Votre question

[Résolu]Trojan dans mon PC (Virus Backdoor.Tidserv.I!inf)

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
21 Septembre 2010 19:00:27

Bonsoir à tous, mon pc a été infecté par le virus Backdoor.Tidserv.I!inf. J'ai Norton 360. Malgré plusieurs scans dont un en mode sans échec, Norton ne parvient pas à le supprimer. Le virus est situé dans C:\Windows\System32\drivers\pciide.sys.
Mon système d'exploitation est Windows Vista et mon navigateur est IE 8.
Pouvez vous m'aider à le supprimer ? Merci d'avance.

Autres pages sur : resolu trojan virus backdoor tidserv inf

21 Septembre 2010 22:35:51

Bonsoir,

*Télécharge RSIT (merci random/random) sur le Bureau : Ici ou
Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.
-Si HijackThis est non détecté sur ton Pc, il le téléchargera (autorise l' accès via ton pare-feu si demandé et accepte la licence).
Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi qu' info.txt qui est dans la Barre des Tâches

NB : Ces rapports sont enregistrés dans le dossier C:\rsit

A+
22 Septembre 2010 14:52:44

Bonjour Frederix

J'ai fait l'analyse
voici le log :
Logfile of random's system information tool 1.08 (written by random/random)
Run by Lionel at 2010-09-22 14:47:40
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 359 GB (60%) free of 598 GB
Total RAM: 3325 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:47:59, on 22/09/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Windows\system32\conime.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Packard Bell\FIJI\ABoard.exe
C:\Windows\vVX3000.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Packard Bell\FIJI\AOSD.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\System32\ykhad.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Users\Lionel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lionel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lionel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lionel\Desktop\RSIT.exe
C:\Program Files\trend micro\Lionel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
R3 - URLSearchHook: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSof1.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.2.0.12\IPSBHO.DLL
O2 - BHO: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSof1.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O3 - Toolbar: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
O3 - Toolbar: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSof1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [cftmon] C:\Windows\system32\ykhad.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lionel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\/\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Xforefozu] rundll32.exe "C:\Users\Lionel\AppData\Local\KBDInb.dll",Startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O4 - Global Startup: WiFi Station pour Livebox.lnk = C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.ap...
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8971.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 27437 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Extension de garantie-Lionel.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3304485622-3776006356-228958792-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3304485622-3776006356-228958792-1000UA.job
C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-3304485622-3776006356-228958792-1000.job
C:\Windows\tasks\User_Feed_Synchronization-{8C18A21F-AB66-4B65-B65B-D360A5A19B5E}.job
C:\Windows\tasks\User_Feed_Synchronization-{9248197A-5A97-4696-99F3-E6DC0CBD55F9}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-06-16 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-13 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.2.0.12\IPSBHO.DLL [2010-02-04 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]
Softonic France FF Toolbar - C:\Program Files\Softonic_France_FF\tbSof1.dll [2010-08-27 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]
Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaze.dll [2009-07-02 2215960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-06-02 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-13 394608]
{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaze.dll [2009-07-02 2215960]
{6d6b212b-2245-4898-8b16-9a11b81ff9e1} - Softonic France FF Toolbar - C:\Program Files\Softonic_France_FF\tbSof1.dll [2010-08-27 2734688]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-24 6111232]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-03 92704]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-26 30192]
"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
"ACTIVBOARD"=C:\Program Files\Packard Bell\FIJI\aboard.exe [2007-01-18 79416]
"VX3000"=C:\Windows\vVX3000.exe [2009-04-10 721936]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2009-04-10 145760]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-06-16 202256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-08-20 1164584]
"cftmon"=C:\Windows\system32\ykhad.exe [2010-09-16 349184]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-01 39408]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 []
"Google Update"=C:\Users\Lionel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\/\KiesTrayAgent.exe []
"Xforefozu"=C:\Users\Lionel\AppData\Local\KBDInb.dll [2009-04-11 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\Windows\KHALMNPR.EXE [2008-10-10 69632]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe

C:\Users\Lionel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFolderOptions"=0
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=0
"NoActiveDesktopChanges"=0
"NoSetActiveDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=149
"NoActiveDesktopChanges"=0
"NoSetActiveDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-22 14:47:44 ----D---- C:\Program Files\trend micro
2010-09-22 14:47:40 ----D---- C:\rsit
2010-09-21 18:21:14 ----D---- C:\Program Files\QuickTime
2010-09-18 19:25:24 ----ASH---- C:\hiberfil.sys
2010-09-18 16:52:47 ----A---- C:\Windows\ntbtlog.txt
2010-09-16 21:05:58 ----A---- C:\Windows\system32\ykhad.exe
2010-09-16 21:05:45 ----A---- C:\Windows\system32\winset.ini
2010-09-15 00:21:37 ----A---- C:\Windows\system32\usp10.dll
2010-09-15 00:21:37 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-15 00:21:36 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-15 00:21:34 ----A---- C:\Windows\system32\inetcomm.dll
2010-08-28 19:48:39 ----D---- C:\Program Files\Sony Media Go Install
2010-08-28 18:21:33 ----A---- C:\Windows\system32\ShellManager310E2D762.dll
2010-08-28 18:21:03 ----A---- C:\Windows\Irremote.ini
2010-08-27 18:26:57 ----RA---- C:\Windows\system32\GEARAspi.dll
2010-08-27 18:26:57 ----RA---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2010-08-27 18:26:51 ----A---- C:\Windows\system32\drivers\SYMEVENT.SYS
2010-08-27 18:26:40 ----D---- C:\Program Files\Symantec
2010-08-27 18:26:13 ----D---- C:\Windows\system32\drivers\N360
2010-08-27 18:26:07 ----D---- C:\Program Files\Norton 360
2010-08-27 18:15:41 ----D---- C:\ProgramData\PCSettings
2010-08-27 18:14:52 ----D---- C:\ProgramData\NortonInstaller
2010-08-27 18:14:52 ----D---- C:\Program Files\NortonInstaller

