PC infecté : plus rien ne marche !

[did71]

Bonsoir alpina,

 

il serait bien que tu postes le rapport RSIT demandé!

 

Puis dans un second temps:

 

* Télécharge et installe Malwarebyte's Anti-Malware http://www.malwarebytes.org/mbam/program/mbam-setup.exe

* A la fin de l'installation, veille à ce que l'option Mettre à jour Malwarebytes' Anti-Malware soit cochée.

* Clique sur "Terminer".

* Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur le bureau.

* Au premier lancement, une fenêtre t'annonce que la version est Free. Clique alors sur ok.

* Laisse les Mises à jour se télécharger.

* Lance Malwarebyte's Anti-Malware.

* Choisis ceci Onglet "Recherche". Coche Exécuter un examen complet puis Rechercher.

* Sélectionne ton disque dur et clique clic sur "lancer l'examen".

* A la fin du scan, clique sur Afficher les résultats.

* Suppression des éléments détectés : Clique sur Supprimer la sélection.

* Si un redémarrage est demandé, clique sur "Yes".

* Un rapport de scan s'ouvre, poste le rapport.

* Pour t'aider, tu as un très bon tuto ici:

 

http://forum.pcastuces.com/malwarebytes_an...oriel-f31s3.htm

 

a+

Modifié le 6 janvier 2010 par did71

[alpina d10]

voici un rapport que je viens de faire mais quel galere il a ete fait avec deux pc car le mien ne veux rien savoir meme pas telecharger des fichiers merci pour votre aide

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by uset at 2010-01-07 22:07:49

WIN_XP Service Pack 3

System drive C: has 33 GB (34%) free of 95 GB

Total RAM: 1022 MB (38% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:07 0, on 2010-01-07

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Canon\BJCard\Bjmcmng.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\WINDOWS\system32\tcpsvcs.exe

C:\WINDOWS\system32\lxctcoms.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Secunia\PSI (RC4)\psi.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\drwtsn32.exe

C:\WINDOWS\system32\drwtsn32.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Outlook Express\msimn.exe

C:\Documents and Settings\uset\Bureau\RSIT.exe

C:\Program Files\Trend Micro\HijackThis\uset.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)

O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-21-3834033692-622310950-466277136-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-21-3834033692-622310950-466277136-1006 Startup: Secunia PSI (RC4).lnk = C:\Program Files\Secunia\PSI (RC4)\psi.exe (User '?')

O4 - Startup: Secunia PSI (RC4).lnk = C:\Program Files\Secunia\PSI (RC4)\psi.exe

O4 - Global Startup: Bootvis.lnk = C:\Documents and Settings\uset\Bureau\BootVisfr\Bootvis_Sleep.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155119580000

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{87E4CE68-A48D-47DC-8E97-9FE6ED01D490}: NameServer = 80.10.246.2,80.10.246.129

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Canon BJ Memory Card Manager (Bjmcmng) - CANON INC. - C:\Program Files\Canon\BJCard\Bjmcmng.exe

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 6716 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1220877576.job

C:\WINDOWS\tasks\Google Software Updater.job

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3834033692-622310950-466277136-1006.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]

Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-08-09 184320]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-05 668656]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-08-09 184320]

SITEguard

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

"LXCTCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16 []

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

C:\WINDOWS\AGRSMMSG.exe [2005-04-12 88358]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]

C:\Program Files\Apoint2K\Apoint.exe [2003-10-30 192512]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-22 339968]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJLaunchEXE]

C:\Program Files\Canon\BJCard\BJLaunch.exe [2002-03-14 630784]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c42ded96]

C:\WINDOWS\system32\uebwrguq.dll,b []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEKEY]

C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe [2005-04-28 675840]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CFSServ.exe]

CFSServ.exe -NoClient []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cselect]

C:\WINDOWS\system32\cselect.exe [2005-04-12 110592]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CursorXP]

C:\Program Files\CursorXP\CursorXP.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]

C:\WINDOWS\system32\dla\tfswctrl.exe [2005-01-14 122939]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

C:\Program Files\Lexmark 5400 Series\ezprint.exe [2006-11-22 82864]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Manager]

