infecté par security tool help

[mamoussa]

Bonjour, je viens de recevoir ce logiciel jamais téléchargé

Il me bloque tout les accès (pas internet pour le moment ...ouf !)

Mais impossible de le bloquer par msconfig ou autres help me !

 

J'ai suivi un bout de tuto mais je ne px pas lancer RSIT puisque security tool le bloque !

Je redémarre en mode sans echec et je repost

Modifié le 26 septembre 2010 par mamoussa

[mamoussa]

Impossible d'ouvrir mes document texte ...

Voici donc mon rapport RSIT : RapidShare: 1-CLICK Web hosting - Easy Filehosting

Aidez moi svp, car les choses étant bien faites j'ai un exam de programmation cette semaine, j'aurais donc besoin de mon ordi (fonctionnel !!)

[mamoussa]

J'ai redémarré en mode sans echec

Supprimé le fichier .exe situé dans local setting/app data/3256898.exe et redémarré une nouvelle fois

Security tool semble avoir disparu ! J'ai de nouveau accès à tout (me semble t il)

J'ai refait un diagnostic RSIT sur les fichiers modifié depuis 1 mois

Voila ce que ça donne :

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by k_roelandts at 2010-09-26 15:55:38

Microsoft Windows XP Professionnel Service Pack 2

System drive C: has 12 GB (6%) free of 191 GB

Total RAM: 1022 MB (50% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:55:43, on 26/09/2010

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe

C:\WINDOWS\system32\lxedcoms.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files\Lexmark S600 Series\lxedmon.exe

C:\Program Files\Lexmark S600 Series\ezprint.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Logitech\LWS\LU\LULnchr.exe

C:\Program Files\Logitech\LWS\LU\LogitechUpdate.exe

C:\Documents and Settings\k_roelandts\Bureau\RSIT.exe

C:\Program Files\trend micro\k_roelandts.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll

O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM\..\Run: [lxedmon.exe] "C:\Program Files\Lexmark S600 Series\lxedmon.exe"

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark S600 Series\ezprint.exe"

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE

O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\Ereg\eReg.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm

O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm

O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe

O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe

O23 - Service: lxedCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxedserv.exe

O23 - Service: lxed_device - - C:\WINDOWS\system32\lxedcoms.exe

O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe

O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe

O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe

O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe

O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

 

--

End of file - 10356 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]

Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-06-02 1082880]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]

DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-10-06 110652]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]

FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2C5E510-BE6D-42CC-9F61-E4F939078474}]

Lexmark - C:\Program Files\Lexmark Printable Web\bho.dll [2008-05-22 180224]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-02-16 7557120]

"nwiz"=nwiz.exe /installquiet []

"NDSTray.exe"=NDSTray.exe []

"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-01-11 600896]

"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2008-01-11 59392]

"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]

"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]

"lxedmon.exe"=C:\Program Files\Lexmark S600 Series\lxedmon.exe [2010-01-18 770728]

"EzPrint"=C:\Program Files\Lexmark S600 Series\ezprint.exe [2010-01-18 139944]

"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-10 160768]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]

C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP]

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-03 486856]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]

C:\WINDOWS\system32\CHDAudPropShortcut.exe [2005-12-29 61952]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]

C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE REBOOT []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2010-02-15 141608]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

C:\Program Files\Skype\Phone\Skype.exe [2009-06-02 24264488]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager]

C:\WINDOWS\system32\WDBtnMgr.exe [2007-05-22 339968]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Monitor.lnk]

C:\PROGRA~1\TOSHIBA\BLUETO~2\BtMon2.exe [2004-11-10 65536]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]

C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WD Backup Monitor.lnk]

C:\PROGRA~1\MYBOOK~1\WDBACK~1\UBBMON~1.EXE [2006-01-22 98304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^k_roelandts^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]

C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"SPBBCSvc"=3

"SNDSrvc"=3

"ccSetMgr"=2

"ccProxy"=2

"ccISPwdSvc"=3

"ccEvtMgr"=2

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

 

C:\Documents and Settings\k_roelandts\Menu Démarrer\Programmes\Démarrage

Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE

Logitech . Enregistrement du produit.lnk - C:\Program Files\Logitech\Ereg\eReg.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2005-11-04 135168]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-10 240128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=36

