12702

Source Name: EventLog

Time Written: 20090323183648.000000+060

Event Type: Informations

User:

 

Computer Name: LOULOU

Event Code: 6009

Message: Microsoft ® Windows ® 5.01. 2600 Uniprocessor Free.

 

Record Number: 12701

Source Name: EventLog

Time Written: 20090323183648.000000+060

Event Type: Informations

User:

 

=====Application event log=====

 

Computer Name: LOULOU

Event Code: 105

Message: The service was started.

 

Record Number: 7432

Source Name: ATI Smart

Time Written: 20080517071136.000000+120

Event Type: Informations

User:

 

Computer Name: LOULOU

Event Code: 2001

Message: Le service EAPOL a été démarré correctement

 

Record Number: 7431

Source Name: EAPOL

Time Written: 20080517071136.000000+120

Event Type: Informations

User:

 

Computer Name: LOULOU

Event Code: 0

Message:

Record Number: 7430

Source Name: iPod Service

Time Written: 20080511100125.000000+120

Event Type: Informations

User:

 

Computer Name: LOULOU

Event Code: 2018

Message: L'agent d'extension du journal des événements SNMP est en cours de démarrage.

 

Record Number: 7429

Source Name: EvntAgnt

Time Written: 20080511100115.000000+120

Event Type: Informations

User:

 

Computer Name: LOULOU

Event Code: 32068

Message: La règle de routage de trafic sortant n'est pas valide car elle ne peut pas trouver de périphérique valide. Les télécopies sortantes qui utilisent cette règle ne peuvent pas être acheminées. Vérifiez que le ou les périphériques concernés (en cas de routage vers un groupe de périphériques) sont connectés et installés correctement et allumés. En cas de routage vers un groupe, vérifiez que le groupe est configuré correctement.

Code de pays/région : '*'

Indicatif régional : '*'

 

Record Number: 7428

Source Name: Microsoft Fax

Time Written: 20080511100114.000000+120

Event Type: Avertissement

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\QuickTime\QTSystem

"windir"=%SystemRoot%

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD

"PROCESSOR_REVISION"=0a00

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip

"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

 

-----------------EOF-----------------

 

 

Et voici le log.text, maintenant j'espère que tout cela vous aidera!

Merci pour votre aide.

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by art at 2009-04-29 22:34:40

Microsoft Windows XP Professionnel

System drive C: has 59 GB (50%) free of 117 GB

Total RAM: 511 MB (26% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:34:48, on 29/04/2009

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe

C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

C:\Program Files\OpenOffice.org1.1.4\program\soffice.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\System32\inetsrv\inetinfo.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Documents and Settings\art\Bureau\RSIT.exe

C:\Program Files\trend micro\art.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: ADILOOK Français sur disque C.LNK = C:\coktel\ADI4\ADILOOK.EXE

O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe

O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

O9 - Extra button: (no name) - {8354F0FE-550E-4E14-AFE1-E5CEF9009311} - (no file)

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.presslabo.com/importer/MypixUploader.cab

O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://D:\content\include\XPPatchInstaller.CAB

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1218373717071

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab

O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) - file://D:\Content\include\msSecUcd.cab

O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurate...countHelper.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lettriq Drivers Auto Removal (pr2aqb2l) (pr2aqb2l) - Vocabelum Inc - C:\WINDOWS\system32\pr2aqb2l.exe

 

--

End of file - 7780 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]

EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2003-09-18 848144]

{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-04-27 282624]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-07-27 271672]

"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-09-13 185632]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2001-08-28 13312]

"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2001-08-02 1077277]

"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

 

C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage

Adobe Gamma Loader.exe.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

Hyperappel du Petit Larousse 2009.lnk - C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe

Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

 

C:\Documents and Settings\art\Menu Démarrer\Programmes\Démarrage

ADILOOK Français sur disque C.LNK - C:\coktel\ADI4\ADILOOK.EXE

OpenOffice.org 1.1.4.lnk - C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDriveAutoRun"=67108863

"NoDrives"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

"NoDrives"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======List of files/folders created in the last 1 months======

 

2009-04-29 19:59:29 ----SHD---- C:\RECYCLER

2009-04-29 09:32:46 ----A---- C:\WINDOWS\System32\javaws.exe

2009-04-29 09:32:46 ----A---- C:\WINDOWS\System32\javaw.exe

2009-04-29 09:32:46 ----A---- C:\WINDOWS\System32\java.exe

2009-04-27 21:31:49 ----A---- C:\ComboFix.txt

2009-04-26 18:52:47 ----D---- C:\Program Files\eBay

2009-04-25 09:58:47 ----D---- C:\rsit

2009-04-23 23:09:16 ----D---- C:\Program Files\CCleaner

2009-04-23 22:09:30 ----D---- C:\Program Files\Spybot - Search & Destroy

2009-04-23 22:09:30 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy

2009-04-23 10:07:55 ----D---- C:\Documents and Settings\art\Application Data\Malwarebytes

2009-04-23 10:07:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes

2009-04-23 10:07:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2009-04-23 09:40:29 ----A---- C:\Boot.bak