======List of files/folders modified in the last 1 months======

2010-09-22 14:47:56 ----D---- C:\Windows\prefetch
2010-09-22 14:47:44 ----D---- C:\Windows\Temp
2010-09-22 14:47:44 ----D---- C:\Program Files
2010-09-22 13:53:21 ----SHD---- C:\System Volume Information
2010-09-22 10:00:35 ----D---- C:\Windows\System32
2010-09-22 10:00:35 ----D---- C:\Windows\inf
2010-09-22 10:00:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-21 18:22:19 ----SHD---- C:\Windows\Installer
2010-09-21 18:21:14 ----D---- C:\ProgramData\Apple Computer
2010-09-19 14:35:14 ----D---- C:\Users\Lionel\AppData\Roaming\Google
2010-09-19 14:30:11 ----D---- C:\ProgramData\Google
2010-09-19 13:34:24 ----D---- C:\Program Files\Google
2010-09-19 13:31:31 ----D---- C:\tmp
2010-09-19 12:56:20 ----D---- C:\Users\Lionel\AppData\Roaming\LimeWire
2010-09-19 12:56:09 ----AD---- C:\Windows\system32\drivers
2010-09-18 19:47:25 ----D---- C:\Windows\system32\wbem
2010-09-18 19:47:25 ----D---- C:\Windows
2010-09-18 19:46:22 ----D---- C:\Program Files\Common Files\Skype
2010-09-18 19:46:20 ----RSD---- C:\Windows\Media
2010-09-18 19:46:20 ----D---- C:\Windows\winsxs
2010-09-18 19:46:20 ----D---- C:\Windows\twain_32
2010-09-18 19:46:20 ----D---- C:\Windows\Tasks
2010-09-18 19:46:20 ----D---- C:\Windows\system32\Tasks
2010-09-18 19:46:20 ----D---- C:\Windows\system32\spool
2010-09-18 19:46:20 ----D---- C:\Windows\system32\CodeIntegrity
2010-09-18 19:46:20 ----D---- C:\Windows\system32\catroot2
2010-09-18 19:45:59 ----RSD---- C:\Windows\Fonts
2010-09-18 19:45:58 ----RSD---- C:\Windows\assembly
2010-09-18 19:45:51 ----RD---- C:\Users
2010-09-18 19:45:49 ----D---- C:\ProgramData\Microsoft Help
2010-09-18 19:45:49 ----D---- C:\Program Files\Windows Mail
2010-09-18 19:45:48 ----D---- C:\Program Files\Picasa2
2010-09-18 19:45:48 ----D---- C:\Program Files\PC Connectivity Solution
2010-09-18 19:45:48 ----D---- C:\Program Files\OpenOffice.org 3
2010-09-18 19:45:47 ----D---- C:\Program Files\Microsoft Works
2010-09-18 19:45:41 ----D---- C:\Windows\registration
2010-09-18 19:32:57 ----D---- C:\Windows\Logs
2010-09-16 21:16:17 ----D---- C:\Windows\system32\config
2010-09-15 03:25:06 ----D---- C:\Windows\system32\catroot
2010-09-15 03:02:10 ----A---- C:\Windows\system32\mrt.exe
2010-09-14 00:31:46 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-14 00:27:37 ----SD---- C:\Users\Lionel\AppData\Roaming\Microsoft
2010-09-01 11:09:02 ----D---- C:\Users\Lionel\AppData\Roaming\Adobe
2010-08-28 19:49:23 ----D---- C:\Program Files\Common Files\Sony Shared
2010-08-28 19:19:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-28 19:17:46 ----D---- C:\Program Files\Samsung
2010-08-28 19:17:42 ----D---- C:\Program Files\Common Files\Samsung
2010-08-28 19:17:41 ----D---- C:\Users\Lionel\AppData\Roaming\Samsung
2010-08-28 19:17:41 ----D---- C:\ProgramData\Samsung
2010-08-28 19:16:34 ----D---- C:\ProgramData
2010-08-28 18:33:34 ----D---- C:\ProgramData\DivX
2010-08-28 18:32:50 ----D---- C:\Program Files\DivX
2010-08-28 18:22:46 ----A---- C:\Windows\system32\MsiExec.exe.log
2010-08-28 18:22:07 ----D---- C:\Program Files\Common Files\Nero
2010-08-28 18:22:06 ----D---- C:\ProgramData\Nero
2010-08-28 18:17:37 ----D---- C:\Program Files\Common Files
2010-08-28 18:17:13 ----D---- C:\Program Files\Reallusion
2010-08-28 18:15:51 ----D---- C:\Program Files\DVDFab 6
2010-08-28 18:15:50 ----D---- C:\Users\Lionel\AppData\Roaming\Vso
2010-08-28 18:15:50 ----A---- C:\Users\Lionel\AppData\Roaming\inst.exe
2010-08-27 19:03:09 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-08-27 18:29:31 ----D---- C:\ProgramData\Norton
2010-08-27 18:26:55 ----DC---- C:\Windows\system32\DRVSTORE
2010-08-27 18:23:54 ----D---- C:\ProgramData\Symantec

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2008-08-26 140832]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360\0402000.00C\SYMDS.SYS [2010-02-04 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-22 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100901.003\BHDrvx86.sys [2010-09-01 692272]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-26 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-08-26 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20100920.001\IDSvix86.sys [2010-06-17 344112]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\N360\0402000.00C\SRTSPX.SYS [2010-04-22 43696]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\N360\0402000.00C\SYMTDIV.SYS [2010-05-06 339504]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-11-16 50704]
R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-08-26 102448]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-24 2126688]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100921.003\NAVENG.SYS [2010-08-26 85424]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100921.003\NAVEX15.SYS [2010-08-26 1362608]
R3 netr73;Hercules Wireless USB Dongle Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2007-01-31 256000]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-09-10 1035168]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-03 7444672]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\N360\0402000.00C\SRTSP.SYS [2010-04-22 325680]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-08-27 124976]
R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-01-13 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-01-13 49160]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2008-09-26 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2008-09-26 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2008-09-26 79120]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-01-22 47360]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 100224]
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys [2009-04-10 1964816]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-01-13 29192]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2009-01-13 31240]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-01-13 14728]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2007-02-27 61984]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 nvrd32;NVIDIA nForce RAID Driver; C:\Windows\system32\drivers\nvrd32.sys [2007-09-11 123424]
S4 nvsmu;nvsmu; C:\Windows\system32\drivers\nvsmu.sys [2007-07-07 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2009-04-10 136544]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe [2010-02-26 126392]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-03 118784]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-08-17 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-10 135664]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-27 867080]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-26 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-01 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-11-07 121360]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-12-16 3453712]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Et le deuxième fichier texte :


info.txt logfile of random's system information tool 1.08 2010-09-22 14:48:02

======Uninstall list======

-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
-->MsiExec /X{85EBB283-65AF-4C53-9EBE-7C0A232762F7}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Photoshop Elements 6-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobePE6*
Adobe Premiere Elements 4.0 Templates-->msiexec /I {F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}
Adobe Premiere Elements 4.0 Templates-->MsiExec.exe /I{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}
Adobe Premiere Elements 4.0-->msiexec /I {3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}
Adobe Premiere Elements 4.0-->MsiExec.exe /I{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}
Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
Adobe Reader 9.3.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
ADSL Neuf-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NEUF_FR*
AGEIA PhysX v7.03.21-->MsiExec.exe /X{85EBB283-65AF-4C53-9EBE-7C0A232762F7}
Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live ID-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Blender (remove only)-->"C:\Program Files\Blender Foundation\Blender\uninstall.exe"
Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
Carbonite-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Carbonite*
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
CDex extraction audio-->"C:\Program Files\CDex_170b2\uninstall.exe"
Chessmaster 10ème Edition-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E9AE9A91-AB45-4321-87BD-AD34855D944F}
Combined Community Codec Pack BETA 2009-09-19-->"C:\Program Files\Combined Community Codec Pack\unins001.exe"
Configuration DivX-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
DivX Converter-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
Dofus 1.27.0-->C:\Program Files\Dofus\uninstall.exe
Dofus-->msiexec /qb /x {BCF3E8EF-5965-FDC5-6AD3-506FEE376C2B}
Dofus-->MsiExec.exe /I{BCF3E8EF-5965-FDC5-6AD3-506FEE376C2B}
Eazel-FR Toolbar-->C:\PROGRA~1\Eazel-FR\UNWISE.EXE /U C:\PROGRA~1\Eazel-FR\INSTALL.LOG
Empire Earth III-->C:\Program Files\InstallShield Installation Information\{B17E235C-7A3B-4482-B650-21FFDE1D452E}\setup.exe -runfromtemp -l0x040c -removeonly
eMule-->"C:\Program Files\eMule\Uninstall.exe"
erLT-->MsiExec.exe /I{A498D9EB-927B-459B-85D6-DD6EF8C2C564}
ffdshow v1.1.3476 [2010-06-15]-->"C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\ffdshow\unins000.exe"
FM Screen Capture Codec (Remove Only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\fmcodec.inf
FormatFactory 2.50-->C:\Program Files\FreeTime\FormatFactory\uninst.exe
FreeCompressor-->MsiExec.exe /X{8CA0170E-6E9E-43A5-AE1F-85A82820B847}
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth Plug-in-->MsiExec.exe /X{171E6C1E-B5FC-11DF-B115-005056C00008}
Google Earth-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GOOGLE_EARTH*
Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c -removeonly
Google SketchUp 8-->MsiExec.exe /X{06BF1B44-DF6B-4EC8-BE2B-825CB989DDCC}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GoogleDesktop-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleDesktop_XX*
GoogleToolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*
GTR Evolution-->"C:\Program Files\SimBin\GTR Evolution Offline\Uninstall\unins000.exe"
HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
Hercules WiFi Station for Livebox-->C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\setup.exe -runfromtemp -l0x040c -removeonly
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 8.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart.All-In-One Driver Software 8.0 .A-->C:\Program Files\HP\Digital Imaging\{282E5AB2-8E47-4571-B6FA-6B512555B557}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
Infocentre Rev. 2.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Keyboard FIJI-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *FIJI*
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
La Bataille pour la Terre du Milieu™ II-->C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\EAUninstall.exe
L'Avènement du Roi-sorcier™-->C:\Program Files\Electronic Arts\L'Avènement du Roi-sorcier\EAUninstall.exe
LimeWire 5.5.13-->"C:\Program Files\LimeWire\uninstall.exe"
Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Logitech Gaming Software 5.04-->MsiExec.exe /X{768F22DC-2D20-4F52-A9A1-5E231FB7F752}
Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l1036 -removeonly
Media Go Video Playback Engine 1.32.116.05250-->MsiExec.exe /X{DF181652-D4F9-7D64-AED8-57D31E8D0410}
Media Go-->MsiExec.exe /X{5C318BD3-BA72-43E4-9D16-A18210B4A5A5}
Metaboli-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *METABOLI*
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile FRA Language Pack-->MsiExec.exe /X{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Corporation-->MsiExec.exe /I{7B08D306-7266-4647-A926-2F78817ED1E0}
Microsoft LifeCam-->MsiExec.exe /X{1FA01817-67F4-4547-B30E-86B1B3D9AB84}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Contenus similaires
22 Septembre 2010 19:25:44