"NoDriveAutoRun"=0xFFFFFFFF

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=67108863

"NoDriveTypeAutoRun"=255

"HonorAutoRunSetting"=1

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\games\Webtarot\webtarot.exe"="C:\Program Files\games\Webtarot\webtarot.exe:*:Enabled:WebTarot"

"C:\Program Files\games\need for speed\nfsc.exe"="C:\Program Files\games\need for speed\nfsc.exe:*:Disabled:nfsc"

"C:\Program Files\games\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\games\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"

"C:\Program Files\games\dawn of war\W40k.exe"="C:\Program Files\games\dawn of war\W40k.exe:*:Disabled:W40K"

"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"

"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"

"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMuleMorphXT"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)"

"C:\Program Files\Skype\pamela vid recorder\Pamela\Pamela.exe"="C:\Program Files\Skype\pamela vid recorder\Pamela\Pamela.exe:*:Enabled:Pamela for Skype"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary"

"C:\Program Files\QuickTime\QuickTimePlayer.exe"="C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player"

"C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify"

"C:\WINDOWS\system32\lxedcoms.exe"="C:\WINDOWS\system32\lxedcoms.exe:*:Enabled:Lexmark Communications System"

"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe"="C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

======List of files/folders created in the last 1 months======

 

2010-09-26 15:52:23 ----ASH---- C:\hiberfil.sys

2010-09-26 15:13:24 ----D---- C:\Program Files\trend micro

2010-09-26 15:13:16 ----D---- C:\rsit

2010-09-26 14:37:40 ----D---- C:\WINDOWS\BDOSCAN8

2010-09-26 14:34:39 ----SHD---- C:\Config.Msi

2010-09-25 17:20:32 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Dev-Cpp

2010-09-25 17:20:00 ----D---- C:\Dev-Cpp

2010-09-25 17:18:28 ----D---- C:\Program Files\Dev Cpp

2010-09-24 12:27:40 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys

2010-09-24 12:27:40 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys

2010-09-24 12:27:39 ----N---- C:\WINDOWS\system32\pxsfs.dll

2010-09-24 12:27:39 ----N---- C:\WINDOWS\system32\pxafs.dll

2010-09-24 12:25:13 ----D---- C:\Documents and Settings\All Users\Application Data\DivX