C:\Program Files\F-Secure\Common\FSM32.EXE /splash []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP]

C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe -win []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HWSetup]

C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-12-24 28672]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]

C:\Program Files\Microsoft IntelliPoint\point32.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\dumprep 0 -k []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 5400 Series Fax Server]

C:\Program Files\Lexmark 5400 Series\fm3032.exe [2006-11-22 304048]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]

C:\Program Files\Logitech\Video\CameraAssistant.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraService(E)]

C:\WINDOWS\system32\ElkCtrl.exe /automation []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]

C:\Program Files\Logitech\Video\ManifestEngine.exe boot []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]

C:\Program Files\Logitech\Video\InstallHelper.exe /inspect []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh]

C:\Program Files\ltmoh\Ltmoh.exe [2005-04-12 184320]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]

C:\WINDOWS\system32\LVCOMSX.EXE [2005-09-01 221184]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxctmon.exe]

C:\Program Files\Lexmark 5400 Series\lxctmon.exe [2006-11-22 291760]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-12-30 1389904]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\meowplatformflawsize]

C:\Documents and Settings\All Users\Application Data\internet slow meow platform\DASHWMA.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]

C:\Program Files\MessengerPlus! 3\MsgPlus.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]

NDSTray.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PadTouch]

C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2004-11-17 1077327]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PopUpStopperFreeEdition]

C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]

C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe [2005-05-17 118784]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]

C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]

C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SVPWUTIL]

C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe [2005-02-26 65536]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]

C:\Program Files\Macrogaming\SweetIM\SweetIM.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TCtryIOHook]

C:\WINDOWS\system32\TCtrlIOHook.exe [2005-04-20 28672]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFncKy]

TFncKy.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]

C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-04-11 65536]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA Accessibility]

C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe [2005-03-08 24576]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPNF]

C:\Program Files\TOSHIBA\TouchPad\TPTray.exe [2004-11-30 53248]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain]

C:\WINDOWS\system32\TPSMain.exe [2005-01-21 266240]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tvs]

C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [2005-04-05 73728]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]

C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]

C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]

C:\PROGRA~1\Wanadoo\Watch.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zooming]

C:\WINDOWS\system32\ZoomingHook.exe [2004-07-14 24576]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk]

C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk]

C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpotdd01.exe [2003-04-06 28672]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe /start []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk]

C:\Program Files\SAGEM WiFi manager\WLANUTL.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^uset^Menu Démarrer^Programmes^Démarrage^Lancement rapide de Microsoft Office OneNote 2003.lnk]

C:\PROGRA~1\MICROS~2\OFFICE11\ONENOTEM.EXE [2007-04-19 64864]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^uset^Menu Démarrer^Programmes^Démarrage^Ubisoft register.lnk]

C:\PROGRA~1\Ubisoft\Register\schedule.exe [2003-10-01 28672]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"BackWeb Client - 7681197"=2

"F-Secure BackWeb LAN Access"=3

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Bootvis.lnk - C:\Documents and Settings\uset\Bureau\BootVisfr\Bootvis_Sleep.exe

 

C:\Documents and Settings\uset\Menu Démarrer\Programmes\Démarrage

Secunia PSI (RC4).lnk - C:\Program Files\Secunia\PSI (RC4)\psi.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2005-03-22 46080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]

WRLogonNTF.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 240128]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"authentication packages"=msv1_0

C:\WINDOWS\system32\awtqr.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

"HonorAutoRunSetting"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe"="C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine"

"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"

"C:\WINDOWS\system32\mcoinstall.exe"="C:\WINDOWS\system32\mcoinstall.exe:*:Enabled:mcoinstall"

"C:\WINDOWS\system32\lxctcoms.exe"="C:\WINDOWS\system32\lxctcoms.exe:*:Enabled:Lexmark Communications System"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]

shell\AutoRun\command - D:\setup.exe /autorun

shell\directx\command - D:\DirectX\dxsetup.exe

shell\setup\command - D:\setup.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2eaee8fe-b2f5-11dc-960b-000fb09d0ed8}]

shell\AutoRun\command - G:\AutoTransfer.exe

 

 

