pc infecté avec vista antispyware 2010(RESOLU)

[luminou13]

le rapport log

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by butters at 2010-02-15 21:26:23

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2

System drive C: has 184 GB (81%) free of 228 GB

Total RAM: 3002 MB (60% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:26:30, on 15/02/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v7.00 (7.00.6002.18005)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Everest Poker\Everest Poker.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\butters\Desktop\RSIT.exe

C:\Program Files\trend micro\butters.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...rio&pf=cnnb

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...rio&pf=cnnb

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...rio&pf=cnnb

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe

O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe

O13 - Gopher Prefix:

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe

 

--

End of file - 9388 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-10-28 150040]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-10-28 178712]

"Persistence"=C:\Windows\system32\igfxpers.exe [2008-10-28 154136]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-12-04 1410344]

"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-09-23 468264]

"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]

"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-12-24 210216]

"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-10-10 206128]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-10-30 210216]

"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]

"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]

"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-12-08 432432]

"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-01-20 483420]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe [2009-10-28 257440]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2008-10-28 221184]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======List of files/folders created in the last 1 months======

 

2010-02-15 21:26:24 ----D---- C:\Program Files\trend micro

2010-02-15 21:26:23 ----D---- C:\rsit

2010-02-15 19:40:28 ----D---- C:\Users\butters\AppData\Roaming\Malwarebytes

2010-02-15 19:40:21 ----D---- C:\ProgramData\Malwarebytes

2010-02-15 19:40:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-02-14 21:31:28 ----D---- C:\Windows\system32\vi-VN

2010-02-14 21:31:28 ----D---- C:\Windows\system32\eu-ES

2010-02-14 21:31:28 ----D---- C:\Windows\system32\ca-ES

2010-02-14 21:20:42 ----D---- C:\Windows\system32\EventProviders

2010-02-14 21:20:38 ----D---- C:\ada7792d4d197b8db64b2eae7788

2010-02-10 22:20:16 ----A---- C:\Windows\system32\ntoskrnl.exe

2010-02-10 22:20:16 ----A---- C:\Windows\system32\ntkrnlpa.exe

2010-02-10 22:20:13 ----A---- C:\Windows\system32\quartz.dll

2010-02-10 22:20:12 ----A---- C:\Windows\system32\tsbyuv.dll

2010-02-10 22:20:12 ----A---- C:\Windows\system32\msyuv.dll

2010-02-10 22:20:12 ----A---- C:\Windows\system32\msvidc32.dll

2010-02-10 22:20:12 ----A---- C:\Windows\system32\msvfw32.dll

2010-02-10 22:20:12 ----A---- C:\Windows\system32\msrle32.dll

2010-02-10 22:20:12 ----A---- C:\Windows\system32\mciavi32.dll

2010-02-10 22:20:12 ----A---- C:\Windows\system32\iyuv_32.dll

2010-02-10 22:20:12 ----A---- C:\Windows\system32\avifil32.dll

2010-01-22 09:09:04 ----A---- C:\Windows\system32\mshtml.dll

2010-01-22 09:09:01 ----A---- C:\Windows\system32\ieframe.dll

2010-01-22 09:08:59 ----A---- C:\Windows\system32\wininet.dll

2010-01-22 09:08:57 ----A---- C:\Windows\system32\urlmon.dll

2010-01-22 09:08:55 ----A---- C:\Windows\system32\ieapfltr.dll

2010-01-22 09:08:54 ----A---- C:\Windows\system32\ieui.dll

2010-01-22 09:08:53 ----A---- C:\Windows\system32\iepeers.dll

2010-01-22 09:08:53 ----A---- C:\Windows\system32\ieencode.dll

2010-01-17 21:19:52 ----D---- C:\ProgramData\Babylon

2010-01-17 21:19:51 ----D---- C:\Users\butters\AppData\Roaming\Babylon

 

======List of files/folders modified in the last 1 months======

 

2010-02-15 21:26:27 ----D---- C:\Windows\Temp

2010-02-15 21:26:24 ----RD---- C:\Program Files

2010-02-15 20:55:03 ----A---- C:\ProgramData\HPWALog.txt

2010-02-15 20:44:45 ----D---- C:\Program Files\Everest Poker

2010-02-15 20:40:29 ----D---- C:\Windows\System32

2010-02-15 20:40:29 ----D---- C:\Windows\inf

2010-02-15 20:40:29 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-02-15 20:36:37 ----HD---- C:\ProgramData