2010-09-22 19:44:55 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys

2010-09-22 19:17:15 ----A---- C:\WINDOWS\system32\lxedvs.dll

2010-09-22 19:17:09 ----A---- C:\WINDOWS\system32\lxedcoin.dll

2010-09-22 19:16:55 ----A---- C:\WINDOWS\system32\lxk_gf.dll

2010-09-22 19:16:54 ----A---- C:\WINDOWS\system32\lxedgcfg.dll

2010-09-22 19:16:52 ----A---- C:\WINDOWS\system32\lxedcuir.dll

2010-09-22 19:16:52 ----A---- C:\WINDOWS\system32\lxedcui.dll

2010-09-22 19:16:35 ----A---- C:\WINDOWS\system32\wiafbdrv.dll

2010-09-22 19:15:14 ----D---- C:\Program Files\Abbyy FineReader 6.0 Sprint

2010-09-22 19:14:33 ----A---- C:\WINDOWS\system32\LXEDwupd.exe

2010-09-22 19:14:33 ----A---- C:\WINDOWS\system32\LXEDwupd.dll

2010-09-22 19:11:59 ----D---- C:\Program Files\Lexmark Toolbar

2010-09-22 19:11:50 ----D---- C:\Program Files\Lexmark Fax Solutions

2010-09-22 19:11:48 ----D---- C:\Program Files\Lexmark Printable Web

2010-09-22 19:11:30 ----AH---- C:\WINDOWS\system32\lxedrwrd.ini

2010-09-22 19:11:30 ----A---- C:\WINDOWS\system32\NativeCall.dll

2010-09-22 19:11:29 ----D---- C:\Program Files\Lexmark

2010-09-22 19:11:17 ----A---- C:\WINDOWS\system32\LXEDinst.dll

2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxedusb1.dll

2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxedinpa.dll

2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxediesc.dll

2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\LXEDhcp.dll

2010-09-22 19:11:15 ----A---- C:\WINDOWS\system32\lxedserv.dll

2010-09-22 19:11:15 ----A---- C:\WINDOWS\system32\lxedpmui.dll

2010-09-22 19:11:14 ----A---- C:\WINDOWS\system32\lxedlmpm.dll

2010-09-22 19:11:14 ----A---- C:\WINDOWS\system32\lxedjswr.dll

2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedinsr.dll

2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedinsb.dll

2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedins.dll

2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedih.exe

2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedhbn3.dll

2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedgrd.dll

2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedcur.dll

2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedcub.dll

2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcu.dll

2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcoms.exe

2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcomm.dll

2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcomc.dll

2010-09-22 19:11:10 ----A---- C:\WINDOWS\system32\lxedcfg.exe

2010-09-22 19:11:10 ----A---- C:\WINDOWS\system32\LXEDcfg.dll

2010-09-22 19:10:18 ----D---- C:\Program Files\Lexmark S600 Series

2010-09-22 19:10:17 ----A---- C:\WINDOWS\system32\LXEDsmr.dll

2010-09-22 19:10:17 ----A---- C:\WINDOWS\system32\LXEDsm.dll

2010-09-22 12:40:59 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Leadertech

2010-09-22 12:38:45 ----D---- C:\WINDOWS\system32\logishrd

2010-09-22 12:38:03 ----D---- C:\Program Files\Fichiers communs\LWS

2010-09-22 12:37:06 ----D---- C:\Program Files\Fichiers communs\LogiShrd

2010-09-21 12:11:40 ----D---- C:\Program Files\Citrix

 

======List of files/folders modified in the last 1 months======

 

2010-09-26 15:54:01 ----RASH---- C:\boot.ini

2010-09-26 15:54:01 ----A---- C:\WINDOWS\win.ini

2010-09-26 15:54:01 ----A---- C:\WINDOWS\system.ini

2010-09-26 15:52:57 ----D---- C:\WINDOWS\TEMP

2010-09-26 15:52:51 ----D---- C:\WINDOWS\Registration

2010-09-26 15:52:47 ----D---- C:\WINDOWS

2010-09-26 15:49:27 ----D---- C:\WINDOWS\system32

2010-09-26 15:49:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-09-26 15:44:50 ----AC---- C:\WINDOWS\ntbtlog.txt

2010-09-26 15:34:49 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-09-26 15:19:01 ----D---- C:\WINDOWS\Prefetch

2010-09-26 15:13:24 ----RD---- C:\Program Files

2010-09-26 14:37:44 ----SD---- C:\WINDOWS\Downloaded Program Files

2010-09-26 14:37:40 ----HD---- C:\WINDOWS\inf

2010-09-26 14:37:38 ----D---- C:\WINDOWS\system32\CatRoot2

2010-09-26 14:35:42 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Pamela

2010-09-26 14:34:49 ----SHD---- C:\WINDOWS\Installer

2010-09-26 14:29:52 ----D---- C:\Documents and Settings\k_roelandts\Application Data\vlc

2010-09-24 12:29:26 ----D---- C:\Program Files\Fichiers communs\DivX Shared

2010-09-24 12:29:26 ----D---- C:\Program Files\DivX

2010-09-24 12:27:40 ----D---- C:\WINDOWS\system32\drivers

2010-09-23 19:35:54 ----D---- C:\Program Files\Mozilla Firefox

2010-09-23 19:19:51 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Skype

2010-09-23 18:42:54 ----D---- C:\Documents and Settings\k_roelandts\Application Data\skypePM

2010-09-22 19:45:01 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-09-22 19:16:41 ----D---- C:\WINDOWS\twain_32

2010-09-22 12:40:58 ----D---- C:\Program Files\Logitech

2010-09-22 12:38:19 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech

2010-09-22 12:38:03 ----D---- C:\Program Files\Fichiers communs

2010-09-22 12:37:45 ----D---- C:\Program Files\Common Files

2010-09-21 13:05:05 ----D---- C:\Program Files\Mozilla Thunderbird

2010-09-16 03:00:26 ----A---- C:\WINDOWS\system32\MRT.exe

2010-09-08 22:59:45 ----D---- C:\Program Files\JDownloader

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2005-09-12 89264]

R0 ohci1394;Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface); C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-10 61056]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]

R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]

R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]

R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-01-03 715248]

R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\AVG Anti-Spyware 7.5\guard.sys []

R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]

R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]

R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40320]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]

R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-12-25 21275]

R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-10-06 25628]

R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-10-06 2496]

R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-10-06 86524]

R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-10-06 14684]

R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-10-06 6364]

R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-10-06 87036]

R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-10-06 94332]

R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-06 12544]

R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]

R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]