Bonjour, voilà le rapport :


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4672

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

22/09/2010 19:21:29
mbam-log-2010-09-22 (19-21-29).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 154356
Temps écoulé: 6 minute(s), 29 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\Users\Lionel\AppData\Local\KBDInb.dll (Trojan.Hiloti) -> No action taken.

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xforefozu (Trojan.Hiloti) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Lionel\AppData\Local\KBDInb.dll (Trojan.Hiloti) -> No action taken.
C:\Windows\System32\winset.ini (Malware.Trace) -> No action taken.
22 Septembre 2010 23:47:57

Bonsoir,

le rapport MBAM indique Aucune action entreprise
Refais la manip' avec et supprime tout ce qu' il trouve...

;) 

A+



23 Septembre 2010 17:14:41

Bonjour voici le nouveau log :


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4672

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

23/09/2010 17:05:24
mbam-log-2010-09-23 (17-05-24).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 154425
Temps écoulé: 5 minute(s), 14 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\Users\Lionel\AppData\Local\KBDInb.dll (Trojan.Hiloti) -> Delete on reboot.

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xforefozu (Trojan.Hiloti) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Lionel\AppData\Local\KBDInb.dll (Trojan.Hiloti) -> Delete on reboot.
C:\Windows\System32\winset.ini (Malware.Trace) -> Quarantined and deleted successfully.
24 Septembre 2010 07:42:28

Bonjour,

télécharge UsbFix (merci El Desaparecido) : Ici

# Connecte tous tes périphériques externes (clé Usb, disque dur...), sans les ouvrir
# Double-clique sur le raccourci présent sur le Bureau
# Choisis l' option 1 (Recherche) et laisse-le travailler
# Poste le rapport (également sauvegardé à la racine de C)

process.exe est détecté par certains antivirus (AntiVir, Dr. Web, Kaspersky Anti-Virus...) comme étant un RiskTool. Il ne s' agit pas d' un virus, mais d' un utilitaire destiné à mettre fin des processus. Mis entre de mauvaises mains il pourrait arrêter des logiciels de sécurité (antivirus, firewall...), d' où l' alerte émise.

A+
24 Septembre 2010 18:20:24

Bonjour,

Voici le rapport de UsbFix :


############################## | UsbFix 7.025 | [Recherche]

Utilisateur: Lionel (Administrateur) # PC-DE-LIONEL [PACKARD BELL BV IMEDIA X2802]
Mis à jour le 15/09/10 par El Desaparecido / C_XX
Lancé à 18:16:01 | 24/09/2010
Site Web: http://www.teamxscript.org
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
CPU 2: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18943

Pare-feu Windows: Désactivé /!\
RAM -> 3325 Mo
C:\ (%systemdrive%) -> Disque fixe # 584 Go (343 Go libre(s) - 59%) [HDD] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque fixe # 931 Go (707 Go libre(s) - 76%) [My Book] # NTFS

################## | Éléments infectieux |


Présent! E:\Autorun.inf
Présent! C:\tmp

################## | Registre |

Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFolderOptions

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{271a72d7-482d-11df-821b-002268045c32}
Shell\AutoRun\Command = M:\PMBP_Win.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{844a3fb7-5e07-11df-84d3-002268045c32}
Shell\AutoRun\Command = ISTINE///mnekada.exe
Shell\open\Command = ISTINE///mnekada.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{dde85e2f-6b0c-11df-b3be-002268045c32}
Shell\AutoRun\Command = J:\installer.exe
Shell\verb\Command = J:\installer.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{fe80e5da-e7cf-11de-9564-002268045c32}
Shell\AutoRun\Command = "E:\WD SmartWare.exe" autoplay=true


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |
24 Septembre 2010 23:43:25

Bonsoir,

# Connecte tous tes périphériques externes, sans les ouvrir
# Double-clique sur le raccourci d' UsbFix
# Choisis l' option 2 (Suppression)
# Ton bureau va disparaître et le pc redémarrer
# Laisse-le travailler
# Poste le rapport

A+
25 Septembre 2010 10:53:57

Bonjour,

Voici le rapport après suppression :


############################## | UsbFix 7.025 | [Suppression]

Utilisateur: Lionel (Administrateur) # PC-DE-LIONEL [PACKARD BELL BV IMEDIA X2802]
Mis à jour le 15/09/10 par El Desaparecido / C_XX
Lancé à 10:42:04 | 25/09/2010
Site Web: http://www.teamxscript.org
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
CPU 2: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18943

Pare-feu Windows: Désactivé /!\
RAM -> 3325 Mo
C:\ (%systemdrive%) -> Disque fixe # 584 Go (350 Go libre(s) - 60%) [HDD] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque fixe # 931 Go (707 Go libre(s) - 76%) [My Book] # NTFS

################## | Éléments infectieux |


Non supprimé ! E:\Autorun.inf
Supprimé! C:\tmp

################## | Registre |

Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFolderOptions

################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{271a72d7-482d-11df-821b-002268045c32}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{844a3fb7-5e07-11df-84d3-002268045c32}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{dde85e2f-6b0c-11df-b3be-002268045c32}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{fe80e5da-e7cf-11de-9564-002268045c32}