2010-02-15 20:36:24 ----A---- C:\ProgramData\hpqp.ini

2010-02-15 20:35:46 ----D---- C:\Windows\system32\drivers

2010-02-15 20:35:08 ----D---- C:\Windows\Globalization

2010-02-15 19:40:34 ----SHD---- C:\System Volume Information

2010-02-15 19:37:21 ----SD---- C:\ProgramData\Microsoft

2010-02-14 21:51:01 ----D---- C:\Windows\rescache

2010-02-14 21:41:26 ----D---- C:\Windows\Microsoft.NET

2010-02-14 21:41:25 ----RSD---- C:\Windows\assembly

2010-02-14 21:37:32 ----D---- C:\Windows

2010-02-14 21:37:26 ----SHD---- C:\boot

2010-02-14 21:37:13 ----D---- C:\Windows\system32\catroot

2010-02-14 21:37:03 ----D---- C:\Windows\Prefetch

2010-02-14 21:35:29 ----D---- C:\Windows\system32\catroot2

2010-02-14 21:31:57 ----D---- C:\Program Files\Windows Sidebar

2010-02-14 21:31:57 ----D---- C:\Program Files\Windows Photo Gallery

2010-02-14 21:31:57 ----D---- C:\Program Files\Windows Media Player

2010-02-14 21:31:57 ----D---- C:\Program Files\Windows Mail

2010-02-14 21:31:57 ----D---- C:\Program Files\Windows Collaboration

2010-02-14 21:31:57 ----D---- C:\Program Files\Windows Calendar

2010-02-14 21:31:57 ----D---- C:\Program Files\Movie Maker

2010-02-14 21:31:57 ----D---- C:\Program Files\Internet Explorer

2010-02-14 21:31:57 ----D---- C:\Program Files\Common Files\System

2010-02-14 21:31:56 ----D---- C:\Windows\servicing

2010-02-14 21:31:56 ----D---- C:\Program Files\Windows Defender

2010-02-14 21:31:49 ----D---- C:\Windows\system32\XPSViewer

2010-02-14 21:31:49 ----D---- C:\Windows\system32\sk-SK

2010-02-14 21:31:49 ----D---- C:\Windows\system32\oobe

2010-02-14 21:31:49 ----D---- C:\Windows\system32\migration

2010-02-14 21:31:49 ----D---- C:\Windows\system32\lv-LV

2010-02-14 21:31:49 ----D---- C:\Windows\system32\ko-KR

2010-02-14 21:31:49 ----D---- C:\Windows\system32\it-IT

2010-02-14 21:31:49 ----D---- C:\Windows\system32\hr-HR

2010-02-14 21:31:49 ----D---- C:\Windows\system32\fr

2010-02-14 21:31:49 ----D---- C:\Windows\system32\et-EE

2010-02-14 21:31:49 ----D---- C:\Windows\system32\en-US

2010-02-14 21:31:49 ----D---- C:\Windows\system32\el-GR

2010-02-14 21:31:49 ----D---- C:\Windows\system32\de-DE

2010-02-14 21:31:49 ----D---- C:\Windows\system32\da-DK

2010-02-14 21:31:49 ----D---- C:\Windows\IME

2010-02-14 21:31:48 ----D---- C:\Windows\system32\ru-RU

2010-02-14 21:31:48 ----D---- C:\Windows\system32\fr-FR

2010-02-14 21:31:48 ----D---- C:\Windows\system32\AdvancedInstallers

2010-02-14 21:31:47 ----D---- C:\Windows\system32\sv-SE

2010-02-14 21:31:47 ----D---- C:\Windows\system32\SLUI

2010-02-14 21:31:47 ----D---- C:\Windows\system32\setup

2010-02-14 21:31:47 ----D---- C:\Windows\system32\pt-PT

2010-02-14 21:31:47 ----D---- C:\Windows\system32\hu-HU

2010-02-14 21:31:47 ----D---- C:\Windows\system32\he-IL

2010-02-14 21:31:47 ----D---- C:\Windows\system32\fi-FI

2010-02-14 21:31:47 ----D---- C:\Windows\system32\cs-CZ

2010-02-14 21:31:46 ----D---- C:\Windows\system32\zh-TW

2010-02-14 21:31:46 ----D---- C:\Windows\system32\zh-CN

2010-02-14 21:31:46 ----D---- C:\Windows\system32\uk-UA

2010-02-14 21:31:46 ----D---- C:\Windows\system32\th-TH

2010-02-14 21:31:46 ----D---- C:\Windows\system32\sr-Latn-CS

2010-02-14 21:31:46 ----D---- C:\Windows\system32\sl-SI

2010-02-14 21:31:46 ----D---- C:\Windows\system32\ro-RO

2010-02-14 21:31:46 ----D---- C:\Windows\system32\pl-PL

2010-02-14 21:31:46 ----D---- C:\Windows\system32\manifeststore

2010-02-14 21:31:46 ----D---- C:\Windows\system32\ja-JP

2010-02-14 21:31:46 ----D---- C:\Windows\system32\es-ES

2010-02-14 21:31:46 ----D---- C:\Windows\system32\bg-BG

2010-02-14 21:31:45 ----D---- C:\Windows\system32\wbem

2010-02-14 21:31:45 ----D---- C:\Windows\system32\tr-TR