R2 UacFlt;Philips Composite Class Filter Driver; C:\WINDOWS\system32\DRIVERS\uacbflt.sys [2002-06-14 21276]

R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]

R3 BoiHwsetup;Access 32bits INT15 routine; C:\WINDOWS\system32\drivers\BoiHwSetup.sys [2005-06-11 5504]

R3 CompFilter;UVCCompositeFilter; C:\WINDOWS\system32\DRIVERS\lvbusflt.sys [2010-05-14 20704]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]

R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2005-12-29 561664]

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]

R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]

R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-09 997376]

R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-09 202240]

R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]

R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2010-05-07 25824]

R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2010-05-15 276448]

R3 LVUVC;Logitech HD Webcam C510(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-02-16 3642944]

R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]

R3 qkbfiltr;Quanta HotKey Keyboard Filter Driver; C:\WINDOWS\system32\drivers\qkbfiltr.sys [2006-01-12 31872]

R3 qmofiltr;Quanta HotKey Mouse Filter Driver; C:\WINDOWS\system32\drivers\qmofiltr.sys [2005-05-05 7936]

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-10 67584]

R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 191968]

R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]

R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]

R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]

R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096]

R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-09 723712]

R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040]

S1 hidfltr;HID Filter Driver; C:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 13332]

S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800]

S3 axtgcgj0;axtgcgj0; C:\WINDOWS\system32\drivers\axtgcgj0.sys []

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]

S3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-15 179200]

S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]

S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-04 1353820]

S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]

S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824]

S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]

S3 o1394bul;o1394bul; \??\C:\DOCUME~1\K_ROEL~1\LOCALS~1\Temp\o1394bul.sys []

S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-06-30 21760]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]

S3 SMCB000;SMSC CIR HID Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\hidsmsc.sys [2006-01-17 15744]

S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]

S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 9344]

S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]

S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]

S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]

S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]

S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]

S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]

S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]

R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]

R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960]

R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]

R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]

R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648]

R2 lxed_device;lxed_device; C:\WINDOWS\system32\lxedcoms.exe [2010-01-07 598696]

R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]

R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-02-16 143426]

R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-12 66872]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]

R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]

R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]

S2 lxedCATSCustConnectService;lxedCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxedserv.exe [2010-01-07 98984]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-09-27 72704]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-02-15 545576]

S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 

-----------------EOF-----------------

 

 

Quelqu'un pour me traduire/découiller le tout ?

Merci pour votre aide

 

 

[edit] : J'ai téléchargé MalwareByte puis fait une analyse rapide comme préconisé. J'ai supprimé les infections (5) puis redémarré comme demandé voici le rapport :

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4698

 

Windows 5.1.2600 Service Pack 2

Internet Explorer 6.0.2900.2180

 

26/09/2010 16:49:12

mbam-log-2010-09-26 (16-49-12).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 173001

Temps écoulé: 14 minute(s), 53 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 2

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 3

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

C:\RECYCLER\S-1-5-21-3435299865-1074412838-1320528033-1005\Dc444.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

C:\Documents and Settings\k_roelandts\Local Settings\Temporary Internet Files\Content.IE5\WD0XIB45\update[1].exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

C:\Documents and Settings\k_roelandts\Menu Démarrer\Programmes\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.

Modifié le 26 septembre 2010 par mamoussa

[nardino]

Bonjour

 

Lance ZHPFix de Nicolas Coolman comme indiqué ici.

Coche cette ligne :

S3 o1394bul;o1394bul; \??\C:\DOCUME~1\K_ROEL~1\LOCALS~1\Temp\o1394bul.sys []

Clique sur Nettoyer.

 

Désinstalle AVG Anti-Spyware 7.5 qui n'est plus maintenu depuis plusierus années.

Il est intégré à l'antivirus maintenant.

Le tien en intègre un aussi.

 

@+

[mamoussa]

Merci de ta réponse

J'ai supprimé AVG

Je ne comprend pas comment installer/utiliser l'outil proposé (... je parais stupide mais je suis allé sur la page et ... rien)

 

Quel antivirus me conseillerais-tu ? G-data semble correct, qu'en penses-tu ?

[nardino]

Bonsoir,

 

ZHPFix est accessible par une icône sur le bureau ou bien par celle qui apparait dans ZHPDiag.

Mais effectivement ce n'est pas ce programme que tu as utilisé mais RSIT de random/random.

Supprimes manuellement ce fichier :

C:\Documents and Settings\k_roelandts\Local Settings\Temp\o1394bul.sys

Et vide la corbeille.