################## | Listing |

[14/10/2009 - 18:53:30 | SHD ] C:\$Recycle.Bin
[19/08/2010 - 19:05:21 | A | 2006] C:\aqua_bitmap.cpp
[18/09/2006 - 23:43:36 | A | 24] C:\autoexec.bat
[03/06/2009 - 14:31:17 | ASHD ] C:\boot
[11/04/2009 - 08:36:36 | RASH | 333257] C:\bootmgr
[29/05/2009 - 00:25:17 | RAS | 8192] C:\BOOTSECT.BAK
[18/09/2006 - 23:43:37 | A | 10] C:\config.sys
[28/08/2010 - 19:49:53 | A | 1212] C:\debug.log
[20/11/2009 - 19:12:13 | D ] C:\divx
[02/11/2006 - 15:02:03 | SHD ] C:\Documents and Settings
[28/06/2010 - 09:49:39 | D ] C:\Downloads
[29/05/2009 - 00:20:41 | D ] C:\drivers
[23/09/2010 - 17:07:43 | ASH | 3487780864] C:\hiberfil.sys
[04/03/2010 - 19:31:15 | A | 230424] C:\img2-001.raw
[28/05/2009 - 15:15:48 | RHD ] C:\MSOCache
[23/09/2010 - 17:07:42 | ASH | 3801432064] C:\pagefile.sys
[29/05/2010 - 12:39:19 | D ] C:\PerfLogs
[17/05/2008 - 16:04:42 | D ] C:\Pokédex Offline 2.0.3 avec images
[22/09/2010 - 17:48:12 | D ] C:\Program Files
[22/09/2010 - 17:48:13 | D ] C:\ProgramData
[14/01/2010 - 20:08:12 | D ] C:\Python26
[22/09/2010 - 14:48:02 | D ] C:\rsit
[24/09/2010 - 20:32:33 | SHD ] C:\System Volume Information
[05/10/2009 - 07:08:57 | A | 909] C:\updatedatfix.log
[25/09/2010 - 10:46:15 | D ] C:\UsbFix
[25/09/2010 - 10:42:13 | A | 2951] C:\UsbFix.txt
[18/09/2010 - 19:45:51 | RD ] C:\Users
[18/09/2010 - 19:47:25 | D ] C:\Windows
[18/06/2009 - 23:12:18 | A | 88] E:\autorun.inf
[19/08/2009 - 02:51:48 | AD ] E:\Extras
[17/08/2009 - 19:51:08 | A | 3669504] E:\Unlock.exe
[18/08/2009 - 01:32:18 | AD ] E:\User Manuals
[18/08/2009 - 01:34:40 | AD ] E:\WD SmartWare
[17/08/2009 - 19:53:00 | A | 2770432] E:\WD SmartWare.exe
[18/06/2009 - 19:06:22 | A | 695] E:\What is this.html
[13/12/2009 - 21:36:11 | SHD ] F:\$RECYCLE.BIN
[23/09/2010 - 17:09:26 | SHD ] F:\System Volume Information
[13/12/2009 - 16:12:22 | SD ] F:\WD_SmartWare

################## | Vaccin |

C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-LIONEL.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Merci de votre contribution.

################## | E.O.F |

P.S.: J'ai envoyé l'upload en .zip sur le site d'UsbFix
25 Septembre 2010 14:22:42

Bonjour,

voici le rapport de bitdefender :

BitDefender Online Scanner





Rapport d'analyse g�n�r� �: Sat, Sep 25, 2010 - 14:10:31







Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;I:\;K:\;











Statistiques

Temps

00:33:05

Fichiers

165640

Directoires

38648

Secteurs de boot

0

Archives

2220

Paquets programmes

15364





R�sultats

Virus identifi�s

1

Fichiers infect�s

1

Fichiers suspects

0

Avertissements

0

D�sinfect�s

0

Fichiers effac�s

0





Info sur les moteurs

D�finition virus

6461169

Version des moteurs

AVCORE v2.1 Windows/i386 11.0.0.33 (Jun 18 2010)

Analyse des plugins

18

Archive des plugins

44

Unpack des plugins

10

E-mail plugins

6

Syst�me plugins

4





Param�tres d'analyse

Premi�re action

Désinfecté

Seconde Action

Supprimés

Heuristique

Oui

Acceptez les avertissements

Oui

Extensions analys�es

exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions



Analyse d'emails

Oui

Analyse des Archives

Oui

Analyser paquets programmes

Oui

Analyse des fichiers

Oui

Analyse de boot

Oui






Fichier analys�

Statut

C:\Windows\System32\drivers\pciide.sys

Infecté par: Rootkit.Patched.TDSS.Gen

C:\Windows\System32\drivers\pciide.sys

Echec de la désinfection

C:\Windows\System32\drivers\pciide.sys

Echec de la suppression















25 Septembre 2010 14:47:37

Re,

télécharge TDSSKiller depuis ce lien : Ici

- Extrais de l' archive téléchargée le fichier TDSSKiller.exe et place-le sur le Bureau
- Fais un double-clic dessus pour le lancer

L' écran s' affiche :


- Clique sur Start scan pour lancer l' analyse
- Lorsque l' outil a terminé son travail et que
des nuisibles auront été trouvés,
vérifie que l' option est sélectionnée
puis clique sur les boutons et
- Poste le rapport (contenu du fichier SystemDrive\TDSSKiller.Version_Date_Heure_log.txt)

Ps : Merci nickW
25 Septembre 2010 15:17:53

Bonjour,

Voici le rapport de TDSSKiller :