======List of files/folders created in the last 1 months======

 

2010-01-07 22:02:39 ----D---- C:\rsit

2010-01-05 23:34:06 ----D---- C:\WINDOWS\LastGood

2010-01-05 19:30:40 ----D---- C:\Program Files\Microsoft

2010-01-05 18:19:33 ----HD---- C:\WINDOWS\$NtUninstallKB936782_WMP11$

2010-01-05 18:19:33 ----HD---- C:\WINDOWS\$NtUninstallKB929399$

2010-01-05 18:19:33 ----D---- C:\Documents and Settings\uset\Application Data\vlc

2010-01-05 18:19:32 ----HD---- C:\WINDOWS\$NtUninstallKB954154_WM11$

2010-01-05 18:19:32 ----HD---- C:\WINDOWS\$NtUninstallKB939683$

2010-01-05 18:19:22 ----D---- C:\Program Files\ATI Technologies

2010-01-05 18:12:05 ----D---- C:\Program Files\Java

2010-01-05 18:10:16 ----HD---- C:\WINDOWS\ie8

2010-01-05 00:03:03 ----D---- C:\Program Files\Java(3)

2010-01-04 23:07:38 ----A---- C:\WINDOWS\imsins.BAK

2010-01-03 20:21:29 ----D---- C:\Documents and Settings\uset\Application Data\HouseCall 6.6

2010-01-03 18:21:35 ----D---- C:\spoolerlogs

2009-12-29 20:02:02 ----DC---- C:\WINDOWS\$NtUninstallKB971961$

2009-12-28 21:03:31 ----D---- C:\Program Files\Microsoft Games(2)

2009-12-23 17:56:21 ----D---- C:\Program Files\Eidos

2009-12-20 20:49:15 ----D---- C:\Program Files\Java(2)

2009-12-13 15:05:25 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$

2009-12-13 15:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$

2009-12-13 15:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$

2009-12-13 15:03:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$

2009-12-13 15:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

 

======List of files/folders modified in the last 1 months======

 

2010-01-06 18:13:14 ----D---- C:\WINDOWS\Temp

2010-01-05 23:34:08 ----HD---- C:\WINDOWS\inf

2010-01-05 23:34:08 ----D---- C:\WINDOWS\system32\ShellExt

2010-01-05 23:34:06 ----D---- C:\WINDOWS\system32\CatRoot2

2010-01-05 23:34:06 ----D---- C:\WINDOWS

2010-01-05 23:30:57 ----SD---- C:\WINDOWS\Downloaded Program Files

2010-01-05 23:01:28 ----SD---- C:\WINDOWS\Tasks

2010-01-05 23:01:25 ----D---- C:\Program Files\Lx_cats

2010-01-05 23:01:19 ----D---- C:\WINDOWS\Registration

2010-01-05 23:00:53 ----D---- C:\WINDOWS\system32

2010-01-05 22:18:26 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-01-05 22:18:23 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$

2010-01-05 21:50:58 ----SHD---- C:\Config.Msi

2010-01-05 21:50:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-01-05 21:48:33 ----D---- C:\WINDOWS\system32\drivers

2010-01-05 21:16:34 ----SHD---- C:\WINDOWS\Installer

2010-01-05 21:16:33 ----RD---- C:\Program Files

2010-01-05 21:13:20 ----D---- C:\Program Files\Call of Duty Game of the Year Edition