Donne -moi des nouvelles ensuite.

@+

Modifié le 26 septembre 2010 par nardino

[mamoussa]

Bonsoir

 

Manip effectuée. Ca a l'air d'aller, tu as besoin d'un nouveau rapport RSIT MBAM ?

[nardino]

Bonsoir,

Oui refais les deux rapports pour être certain.

Mais tu viens de passer à travers une belle cata.

@+

[mamoussa]

Bonsoir,

 

le rapport MBAM :

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4698

 

Windows 5.1.2600 Service Pack 2

Internet Explorer 6.0.2900.2180

 

28/09/2010 16:36:22

mbam-log-2010-09-28 (16-36-22).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 172945

Temps écoulé: 16 minute(s), 17 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

 

************************************************************************************************************************************************************************************

Le rapport RSIT :

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by k_roelandts at 2010-09-28 16:37:22

Microsoft Windows XP Professionnel Service Pack 2

System drive C: has 15 GB (8%) free of 191 GB

Total RAM: 1022 MB (38% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:37:28, on 28/09/2010

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe

C:\WINDOWS\system32\lxedcoms.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files\Lexmark S600 Series\lxedmon.exe

C:\Program Files\Lexmark S600 Series\ezprint.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE

C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Logitech\LWS\LU\LULnchr.exe

C:\Program Files\Logitech\LWS\LU\LogitechUpdate.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\k_roelandts\Bureau\RSIT.exe

C:\Program Files\trend micro\k_roelandts.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll

O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM\..\Run: [lxedmon.exe] "C:\Program Files\Lexmark S600 Series\lxedmon.exe"

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark S600 Series\ezprint.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE

O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\Ereg\eReg.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm

O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm

O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe

O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe

O23 - Service: lxedCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxedserv.exe

O23 - Service: lxed_device - - C:\WINDOWS\system32\lxedcoms.exe

O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe

O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe

O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe

O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe

O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

 

--

End of file - 10350 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]

Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-06-02 1082880]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]

DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-10-06 110652]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]

FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2C5E510-BE6D-42CC-9F61-E4F939078474}]

Lexmark - C:\Program Files\Lexmark Printable Web\bho.dll [2008-05-22 180224]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-02-16 7557120]

"nwiz"=nwiz.exe /installquiet []

"NDSTray.exe"=NDSTray.exe []

"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-01-11 600896]

"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2008-01-11 59392]

"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]

"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]

"lxedmon.exe"=C:\Program Files\Lexmark S600 Series\lxedmon.exe [2010-01-18 770728]

"EzPrint"=C:\Program Files\Lexmark S600 Series\ezprint.exe [2010-01-18 139944]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]

C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe /minimized []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP]

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-03 486856]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]

C:\WINDOWS\system32\CHDAudPropShortcut.exe [2005-12-29 61952]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]

C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE REBOOT []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2010-02-15 141608]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

C:\Program Files\Skype\Phone\Skype.exe [2009-06-02 24264488]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager]

C:\WINDOWS\system32\WDBtnMgr.exe [2007-05-22 339968]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Monitor.lnk]

C:\PROGRA~1\TOSHIBA\BLUETO~2\BtMon2.exe [2004-11-10 65536]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]

C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WD Backup Monitor.lnk]

C:\PROGRA~1\MYBOOK~1\WDBACK~1\UBBMON~1.EXE [2006-01-22 98304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^k_roelandts^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]

C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"SPBBCSvc"=3

"SNDSrvc"=3

"ccSetMgr"=2

"ccProxy"=2

"ccISPwdSvc"=3

"ccEvtMgr"=2

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

 

C:\Documents and Settings\k_roelandts\Menu Démarrer\Programmes\Démarrage

Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE

Logitech . Enregistrement du produit.lnk - C:\Program Files\Logitech\Ereg\eReg.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2005-11-04 135168]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-10 240128]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=36

"NoDriveAutoRun"=0xFFFFFFFF

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=67108863

"NoDriveTypeAutoRun"=255

"HonorAutoRunSetting"=1

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\games\Webtarot\webtarot.exe"="C:\Program Files\games\Webtarot\webtarot.exe:*:Enabled:WebTarot"

"C:\Program Files\games\need for speed\nfsc.exe"="C:\Program Files\games\need for speed\nfsc.exe:*:Disabled:nfsc"