2010/09/25 15:08:53.0881 TDSS rootkit removing tool 2.4.2.1 Sep 7 2010 14:43:44
2010/09/25 15:08:53.0881 ================================================================================
2010/09/25 15:08:53.0881 SystemInfo:
2010/09/25 15:08:53.0881
2010/09/25 15:08:53.0881 OS Version: 6.0.6002 ServicePack: 2.0
2010/09/25 15:08:53.0881 Product type: Workstation
2010/09/25 15:08:53.0881 ComputerName: PC-DE-LIONEL
2010/09/25 15:08:53.0881 UserName: Lionel
2010/09/25 15:08:53.0881 Windows directory: C:\Windows
2010/09/25 15:08:53.0881 System windows directory: C:\Windows
2010/09/25 15:08:53.0881 Processor architecture: Intel x86
2010/09/25 15:08:53.0881 Number of processors: 4
2010/09/25 15:08:53.0881 Page size: 0x1000
2010/09/25 15:08:53.0881 Boot type: Normal boot
2010/09/25 15:08:53.0881 ================================================================================
2010/09/25 15:08:54.0333 Initialize success
2010/09/25 15:09:07.0531 ================================================================================
2010/09/25 15:09:07.0531 Scan started
2010/09/25 15:09:07.0531 Mode: Manual;
2010/09/25 15:09:07.0531 ================================================================================
2010/09/25 15:09:08.0280 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2010/09/25 15:09:08.0327 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2010/09/25 15:09:08.0389 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2010/09/25 15:09:08.0451 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2010/09/25 15:09:08.0467 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2010/09/25 15:09:08.0545 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2010/09/25 15:09:08.0607 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2010/09/25 15:09:08.0857 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/09/25 15:09:08.0888 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2010/09/25 15:09:08.0919 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2010/09/25 15:09:08.0951 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2010/09/25 15:09:08.0966 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2010/09/25 15:09:08.0997 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2010/09/25 15:09:09.0029 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2010/09/25 15:09:09.0044 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2010/09/25 15:09:09.0075 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/09/25 15:09:09.0138 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2010/09/25 15:09:09.0169 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/09/25 15:09:09.0356 BHDrvx86 (5138da8715da5f9823b753b6cb36a9a9) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100901.003\BHDrvx86.sys
2010/09/25 15:09:09.0481 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2010/09/25 15:09:09.0497 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/09/25 15:09:09.0543 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/09/25 15:09:09.0559 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/09/25 15:09:09.0590 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/09/25 15:09:09.0621 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/09/25 15:09:09.0637 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/09/25 15:09:09.0653 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/09/25 15:09:09.0684 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/09/25 15:09:09.0746 ccHP (e941e709847fa00e0dd6d58d2b8fb5e1) C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys
2010/09/25 15:09:09.0824 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/09/25 15:09:09.0855 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2010/09/25 15:09:09.0902 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2010/09/25 15:09:09.0933 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2010/09/25 15:09:09.0980 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2010/09/25 15:09:09.0996 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2010/09/25 15:09:10.0027 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2010/09/25 15:09:10.0043 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2010/09/25 15:09:10.0136 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2010/09/25 15:09:10.0214 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2010/09/25 15:09:10.0277 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
2010/09/25 15:09:10.0323 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2010/09/25 15:09:10.0370 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
2010/09/25 15:09:10.0448 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/09/25 15:09:10.0526 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2010/09/25 15:09:10.0589 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/09/25 15:09:10.0651 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2010/09/25 15:09:10.0745 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2010/09/25 15:09:10.0838 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2010/09/25 15:09:10.0869 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2010/09/25 15:09:10.0932 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2010/09/25 15:09:10.0994 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2010/09/25 15:09:11.0041 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2010/09/25 15:09:11.0088 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2010/09/25 15:09:11.0150 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/09/25 15:09:11.0166 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/09/25 15:09:11.0197 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/09/25 15:09:11.0228 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2010/09/25 15:09:11.0275 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\Windows\system32\FsUsbExDisk.SYS
2010/09/25 15:09:11.0322 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/09/25 15:09:11.0353 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2010/09/25 15:09:11.0384 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/09/25 15:09:11.0525 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/09/25 15:09:11.0587 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/09/25 15:09:11.0618 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/09/25 15:09:11.0774 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2010/09/25 15:09:11.0821 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2010/09/25 15:09:11.0883 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2010/09/25 15:09:11.0946 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2010/09/25 15:09:12.0008 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/09/25 15:09:12.0039 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2010/09/25 15:09:12.0211 IDSVix86 (2edd3504457691a10328079da011d0b8) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20100924.001\IDSvix86.sys
2010/09/25 15:09:12.0289 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/09/25 15:09:12.0367 IntcAzAudAddService (2deb2538c9372568bb67b5fdf2359790) C:\Windows\system32\drivers\RTKVHDA.sys
2010/09/25 15:09:12.0445 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2010/09/25 15:09:12.0476 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2010/09/25 15:09:12.0507 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/09/25 15:09:12.0554 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2010/09/25 15:09:12.0585 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/09/25 15:09:12.0617 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/09/25 15:09:12.0632 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2010/09/25 15:09:12.0679 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/09/25 15:09:12.0710 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/09/25 15:09:12.0757 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/09/25 15:09:12.0773 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/09/25 15:09:12.0835 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/09/25 15:09:12.0975 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2010/09/25 15:09:13.0022 L8042Kbd (dc61f15187372d164769c841655e58f3) C:\Windows\system32\DRIVERS\L8042Kbd.sys
2010/09/25 15:09:13.0069 L8042mou (cb6e007d3a67cb80ee9df2afd4b0fc9d) C:\Windows\system32\DRIVERS\L8042mou.Sys
2010/09/25 15:09:13.0131 LHidFilt (dd83dc92463fce6324fd30a13d17d0da) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2010/09/25 15:09:13.0194 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/09/25 15:09:13.0225 LMouFilt (8fe0008e183ff0293a925b78a5581c5f) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2010/09/25 15:09:13.0272 LMouKE (58597a99792461e89bb5c44e17508d70) C:\Windows\system32\DRIVERS\LMouKE.Sys
2010/09/25 15:09:13.0303 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2010/09/25 15:09:13.0334 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2010/09/25 15:09:13.0350 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2010/09/25 15:09:13.0381 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/09/25 15:09:13.0412 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2010/09/25 15:09:13.0443 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2010/09/25 15:09:13.0490 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/09/25 15:09:13.0521 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/09/25 15:09:13.0553 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/09/25 15:09:13.0568 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2010/09/25 15:09:13.0599 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/09/25 15:09:13.0646 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2010/09/25 15:09:13.0677 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/09/25 15:09:13.0709 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/09/25 15:09:13.0724 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2010/09/25 15:09:13.0755 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/09/25 15:09:13.0787 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/09/25 15:09:13.0818 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/09/25 15:09:13.0833 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2010/09/25 15:09:13.0880 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2010/09/25 15:09:13.0911 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/09/25 15:09:13.0958 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/09/25 15:09:13.0989 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/09/25 15:09:14.0036 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/09/25 15:09:14.0052 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/09/25 15:09:14.0083 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2010/09/25 15:09:14.0114 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/09/25 15:09:14.0145 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/09/25 15:09:14.0161 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2010/09/25 15:09:14.0223 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2010/09/25 15:09:14.0411 NAVENG (0953bb24c1e70a99c315f44f15993c17) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100924.040\NAVENG.SYS
2010/09/25 15:09:14.0785 NAVEX15 (3ddb0bef60b65df6b110c23e17cd67dc) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100924.040\NAVEX15.SYS
2010/09/25 15:09:14.0925 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2010/09/25 15:09:14.0957 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/09/25 15:09:14.0988 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/09/25 15:09:15.0019 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/09/25 15:09:15.0066 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/09/25 15:09:15.0113 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/09/25 15:09:15.0144 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2010/09/25 15:09:15.0222 netr73 (757f999aa72b55780ee810d4cd1bdd47) C:\Windows\system32\DRIVERS\netr73.sys
2010/09/25 15:09:15.0284 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/09/25 15:09:15.0331 npf (b9730495e0cf674680121e34bd95a73b) C:\Windows\system32\drivers\npf.sys
2010/09/25 15:09:15.0378 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2010/09/25 15:09:15.0425 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/09/25 15:09:15.0487 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2010/09/25 15:09:15.0518 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/09/25 15:09:15.0549 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/09/25 15:09:15.0596 NVENETFD (b896fb556b4dc1e1d2943559ea79c5c5) C:\Windows\system32\DRIVERS\nvmfdx32.sys
2010/09/25 15:09:15.0752 nvlddmkm (0a19680ca54d262534f8a2f4cf79e271) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/09/25 15:09:15.0908 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2010/09/25 15:09:15.0939 nvrd32 (f2abab0c99237ce4e97478af2e0438a0) C:\Windows\system32\drivers\nvrd32.sys
2010/09/25 15:09:15.0986 nvsmu (7ec12a73067baca25a8e3e2a58ae83d8) C:\Windows\system32\drivers\nvsmu.sys
2010/09/25 15:09:16.0033 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2010/09/25 15:09:16.0095 nvstor32 (3fce358f5845ccbaa2e877cc74a5c729) C:\Windows\system32\drivers\nvstor32.sys
2010/09/25 15:09:16.0111 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2010/09/25 15:09:16.0189 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/09/25 15:09:16.0251 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/09/25 15:09:16.0298 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2010/09/25 15:09:16.0314 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/09/25 15:09:16.0361 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2010/09/25 15:09:16.0392 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2010/09/25 15:09:16.0423 pciide (588e4efbc03695a9e5d753dcd579bf66) C:\Windows\system32\drivers\pciide.sys
2010/09/25 15:09:16.0423 Suspicious file (NoAccess): C:\Windows\system32\drivers\pciide.sys. md5: 588e4efbc03695a9e5d753dcd579bf66
2010/09/25 15:09:16.0439 pciide - detected Rootkit.Win32.TDSS.tdl3 (0)
2010/09/25 15:09:16.0454 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/09/25 15:09:16.0485 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2010/09/25 15:09:16.0548 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/09/25 15:09:16.0657 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/09/25 15:09:16.0719 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2010/09/25 15:09:16.0829 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2010/09/25 15:09:16.0860 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
2010/09/25 15:09:16.0907 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2010/09/25 15:09:16.0938 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/09/25 15:09:16.0969 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/09/25 15:09:16.0985 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/09/25 15:09:17.0016 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/09/25 15:09:17.0047 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/09/25 15:09:17.0094 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2010/09/25 15:09:17.0141 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2010/09/25 15:09:17.0172 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/09/25 15:09:17.0203 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2010/09/25 15:09:17.0219 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/09/25 15:09:17.0265 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2010/09/25 15:09:17.0297 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/09/25 15:09:17.0328 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/09/25 15:09:17.0390 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/09/25 15:09:17.0421 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/09/25 15:09:17.0468 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/09/25 15:09:17.0499 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/09/25 15:09:17.0546 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2010/09/25 15:09:17.0577 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2010/09/25 15:09:17.0593 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2010/09/25 15:09:17.0624 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/09/25 15:09:17.0655 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2010/09/25 15:09:17.0671 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2010/09/25 15:09:17.0718 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2010/09/25 15:09:17.0765 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2010/09/25 15:09:17.0827 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/09/25 15:09:17.0952 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS
2010/09/25 15:09:18.0014 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS
2010/09/25 15:09:18.0077 srv (96a5e2c642af8f591a7366429809506b) C:\Windows\system32\DRIVERS\srv.sys
2010/09/25 15:09:18.0139 srv2 (71da2d64880c97e5ffc3c81761632751) C:\Windows\system32\DRIVERS\srv2.sys
2010/09/25 15:09:18.0170 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
2010/09/25 15:09:18.0217 ss_bbus (3f0164fbc0bd1adbd02df9759181451a) C:\Windows\system32\DRIVERS\ss_bbus.sys
2010/09/25 15:09:18.0279 ss_bmdfl (b89d62206034e5fe573c80a24dd55675) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
2010/09/25 15:09:18.0342 ss_bmdm (1ed0fcea586fe2a416ee15196e5631dd) C:\Windows\system32\DRIVERS\ss_bmdm.sys
2010/09/25 15:09:18.0389 ss_bserd (994d2e5378cc337ec7dd73c1e04fcaa4) C:\Windows\system32\DRIVERS\ss_bserd.sys
2010/09/25 15:09:18.0451 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/09/25 15:09:18.0482 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/09/25 15:09:18.0513 SymDS (56890bf9d9204b93042089d4b45ae671) C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS
2010/09/25 15:09:18.0560 SymEFA (1c91df5188150510a6f0cf78f7d94b69) C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS
2010/09/25 15:09:18.0623 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\Windows\system32\Drivers\SYMEVENT.SYS
2010/09/25 15:09:18.0669 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS
2010/09/25 15:09:18.0732 SYMTDIv (bf610335eda8d9026e45b4ac73d0de58) C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS
2010/09/25 15:09:18.0779 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/09/25 15:09:18.0810 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/09/25 15:09:18.0872 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2010/09/25 15:09:18.0919 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2010/09/25 15:09:18.0997 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2010/09/25 15:09:19.0044 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/09/25 15:09:19.0059 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/09/25 15:09:19.0091 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2010/09/25 15:09:19.0122 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2010/09/25 15:09:19.0215 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/09/25 15:09:19.0262 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2010/09/25 15:09:19.0325 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2010/09/25 15:09:19.0371 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2010/09/25 15:09:19.0403 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2010/09/25 15:09:19.0434 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2010/09/25 15:09:19.0465 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/09/25 15:09:19.0496 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/09/25 15:09:19.0527 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/09/25 15:09:19.0559 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2010/09/25 15:09:19.0605 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/09/25 15:09:19.0652 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/09/25 15:09:19.0683 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2010/09/25 15:09:19.0746 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2010/09/25 15:09:19.0761 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2010/09/25 15:09:19.0824 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2010/09/25 15:09:19.0871 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2010/09/25 15:09:19.0886 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/09/25 15:09:19.0917 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/09/25 15:09:19.0964 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/09/25 15:09:20.0011 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/09/25 15:09:20.0042 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2010/09/25 15:09:20.0058 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2010/09/25 15:09:20.0089 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2010/09/25 15:09:20.0120 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/09/25 15:09:20.0151 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2010/09/25 15:09:20.0183 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2010/09/25 15:09:20.0198 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2010/09/25 15:09:20.0276 VX3000 (3d96ef51524e99680e89929e953a5495) C:\Windows\system32\DRIVERS\VX3000.sys
2010/09/25 15:09:20.0370 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/09/25 15:09:20.0401 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/25 15:09:20.0417 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/25 15:09:20.0448 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2010/09/25 15:09:20.0479 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
2010/09/25 15:09:20.0541 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2010/09/25 15:09:20.0682 WmBEnum (59c90bc8317bd3f6e5559a4deaf35090) C:\Windows\system32\drivers\WmBEnum.sys
2010/09/25 15:09:20.0729 WmFilter (999a4539ad634a741afd357e290bd461) C:\Windows\system32\drivers\WmFilter.sys
2010/09/25 15:09:20.0760 WmHidLo (a24be0cf44cd82c5c4eabf1a1f891d4d) C:\Windows\system32\drivers\WmHidLo.sys
2010/09/25 15:09:20.0853 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/09/25 15:09:20.0947 WmVirHid (0b8c64b13776f17537f0705fe62799c6) C:\Windows\system32\drivers\WmVirHid.sys
2010/09/25 15:09:20.0978 WmXlCore (8d388aeb1a12c1192aa9b4ebceabcba6) C:\Windows\system32\drivers\WmXlCore.sys
2010/09/25 15:09:21.0041 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/09/25 15:09:21.0072 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/09/25 15:09:21.0134 xusb21 (ee9144207ee0211eb5656ba6808ac4a0) C:\Windows\system32\DRIVERS\xusb21.sys
2010/09/25 15:09:21.0197 ================================================================================
2010/09/25 15:09:21.0197 Scan finished
2010/09/25 15:09:21.0197 ================================================================================
2010/09/25 15:09:21.0212 Detected object count: 1
2010/09/25 15:09:36.0157 pciide (588e4efbc03695a9e5d753dcd579bf66) C:\Windows\system32\drivers\pciide.sys
2010/09/25 15:09:36.0157 Suspicious file (NoAccess): C:\Windows\system32\drivers\pciide.sys. md5: 588e4efbc03695a9e5d753dcd579bf66
2010/09/25 15:09:37.0202 Backup copy found, using it..
2010/09/25 15:09:37.0311 C:\Windows\system32\drivers\pciide.sys - will be cured after reboot
2010/09/25 15:09:37.0311 Rootkit.Win32.TDSS.tdl3(pciide) - User select action: Cure
2010/09/25 15:09:43.0380 Deinitialize success
26 Septembre 2010 00:23:40