2009-04-23 09:40:19 ----RASHD---- C:\cmdcons

2009-04-23 09:37:11 ----A---- C:\WINDOWS\NIRCMD.exe

2009-04-23 09:37:10 ----A---- C:\WINDOWS\zip.exe

2009-04-23 09:37:10 ----A---- C:\WINDOWS\vFind.exe

2009-04-23 09:37:10 ----A---- C:\WINDOWS\SWXCACLS.exe

2009-04-23 09:37:10 ----A---- C:\WINDOWS\SWSC.exe

2009-04-23 09:37:10 ----A---- C:\WINDOWS\SWREG.exe

2009-04-23 09:37:10 ----A---- C:\WINDOWS\sed.exe

2009-04-23 09:37:10 ----A---- C:\WINDOWS\grep.exe

2009-04-23 09:37:01 ----D---- C:\WINDOWS\ERDNT

2009-04-23 09:36:55 ----D---- C:\Qoobox

2009-04-22 10:31:24 ----D---- C:\Program Files\Avira

2009-04-22 10:31:24 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira

 

======List of files/folders modified in the last 1 months======

 

2009-04-29 22:34:48 ----D---- C:\Program Files\Trend Micro

2009-04-29 22:30:42 ----D---- C:\Program Files\Mozilla Firefox

2009-04-29 22:30:18 ----D---- C:\WINDOWS\System32\inetsrv

2009-04-29 22:30:07 ----D---- C:\WINDOWS\Temp

2009-04-29 22:29:56 ----D---- C:\WINDOWS\Debug

2009-04-29 22:29:45 ----D---- C:\Program Files\OpenOffice.org1.1.4

2009-04-29 22:28:39 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-04-29 22:18:37 ----D---- C:\WINDOWS\system32

2009-04-29 22:18:30 ----D---- C:\WINDOWS\System32\drivers

2009-04-29 22:18:25 ----D---- C:\WINDOWS\Prefetch

2009-04-29 09:49:00 ----SHD---- C:\WINDOWS\Installer

2009-04-29 09:32:45 ----D---- C:\Program Files\Java

2009-04-29 00:10:17 ----D---- C:\WINDOWS

2009-04-27 21:30:48 ----D---- C:\WINDOWS\System32\CatRoot2

2009-04-27 21:28:43 ----A---- C:\WINDOWS\system.ini

2009-04-27 21:27:01 ----D---- C:\WINDOWS\AppPatch

2009-04-27 21:26:58 ----D---- C:\Program Files\Fichiers communs

2009-04-26 18:53:57 ----HD---- C:\Program Files\InstallShield Installation Information

2009-04-26 18:52:47 ----RD---- C:\Program Files

2009-04-26 18:50:45 ----D---- C:\WINDOWS\Downloaded Installations

2009-04-24 13:59:43 ----D---- C:\Program Files\Lettriq

2009-04-24 10:53:21 ----D---- C:\WINDOWS\Internet Logs

2009-04-24 09:36:01 ----SD---- C:\WINDOWS\Tasks

2009-04-24 09:34:58 ----D---- C:\Program Files\Google

2009-04-24 09:34:58 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google

2009-04-23 23:20:10 ----D---- C:\WINDOWS\Minidump

2009-04-23 22:55:44 ----D---- C:\Program Files\Common Files

2009-04-23 09:40:29 ----RASH---- C:\boot.ini

2009-04-22 13:57:15 ----RSHDC---- C:\WINDOWS\System32\dllcache

2009-04-22 10:02:46 ----D---- C:\WINDOWS\System32\NtmsData

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-03-01 576512]

R1 avgntdd;avgntdd; C:\WINDOWS\SYSTEM32\DRIVERS\avgntdd.sys [2008-05-09 45376]

R1 avipbb;avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [2008-10-30 75072]

R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\System32\drivers\cdrbsvsd.sys [2003-12-03 13566]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2001-08-23 14080]

R1 ssmdrv;ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [2007-11-08 21248]

R2 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\System32\DRIVERS\atinmdxx.sys [2003-01-21 13824]

R3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\System32\DRIVERS\atinrvxx.sys [2003-01-21 102400]

R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]

R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]

R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]

R3 nvax;Service for NVIDIA® nForce Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]

R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-09-23 80896]

R3 nvnforce;Service for NVIDIA® nForce Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-08-17 24960]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-04-01 51584]

R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2001-08-28 15616]

R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-17 21760]

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2003-02-17 16384]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2003-02-17 83968]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2003-02-17 10112]

S3 sermouse;Pilote pour souris sur port série; C:\WINDOWS\System32\DRIVERS\sermouse.sys [2001-08-28 18432]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2003-02-17 10880]

S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]

S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2003-02-17 14976]

S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2001-08-28 11136]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2001-08-17 24832]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2001-08-17 13824]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2003-02-17 18688]

S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []

S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

R2 IISADMIN;Administration IIS; C:\WINDOWS\System32\inetsrv\inetinfo.exe [2001-08-28 14336]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]

R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\System32\inetsrv\inetinfo.exe [2001-08-28 14336]

R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2001-08-28 29696]

R2 W3SVC;Publication World Wide Web; C:\WINDOWS\System32\inetsrv\inetinfo.exe [2001-08-28 14336]

R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-07-27 501048]

S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2003-02-28 110677]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2001-08-28 250368]

S2 pr2aqb2l;Lettriq Drivers Auto Removal (pr2aqb2l); C:\WINDOWS\system32\pr2aqb2l.exe [2008-12-04 415088]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-26 137200]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2001-08-28 8192]

 

-----------------EOF-----------------

[claire7]

Et bien, je ne sais pas pourquoi mais après avoir fait tout ce que vous préconisiez, tout remarche comme avant : plus de ralentissements, rien!!!

La seule chose qui semblait bloquer est Avast car depuis que je l'ai éesinstallé tout va mieux.

C'est cet antivirus qui m'avait annoncé le cheval de troie...

Auriez vous un conseil à me donner dans le choix d'un bon antivius (gratuit???).

Merci encore car tout semble être rentré dans l'ordre!

MERCI!