"C:\Program Files\games\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\games\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"

"C:\Program Files\games\dawn of war\W40k.exe"="C:\Program Files\games\dawn of war\W40k.exe:*:Disabled:W40K"

"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"

"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"

"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMuleMorphXT"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)"

"C:\Program Files\Skype\pamela vid recorder\Pamela\Pamela.exe"="C:\Program Files\Skype\pamela vid recorder\Pamela\Pamela.exe:*:Enabled:Pamela for Skype"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary"

"C:\Program Files\QuickTime\QuickTimePlayer.exe"="C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player"

"C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify"

"C:\WINDOWS\system32\lxedcoms.exe"="C:\WINDOWS\system32\lxedcoms.exe:*:Enabled:Lexmark Communications System"

"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe"="C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

======List of files/folders created in the last 1 months======

 

2010-09-26 19:20:43 ----A---- C:\WINDOWS\system32\drivers\glowhfj.sys

2010-09-26 16:32:10 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Malwarebytes

2010-09-26 16:31:52 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2010-09-26 16:31:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-09-26 16:31:51 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2010-09-26 16:31:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2010-09-26 15:52:23 ----ASH---- C:\hiberfil.sys

2010-09-26 15:13:24 ----D---- C:\Program Files\trend micro

2010-09-26 15:13:16 ----D---- C:\rsit

2010-09-26 14:37:40 ----D---- C:\WINDOWS\BDOSCAN8

2010-09-26 14:34:39 ----SHD---- C:\Config.Msi

2010-09-25 17:20:32 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Dev-Cpp

2010-09-25 17:20:00 ----D---- C:\Dev-Cpp

2010-09-25 17:18:28 ----D---- C:\Program Files\Dev Cpp

2010-09-24 12:27:40 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys

2010-09-24 12:27:40 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys

2010-09-24 12:27:39 ----N---- C:\WINDOWS\system32\pxsfs.dll

2010-09-24 12:27:39 ----N---- C:\WINDOWS\system32\pxafs.dll

2010-09-24 12:25:13 ----D---- C:\Documents and Settings\All Users\Application Data\DivX