Bonsoir,

poste un nouveau rapport RSIT.

:whistle: 

A+
26 Septembre 2010 13:09:34

Bonjour,

Voici le nouveau rapport RSIT :


Logfile of random's system information tool 1.08 (written by random/random)
Run by Lionel at 2010-09-26 13:08:08
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 357 GB (60%) free of 598 GB
Total RAM: 3325 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:08:39, on 26/09/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Packard Bell\FIJI\ABoard.exe
C:\Windows\vVX3000.exe
C:\Program Files\Packard Bell\FIJI\AOSD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Lionel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lionel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lionel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lionel\Desktop\RSIT.exe
C:\Program Files\trend micro\Lionel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
R3 - URLSearchHook: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSof1.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSof1.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O3 - Toolbar: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
O3 - Toolbar: Softonic France FF Toolbar - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - C:\Program Files\Softonic_France_FF\tbSof1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [cftmon] C:\Windows\system32\hgcheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lionel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\/\KiesTrayAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O4 - Global Startup: WiFi Station pour Livebox.lnk = C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.ap...
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sourc...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8971.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 27105 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Extension de garantie-Lionel.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3304485622-3776006356-228958792-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3304485622-3776006356-228958792-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{8C18A21F-AB66-4B65-B65B-D360A5A19B5E}.job
C:\Windows\tasks\User_Feed_Synchronization-{9248197A-5A97-4696-99F3-E6DC0CBD55F9}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-06-16 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-04 396144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL [2010-02-04 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]
Softonic France FF Toolbar - C:\Program Files\Softonic_France_FF\tbSof1.dll [2010-08-27 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]
Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaze.dll [2009-07-02 2215960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-06-02 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-04 396144]
{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaze.dll [2009-07-02 2215960]
{6d6b212b-2245-4898-8b16-9a11b81ff9e1} - Softonic France FF Toolbar - C:\Program Files\Softonic_France_FF\tbSof1.dll [2010-08-27 2734688]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-24 6111232]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-03 92704]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-26 30192]
"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
"ACTIVBOARD"=C:\Program Files\Packard Bell\FIJI\aboard.exe [2007-01-18 79416]
"VX3000"=C:\Windows\vVX3000.exe [2009-04-10 721936]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2009-04-10 145760]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-06-16 202256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-08-20 1164584]
"cftmon"=C:\Windows\system32\hgcheck.exe []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-01 39408]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 []
"Google Update"=C:\Users\Lionel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\/\KiesTrayAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\Windows\KHALMNPR.EXE [2008-10-10 69632]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe

C:\Users\Lionel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\klmdb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3
"NoActiveDesktopChanges"=0
"NoSetActiveDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
"NoActiveDesktopChanges"=0
"NoSetActiveDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-25 15:47:22 ----D---- C:\Program Files\logiciels d'analyse anti-virus
2010-09-25 15:08:53 ----A---- C:\TDSSKiller.2.4.2.1_25.09.2010_15.08.53_log.txt
2010-09-25 13:31:34 ----D---- C:\Windows\BDOSCAN8
2010-09-25 13:21:02 ----A---- C:\Windows\system32\winset.ini
2010-09-25 10:46:18 ----RASHD---- C:\Autorun.inf
2010-09-24 18:16:01 ----A---- C:\UsbFix.txt
2010-09-24 18:10:02 ----D---- C:\UsbFix
2010-09-22 17:48:22 ----D---- C:\Users\Lionel\AppData\Roaming\Malwarebytes
2010-09-22 17:48:14 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-09-22 17:48:13 ----D---- C:\ProgramData\Malwarebytes
2010-09-22 17:48:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-22 17:48:12 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-09-22 14:47:44 ----D---- C:\Program Files\trend micro
2010-09-22 14:47:40 ----D---- C:\rsit
2010-09-21 18:21:14 ----D---- C:\Program Files\QuickTime
2010-09-18 19:25:24 ----ASH---- C:\hiberfil.sys
2010-09-18 16:52:47 ----A---- C:\Windows\ntbtlog.txt
2010-09-16 21:05:58 ----A---- C:\Windows\system32\ykhad.exe
2010-09-15 00:21:37 ----A---- C:\Windows\system32\usp10.dll
2010-09-15 00:21:37 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-15 00:21:36 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-15 00:21:34 ----A---- C:\Windows\system32\inetcomm.dll
2010-08-28 19:48:39 ----D---- C:\Program Files\Sony Media Go Install
2010-08-28 18:21:33 ----A---- C:\Windows\system32\ShellManager310E2D762.dll
2010-08-28 18:21:03 ----A---- C:\Windows\Irremote.ini
2010-08-27 18:26:57 ----RA---- C:\Windows\system32\GEARAspi.dll
2010-08-27 18:26:57 ----RA---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2010-08-27 18:26:51 ----A---- C:\Windows\system32\drivers\SYMEVENT.SYS
2010-08-27 18:26:40 ----D---- C:\Program Files\Symantec
2010-08-27 18:26:13 ----D---- C:\Windows\system32\drivers\N360
2010-08-27 18:26:07 ----D---- C:\Program Files\Norton 360
2010-08-27 18:15:41 ----D---- C:\ProgramData\PCSettings
2010-08-27 18:14:52 ----D---- C:\ProgramData\NortonInstaller
2010-08-27 18:14:52 ----D---- C:\Program Files\NortonInstaller

======List of files/folders modified in the last 1 months======

2010-09-26 13:08:20 ----D---- C:\Windows\prefetch
2010-09-25 18:42:27 ----D---- C:\Windows\System32
2010-09-25 18:42:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-25 18:42:26 ----D---- C:\Windows\inf
2010-09-25 15:54:40 ----D---- C:\Windows\system32\Tasks
2010-09-25 15:47:47 ----D---- C:\Program Files
2010-09-25 15:15:41 ----D---- C:\Windows\Temp
2010-09-25 15:12:52 ----D---- C:\Users\Lionel\AppData\Roaming\LimeWire
2010-09-25 15:10:59 ----AD---- C:\Windows\system32\drivers
2010-09-25 15:10:56 ----SHD---- C:\System Volume Information
2010-09-25 13:31:36 ----SD---- C:\Windows\Downloaded Program Files
2010-09-25 13:31:34 ----D---- C:\Windows
2010-09-25 10:51:18 ----D---- C:\Program Files\Mozilla Firefox
2010-09-23 17:07:27 ----D---- C:\Windows\Branding
2010-09-23 17:06:39 ----D---- C:\Windows\system32\catroot2
2010-09-22 17:48:13 ----D---- C:\ProgramData
2010-09-21 18:22:19 ----SHD---- C:\Windows\Installer
2010-09-21 18:21:14 ----D---- C:\ProgramData\Apple Computer
2010-09-19 14:35:14 ----D---- C:\Users\Lionel\AppData\Roaming\Google
2010-09-19 14:30:11 ----D---- C:\ProgramData\Google
2010-09-19 13:34:24 ----D---- C:\Program Files\Google
2010-09-18 19:47:25 ----D---- C:\Windows\system32\wbem
2010-09-18 19:46:22 ----D---- C:\Program Files\Common Files\Skype
2010-09-18 19:46:20 ----RSD---- C:\Windows\Media
2010-09-18 19:46:20 ----D---- C:\Windows\winsxs
2010-09-18 19:46:20 ----D---- C:\Windows\twain_32
2010-09-18 19:46:20 ----D---- C:\Windows\Tasks
2010-09-18 19:46:20 ----D---- C:\Windows\system32\spool
2010-09-18 19:46:20 ----D---- C:\Windows\system32\CodeIntegrity
2010-09-18 19:45:59 ----RSD---- C:\Windows\Fonts
2010-09-18 19:45:58 ----RSD---- C:\Windows\assembly
2010-09-18 19:45:51 ----RD---- C:\Users
2010-09-18 19:45:49 ----D---- C:\ProgramData\Microsoft Help
2010-09-18 19:45:49 ----D---- C:\Program Files\Windows Mail
2010-09-18 19:45:48 ----D---- C:\Program Files\Picasa2
2010-09-18 19:45:48 ----D---- C:\Program Files\PC Connectivity Solution
2010-09-18 19:45:48 ----D---- C:\Program Files\OpenOffice.org 3
2010-09-18 19:45:47 ----D---- C:\Program Files\Microsoft Works
2010-09-18 19:45:41 ----D---- C:\Windows\registration
2010-09-18 19:32:57 ----D---- C:\Windows\Logs
2010-09-16 21:16:17 ----D---- C:\Windows\system32\config
2010-09-15 03:25:06 ----D---- C:\Windows\system32\catroot
2010-09-15 03:02:10 ----A---- C:\Windows\system32\mrt.exe
2010-09-14 00:31:46 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-14 00:27:37 ----SD---- C:\Users\Lionel\AppData\Roaming\Microsoft
2010-09-01 11:09:02 ----D---- C:\Users\Lionel\AppData\Roaming\Adobe
2010-08-28 19:49:23 ----D---- C:\Program Files\Common Files\Sony Shared
2010-08-28 19:19:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-28 19:17:46 ----D---- C:\Program Files\Samsung
2010-08-28 19:17:42 ----D---- C:\Program Files\Common Files\Samsung
2010-08-28 19:17:41 ----D---- C:\Users\Lionel\AppData\Roaming\Samsung
2010-08-28 19:17:41 ----D---- C:\ProgramData\Samsung
2010-08-28 18:33:34 ----D---- C:\ProgramData\DivX
2010-08-28 18:32:50 ----D---- C:\Program Files\DivX
2010-08-28 18:22:46 ----A---- C:\Windows\system32\MsiExec.exe.log
2010-08-28 18:22:07 ----D---- C:\Program Files\Common Files\Nero
2010-08-28 18:22:06 ----D---- C:\ProgramData\Nero
2010-08-28 18:17:37 ----D---- C:\Program Files\Common Files
2010-08-28 18:17:13 ----D---- C:\Program Files\Reallusion
2010-08-28 18:15:51 ----D---- C:\Program Files\DVDFab 6
2010-08-28 18:15:50 ----D---- C:\Users\Lionel\AppData\Roaming\Vso
2010-08-28 18:15:50 ----A---- C:\Users\Lionel\AppData\Roaming\inst.exe
2010-08-27 19:03:09 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-08-27 18:29:31 ----D---- C:\ProgramData\Norton
2010-08-27 18:26:55 ----DC---- C:\Windows\system32\DRVSTORE
2010-08-27 18:23:54 ----D---- C:\ProgramData\Symantec