2010-02-14 21:31:45 ----D---- C:\Windows\system32\pt-BR

2010-02-14 21:31:45 ----D---- C:\Windows\system32\nl-NL

2010-02-14 21:31:45 ----D---- C:\Windows\system32\nb-NO

2010-02-14 21:31:45 ----D---- C:\Windows\system32\migwiz

2010-02-14 21:31:45 ----D---- C:\Windows\system32\lt-LT

2010-02-14 21:31:45 ----D---- C:\Windows\system32\ar-SA

2010-02-14 21:31:33 ----RSD---- C:\Windows\Fonts

2010-02-14 21:31:33 ----D---- C:\Windows\AppPatch

2010-02-14 21:31:28 ----D---- C:\Windows\system32\Boot

2010-02-14 21:27:38 ----D---- C:\Windows\winsxs

2010-02-04 21:13:47 ----D---- C:\Windows\system32\Tasks

2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe

2010-01-28 18:55:38 ----D---- C:\Program Files\PokerStars

2010-01-27 19:14:58 ----D---- C:\Program Files\Mozilla Firefox

2010-01-17 21:21:14 ----D---- C:\Program Files\TVAnts

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]

R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]

R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-12-19 1093120]

R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]

R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-10-28 2476544]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-09-22 112128]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-12-23 138240]

R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-01-20 394240]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-12-04 204976]

R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\aestsrv.exe [2009-01-20 81920]

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]

R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]

R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-12-23 365952]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-11-26 247152]

R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_fa807195\STacSV.exe [2009-01-20 249938]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]

R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]

R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-23 223232]

S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-05 165416]

S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-09-17 3397716]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

 

-----------------EOF-----------------

[nardino]

Bonsoir

Pas d'infection dans ce rapport .

Si tu n'as plus de problème, passe la question en résolu.

Tu édites la question de base et tu ajoute [resolu] au titre.

@+

[Charlouf]

Bonsoir a tous,

 

j ai un gros probléme, mon pc et infecter par vista antispyware 2010 et je suis complétement perdu. je pocéde un Hp pavillon qui utilise vista. impossible d acceder a mon bureau, quand je le démarre c est une page noir qui apparer et tout un tat de fenétres de vista anti :s. j ai donc démarrer mon pc en mode sans échec, car c été la seul solution pour acceder a mon bureau. Vista anti me bloque tout, donc je me suis connecter sur le pc de ma soeur et je suis tomber sur votre forum "dieu merci" ou j ai pu voir que d autre personne avais le méme probléme que moi :s...aprés avoir lut tt les com j ai télécharger le logiciel indiquer: malwarebytes du pc de ma soeur, puis je les transféré sur le mien a l aide d' une USB. Je les installer et j ai lancer l examen complet du disque dure qui se dérroule en ce moment méme ^^...a partir de la je me remet a vous, et attend avc impatience votre précieuse aide merci d avance

[nardino]

Bonjour Charlouf et bienvenue sur Zeb

Pour des raisons de clarté nous ne traitons qu'un sujet par internaute et un internaute par sujet.

Merci de créer un nouveau sujet .

Tu cliques sur en haut à droite , tu mets un titre court et explicite, antispyware 2010 par exemple, et tu décris la nature des problèmes rencontrés.

@+