2010-09-22 19:44:55 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys

2010-09-22 19:17:15 ----A---- C:\WINDOWS\system32\lxedvs.dll

2010-09-22 19:17:09 ----A---- C:\WINDOWS\system32\lxedcoin.dll

2010-09-22 19:16:55 ----A---- C:\WINDOWS\system32\lxk_gf.dll

2010-09-22 19:16:54 ----A---- C:\WINDOWS\system32\lxedgcfg.dll

2010-09-22 19:16:52 ----A---- C:\WINDOWS\system32\lxedcuir.dll

2010-09-22 19:16:52 ----A---- C:\WINDOWS\system32\lxedcui.dll

2010-09-22 19:16:35 ----A---- C:\WINDOWS\system32\wiafbdrv.dll

2010-09-22 19:15:14 ----D---- C:\Program Files\Abbyy FineReader 6.0 Sprint

2010-09-22 19:14:33 ----A---- C:\WINDOWS\system32\LXEDwupd.exe

2010-09-22 19:14:33 ----A---- C:\WINDOWS\system32\LXEDwupd.dll

2010-09-22 19:11:59 ----D---- C:\Program Files\Lexmark Toolbar

2010-09-22 19:11:50 ----D---- C:\Program Files\Lexmark Fax Solutions

2010-09-22 19:11:48 ----D---- C:\Program Files\Lexmark Printable Web

2010-09-22 19:11:30 ----AH---- C:\WINDOWS\system32\lxedrwrd.ini

2010-09-22 19:11:30 ----A---- C:\WINDOWS\system32\NativeCall.dll

2010-09-22 19:11:29 ----D---- C:\Program Files\Lexmark

2010-09-22 19:11:17 ----A---- C:\WINDOWS\system32\LXEDinst.dll

2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxedusb1.dll

2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxedinpa.dll

2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxediesc.dll

2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\LXEDhcp.dll

2010-09-22 19:11:15 ----A---- C:\WINDOWS\system32\lxedserv.dll

2010-09-22 19:11:15 ----A---- C:\WINDOWS\system32\lxedpmui.dll

2010-09-22 19:11:14 ----A---- C:\WINDOWS\system32\lxedlmpm.dll

2010-09-22 19:11:14 ----A---- C:\WINDOWS\system32\lxedjswr.dll

2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedinsr.dll

2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedinsb.dll

2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedins.dll

2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedih.exe

2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedhbn3.dll

2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedgrd.dll

2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedcur.dll

2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedcub.dll

2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcu.dll

2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcoms.exe

2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcomm.dll

2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcomc.dll

2010-09-22 19:11:10 ----A---- C:\WINDOWS\system32\lxedcfg.exe

2010-09-22 19:11:10 ----A---- C:\WINDOWS\system32\LXEDcfg.dll

2010-09-22 19:10:18 ----D---- C:\Program Files\Lexmark S600 Series

2010-09-22 19:10:17 ----A---- C:\WINDOWS\system32\LXEDsmr.dll

2010-09-22 19:10:17 ----A---- C:\WINDOWS\system32\LXEDsm.dll

2010-09-22 12:40:59 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Leadertech

2010-09-22 12:38:45 ----D---- C:\WINDOWS\system32\logishrd

2010-09-22 12:38:03 ----D---- C:\Program Files\Fichiers communs\LWS

2010-09-22 12:37:06 ----D---- C:\Program Files\Fichiers communs\LogiShrd

2010-09-21 12:11:40 ----D---- C:\Program Files\Citrix

 

======List of files/folders modified in the last 1 months======

 

2010-09-28 16:24:18 ----D---- C:\Documents and Settings\k_roelandts\Application Data\vlc

2010-09-27 21:45:45 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Skype

2010-09-27 20:38:35 ----D---- C:\WINDOWS\Prefetch

2010-09-27 18:48:47 ----D---- C:\Documents and Settings\k_roelandts\Application Data\skypePM

2010-09-26 19:21:58 ----D---- C:\Program Files\AVG Anti-Spyware 7.5

2010-09-26 19:21:57 ----D---- C:\WINDOWS\system32\drivers

2010-09-26 16:52:25 ----D---- C:\WINDOWS\TEMP

2010-09-26 16:52:08 ----D---- C:\WINDOWS\Registration

2010-09-26 16:52:05 ----D---- C:\WINDOWS

2010-09-26 16:50:55 ----RSD---- C:\WINDOWS\Fonts

2010-09-26 16:50:12 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-09-26 16:31:51 ----D---- C:\Program Files

2010-09-26 15:57:17 ----D---- C:\WINDOWS\system32

2010-09-26 15:57:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-09-26 15:54:01 ----RASH---- C:\boot.ini

2010-09-26 15:54:01 ----A---- C:\WINDOWS\win.ini

2010-09-26 15:54:01 ----A---- C:\WINDOWS\system.ini

2010-09-26 15:44:50 ----AC---- C:\WINDOWS\ntbtlog.txt

2010-09-26 14:37:44 ----SD---- C:\WINDOWS\Downloaded Program Files

2010-09-26 14:37:40 ----HD---- C:\WINDOWS\inf

2010-09-26 14:37:38 ----D---- C:\WINDOWS\system32\CatRoot2

2010-09-26 14:35:42 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Pamela

2010-09-26 14:34:49 ----SHD---- C:\WINDOWS\Installer

2010-09-24 12:29:26 ----D---- C:\Program Files\Fichiers communs\DivX Shared

2010-09-24 12:29:26 ----D---- C:\Program Files\DivX

2010-09-23 19:35:54 ----D---- C:\Program Files\Mozilla Firefox

2010-09-22 19:45:01 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-09-22 19:16:41 ----D---- C:\WINDOWS\twain_32

2010-09-22 12:40:58 ----D---- C:\Program Files\Logitech

2010-09-22 12:38:19 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech

2010-09-22 12:38:03 ----D---- C:\Program Files\Fichiers communs

2010-09-22 12:37:45 ----D---- C:\Program Files\Common Files

2010-09-21 13:05:05 ----D---- C:\Program Files\Mozilla Thunderbird

2010-09-16 03:00:26 ----A---- C:\WINDOWS\system32\MRT.exe

2010-09-08 22:59:45 ----D---- C:\Program Files\JDownloader

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2005-09-12 89264]

R0 ohci1394;Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface); C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-10 61056]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]

R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]

R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]

R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-01-03 715248]

R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]

R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40320]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]

R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-12-25 21275]

R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-10-06 25628]

R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-10-06 2496]

R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-10-06 86524]

R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-10-06 14684]

R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-10-06 6364]

R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-10-06 87036]

R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-10-06 94332]

R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-06 12544]

R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]