2010-01-05 19:31:31 ----D---- C:\WINDOWS\WinSxS

2010-01-05 19:29:59 ----RSD---- C:\WINDOWS\Fonts

2010-01-05 19:29:51 ----D---- C:\Program Files\Windows Live

2010-01-05 19:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$

2010-01-05 19:18:19 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$

2010-01-05 19:17:46 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$

2010-01-05 19:16:49 ----A---- C:\WINDOWS\win.ini

2010-01-05 19:15:57 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$

2010-01-05 19:15:51 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$

2010-01-05 19:15:38 ----D---- C:\Program Files\Internet Explorer

2010-01-05 19:15:20 ----HD---- C:\WINDOWS\$hf_mig$

2010-01-05 19:15:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$

2010-01-05 19:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$

2010-01-05 19:14:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$

2010-01-05 19:10:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$

2010-01-05 19:09:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$

2010-01-05 19:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$

2010-01-05 19:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$

2010-01-05 18:27:33 ----D---- C:\WINDOWS\system32\CatRoot

2010-01-05 18:26:05 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater

2010-01-05 18:22:33 ----D---- C:\WINDOWS\system32\config

2010-01-05 18:20:06 ----D---- C:\Program Files\Windows Media Player

2010-01-05 18:19:55 ----D---- C:\Program Files\Windows Media Connect 2

2010-01-05 18:19:33 ----D---- C:\Documents and Settings\uset\Application Data\vlc(3)

2010-01-05 18:19:23 ----HD---- C:\Program Files\InstallShield Installation Information

2010-01-05 18:19:00 ----DC---- C:\WINDOWS\$NtUninstallKB954154_WM11$(3)

2010-01-05 18:19:00 ----DC---- C:\WINDOWS\$NtUninstallKB939683$(3)

2010-01-05 18:17:57 ----D---- C:\Documents and Settings\All Users\Application Data\Avira

2010-01-05 18:14:39 ----D---- C:\Installation_Galaad_V4.0

2010-01-05 18:14:37 ----D---- C:\Program Files\GalaadV4.0

2010-01-05 18:12:58 ----DC---- C:\WINDOWS\$NtUninstallWMFDist11$(2)

2010-01-05 18:12:50 ----DC---- C:\WINDOWS\$NtUninstallwmp11$(2)

2010-01-05 18:11:55 ----D---- C:\WINDOWS\system32\DirectX

2010-01-05 18:02:24 ----D---- C:\Program Files\Google

2010-01-05 18:02:24 ----D---- C:\Documents and Settings\All Users\Application Data\Google

2010-01-05 18:01:14 ----D---- C:\WINDOWS\ie8updates

2010-01-05 17:25:40 ----A---- C:\WINDOWS\system.ini

2010-01-05 16:43:25 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2010-01-05 00:25:56 ----D---- C:\WINDOWS\Debug

2010-01-04 23:04:50 ----D---- C:\Program Files\MSN

2009-12-29 20:04:00 ----D---- C:\WINDOWS\system32\fr-fr

2009-12-29 16:45:12 ----D---- C:\WINDOWS\Media

2009-12-29 16:45:12 ----D---- C:\WINDOWS\Help

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-09-08 82380]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-07-18 75072]

R1 cpuidlep;CpuIdle Pro System Driver; C:\WINDOWS\system32\drivers\cpuidlep.sys [2008-08-31 4484]

R1 Dev_UNIDRV;Dev_UNIDRV; \??\C:\WINDOWS\system32\Drivers\UNIDRV.SYS []

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]

R1 SerTVOutCtlr;TOSHIBA Controls Driver -EPIOMngr; C:\WINDOWS\system32\drivers\EPIOMngr.sys [2004-07-30 6400]

R1 SrvcEKIOMngr;SrvcEKIOMngr; C:\WINDOWS\System32\Drivers\EKIoMngr.sys [2004-07-30 6400]

R1 SrvcSSIOMngr;SrvcSSIOMngr; C:\WINDOWS\System32\Drivers\SSIoMngr.sys [2004-07-30 6400]

R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-12-02 5627]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]

R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-12-02 23545]

R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-11-02 5632]

R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]

R1 TPwSav;Common Driver; C:\WINDOWS\System32\Drivers\TPwSav.sys [2005-03-09 8704]

R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]

R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-12-23 40544]

R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]

R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-01-14 25883]

R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-01-14 34843]

R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-01-14 4123]

R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-01-14 2271]

R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-01-14 87706]

R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-01-14 15227]

R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-01-14 6363]

R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-01-14 99098]

R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-01-14 100603]

R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-04-12 1066278]

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-22 1034752]

R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]

R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2005-01-13 57984]

R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2005-04-28 37248]

R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2005-04-27 74112]

R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []

R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-09-01 22528]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]

R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-10-27 7808]

R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]

R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]

R3 Tvs;Toshiba Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2005-04-15 29056]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]

S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []

S1 StickyMesger;StickyMesger; \??\C:\Program Files\TOSHIBA\Accessibility\StickyMesger.sys []

S1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-04 62799]

S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-05-08 101833]

S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []

S3 catchme;catchme; \??\C:\DOCUME~1\uset\LOCALS~1\Temp\catchme.sys []

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2005-09-01 14080]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]

S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []

S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []

S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2005-09-01 2010112]

S3 LVUVC;Logitech QuickCam Fusion(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2005-09-01 1081856]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]

S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []

S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []

S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-08-14 47360]

S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2004-06-03 20352]

S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys []

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 SQTECH905C;DaulCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2004-12-08 32123]

S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]

S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]

S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-03-30 47230]

S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-03-08 98560]

S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531]

S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-03-24 8192]

S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2004-11-15 50048]

S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]

S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-21 34816]

S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys []

S3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-30 3222784]

S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS []

S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-22 360448]

R2 Bjmcmng;Canon BJ Memory Card Manager; C:\Program Files\Canon\BJCard\Bjmcmng.exe [2002-03-14 49152]

R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-17 40960]

R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960]

R2 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456]

R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2005-09-01 81920]

R2 lxct_device;lxct_device; C:\WINDOWS\system32\lxctcoms.exe [2006-11-22 537520]

S2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-07-18 68865]

S2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-15 149761]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 268800]

S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-05 183280]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 p2pgasvc;Authentification de groupe réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S3 p2pimsvc;Gestionnaire d'identité réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S3 p2psvc;Réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]

S3 PNRPSvc;Protocole de résolution de noms d'homologues; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S4 BackWeb Client - 7681197;F-Secure BackWeb; C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE []

S4 F-Secure BackWeb LAN Access;F-Secure BackWeb LAN Access; C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe []

S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-07-23 66872]

S4 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456]

S4 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-13 33280]

S4 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-13 8704]

S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

 

-----------------EOF-----------------

[alpina d10]

up

[alpina d10]

que dois je faire maintenant? merci

[alpina d10]

up

[did71]

Bonsoir Alpina,

 

comme indiqué plus haut, passer malwarebytes et poster le rapport

 

a+

[pear]

Bonjour Alpina , Didier,

 

Excusez l'incruste.

Une piste:

Copier-Coller impossible ?

 

Tout d'abord s'assurer de la propreté du pc.

Scans Antivirus et Antispyware

 

Sous Wiindows(Xp, Vista, 7), cela peut provenir d'un problème avec la gestion des droits d'accès de l'applet java.

 

Il suffit d'éditer le Plug-in java.

Procéder de la façon suivante, sous windows : Démarrer -> Paramètres -> Panneau de configuration -> Java ->Avancé->Console Java

cliquer sur afficher la console puis sur Appliquer.

Fermer cette fenêtre, redemarrer votre browser préféré.

 

De temps en temps, Firefox refuse de copier ou de coller du contenu ?

Adware Pushow

 

Il s'agit probablement d'un adware, appelé pushow**.dll (pushow35.dll, pushow42.dll, etc.) localisé dans c:\windows\system32.

 

Si vous trouvez un tel fichier, déplacez le de system32 vers un autre dossier, puis renommez-le, redémarrez votre ordinateur et supprimez-le !

[alpina d10]

oui effectivement la console etait masquer mais impossible de faire un scan en ligne

[alpina d10]

DE PLUS TOUJOURS IMPOSSIBLE DE FAIRE UN COPIER COLLER LA JE VOUS GRACE A UN AUTRE PC VOILA LE RAPPORT

Malwarebytes' Anti-Malware 1.44

Version de la base de données: 3520

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

2010-01-10 02:21:12 0

mbam-log-2010-01-10 (02-21-12).txt

 

Type de recherche: Examen complet (C:\|D:\|E:\|)

Eléments examinés: 220278

Temps écoulé: 1 hour(s), 13 minute(s), 5 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

[did71]

Bonsoir alpina,

 

ça va être compliqué de t'aider si ce n'est pas d'origine virale!

 

Pierre su tu as une idée??

 

je me renseigne de mon côté!

 

a+