R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]

R2 UacFlt;Philips Composite Class Filter Driver; C:\WINDOWS\system32\DRIVERS\uacbflt.sys [2002-06-14 21276]

R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]

R3 BoiHwsetup;Access 32bits INT15 routine; C:\WINDOWS\system32\drivers\BoiHwSetup.sys [2005-06-11 5504]

R3 CompFilter;UVCCompositeFilter; C:\WINDOWS\system32\DRIVERS\lvbusflt.sys [2010-05-14 20704]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]

R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2005-12-29 561664]

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]

R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]

R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-09 997376]

R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-09 202240]

R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]

R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2010-05-07 25824]

R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2010-05-15 276448]

R3 LVUVC;Logitech HD Webcam C510(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-02-16 3642944]

R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]

R3 qkbfiltr;Quanta HotKey Keyboard Filter Driver; C:\WINDOWS\system32\drivers\qkbfiltr.sys [2006-01-12 31872]

R3 qmofiltr;Quanta HotKey Mouse Filter Driver; C:\WINDOWS\system32\drivers\qmofiltr.sys [2005-05-05 7936]

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-10 67584]

R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 191968]

R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]

R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]

R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096]

R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-09 723712]

R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040]

R4 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\AVG Anti-Spyware 7.5\guard.sys []

R4 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys []

S0 lthbbcfh;lthbbcfh; C:\WINDOWS\System32\drivers\glowhfj.sys [2010-09-26 54016]

S1 hidfltr;HID Filter Driver; C:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 13332]

S3 a7fb188c;a7fb188c; C:\WINDOWS\system32\drivers\a7fb188c.sys []

S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800]

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]

S3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-15 179200]

S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]

S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-04 1353820]

S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]

S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824]

S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]

S3 o1394bul;o1394bul; \??\C:\DOCUME~1\K_ROEL~1\LOCALS~1\Temp\o1394bul.sys []

S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-06-30 21760]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]

S3 SMCB000;SMSC CIR HID Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\hidsmsc.sys [2006-01-17 15744]

S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]

S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 9344]

S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]

S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]

S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]

S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]

S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]

S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]

S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]

R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960]

R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]

R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]

R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648]

R2 lxed_device;lxed_device; C:\WINDOWS\system32\lxedcoms.exe [2010-01-07 598696]

R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]

R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-02-16 143426]

R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-12 66872]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]

R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]

R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]

S2 lxedCATSCustConnectService;lxedCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxedserv.exe [2010-01-07 98984]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-09-27 72704]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-02-15 545576]

S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 

-----------------EOF-----------------

 

************************************************************************************************************************************************************************************

 

 

Voila ! A propos de l'antivirus ? Que penses-tu de G-data ?

A vrai dire je n'active pas mon pare feu, et je n'ai jamais eu d'antivirus sur cet ordi, mais en 5-6 ans je n'ai eu que 2 attaques !! (Chanceux ?)

Merci a toi

 

[edit] j'ai peut être mal joué en désinstallant AVG : j'ai aussi supprimé les fichiers en quarantaine ... Mauvais choix ? : /

Modifié le 28 septembre 2010 par mamoussa

[nardino]

Bonsoir,

 

Il faut un antivirus et un pare-feu, tenir son sytème à jour et avoir un surf prudent.

GData ou un autre, aucun ne te protégera contre toutes les attaques.

 

Télécharge OTM de OldTimer

Enregistre-le sur le Bureau.

Double-clique sur OTM.exe pour lancer l'outil.

Note :

Sous Vista, clic droit sur le fichier et Exécuter en tant qu'administrateur.

Copie toutes les lignes ci-dessous en citation par CTRL+C dans le presse-papier.

 

:files

C:\WINDOWS\system32\drivers\glowhfj.sys

C:\DOCUME~1\K_ROEL~1\LOCALS~1\Temp\o1394bul.sys

 

:commands

[purity]

[emptytemp]

[EMPTYFLASH]

[zipfiles]

 

Dans OTM, place le curseur dans la la fenêtre "Paste Instructions for Items to be Moved" et tu cliques sur CTRL+V pour coller le contenu du presse-papier.

Clique sur le bouton MoveIt!, le rouge.

 

 

Ferme l'outil. Le pc va redémarrer

Poste le contenu du rapport C:\_OTM\MovedFiles\********_******.log

Les * représentent Mois/Jour/Année_Heure/Minutes/Secondes

 

@+