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2008-08-26 140832]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2010-02-04 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100901.003\BHDrvx86.sys [2010-09-01 692272]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-08-26 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20100924.001\IDSvix86.sys [2010-06-17 344112]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS [2010-04-22 325680]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS [2010-04-22 43696]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-11-16 50704]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-08-26 102448]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-24 2126688]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100925.003\NAVENG.SYS [2010-08-26 85424]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100925.003\NAVEX15.SYS [2010-08-26 1362608]
R3 netr73;Hercules Wireless USB Dongle Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2007-01-31 256000]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-09-10 1035168]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-03 7444672]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-08-27 124976]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-01-13 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-01-13 49160]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2008-09-26 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2008-09-26 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2008-09-26 79120]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-01-22 47360]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 100224]
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys [2009-04-10 1964816]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-01-13 29192]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2009-01-13 31240]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-01-13 14728]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2007-02-27 61984]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 nvrd32;NVIDIA nForce RAID Driver; C:\Windows\system32\drivers\nvrd32.sys [2007-09-11 123424]
S4 nvsmu;nvsmu; C:\Windows\system32\drivers\nvsmu.sys [2007-07-07 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2009-04-10 136544]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-03 118784]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-08-17 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-10 135664]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-27 867080]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-26 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-01 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-11-07 121360]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-12-16 3453712]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
26 Septembre 2010 13:22:57

Bonjour,

fais la manip' de ComboFix (merci sUBs) et poste le rapport : Ici

A+
26 Septembre 2010 14:42:56

Bonjour,

Voici le rapport de ComboFix :


ComboFix 10-09-25.07 - Lionel 26/09/2010 14:27:55.1.4 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3325.2081 [GMT 2:00]
Lancé depuis: c:\users\Lionel\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet 3\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet 3\perf.ini
c:\program files\FlashGet Network\FlashGet 3\pstat.dat
c:\program files\FlashGet Network\FlashGet 3\pup.dat
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\Lionel\AppData\Roaming\BITS
c:\users\Lionel\AppData\Roaming\BITS\BITS.ini
c:\users\Lionel\AppData\Roaming\BITS\DHTTable.dat
c:\users\Lionel\AppData\Roaming\BITS\ProxyList.ini
c:\users\Lionel\AppData\Roaming\BITS\UPnP.ini
c:\users\Lionel\AppData\Roaming\FlashGetBHO
c:\users\Lionel\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
c:\users\Lionel\AppData\Roaming\FlashGetBHO\FlashGetHook.dll
c:\users\Lionel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
c:\users\Lionel\AppData\Roaming\FlashGetBHO\GetUrl.htm
c:\users\Lionel\AppData\Roaming\inst.exe
c:\windows\libem.INI
c:\windows\system32\secushr.dat
c:\windows\system32\secustat.dat
c:\windows\system32\vbzlib1.dll
c:\windows\system32\winset.ini

----- BITS: Il y a peut-être des sites infectés -----

hxxp://sl.tf1.fr
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-08-26 au 2010-09-26 ))))))))))))))))))))))))))))))))))))
.

2010-09-25 13:47 . 2010-09-26 11:07 -------- d-----w- c:\program files\logiciels d'analyse anti-virus
2010-09-25 11:31 . 2010-09-26 11:17 -------- d-----w- c:\windows\BDOSCAN8
2010-09-25 08:46 . 2010-09-25 08:46 1283467 ----a-w- C:\UsbFix_Upload_Me_PC-DE-LIONEL.zip
2010-09-24 16:10 . 2010-09-25 08:46 -------- d-----w- C:\UsbFix
2010-09-22 15:48 . 2010-09-22 15:48 -------- d-----w- c:\users\Lionel\AppData\Roaming\Malwarebytes
2010-09-22 15:48 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-22 15:48 . 2010-09-22 15:48 -------- d-----w- c:\programdata\Malwarebytes
2010-09-22 15:48 . 2010-09-22 17:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-22 15:48 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-22 12:47 . 2010-09-26 11:08 -------- d-----w- c:\program files\trend micro
2010-09-22 12:47 . 2010-09-22 12:48 -------- d-----w- C:\rsit
2010-09-21 16:21 . 2010-09-21 16:21 -------- d-----w- c:\program files\QuickTime
2010-09-16 19:05 . 2010-09-16 19:05 349184 ----a-w- c:\windows\system32\ykhad.exe
2010-09-14 22:21 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-14 22:21 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-14 22:21 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-14 22:21 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-08-28 17:48 . 2010-08-28 17:48 -------- d-----w- c:\program files\Sony Media Go Install
2010-08-28 16:33 . 2010-08-28 16:30 185640 ----a-w- c:\programdata\DivX\Setup\finishPlugin.dll
2010-08-28 16:33 . 2010-08-28 16:33 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-08-28 16:32 . 2010-08-28 16:32 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-08-28 16:32 . 2010-08-28 16:32 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-08-28 16:32 . 2010-08-28 16:32 57691 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-08-28 16:32 . 2010-08-28 16:32 84063 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-08-28 16:32 . 2010-08-28 16:32 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-08-28 16:30 . 2010-08-28 16:30 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-08-28 16:21 . 2008-05-02 06:26 1414440 ----a-w- c:\windows\system32\ShellManager310E2D762.dll
2010-08-27 16:52 . 2010-09-18 16:48 -------- d-----w- c:\users\Lionel\AppData\Local\CrashDumps
2010-08-27 16:26 . 2009-05-18 21:17 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-08-27 16:26 . 2008-04-17 20:12 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-08-27 16:26 . 2010-08-27 16:26 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-08-27 16:26 . 2010-08-27 16:26 -------- d-----w- c:\program files\Symantec
2010-08-27 16:26 . 2010-09-25 11:22 -------- d-----w- c:\windows\system32\drivers\N360
2010-08-27 16:26 . 2010-08-27 16:26 -------- d-----w- c:\program files\Norton 360
2010-08-27 16:15 . 2010-08-27 16:15 -------- d-----w- c:\programdata\PCSettings
2010-08-27 16:14 . 2010-08-27 16:15 -------- d-----w- c:\programdata\NortonInstaller
2010-08-27 16:14 . 2010-08-27 16:14 -------- d-----w- c:\program files\NortonInstaller

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-25 16:42 . 2009-05-28 22:29 696402 ----a-w- c:\windows\system32\perfh00C.dat
2010-09-25 16:42 . 2009-05-28 22:29 132174 ----a-w- c:\windows\system32\perfc00C.dat
2010-09-25 13:12 . 2010-08-05 19:09 -------- d-----w- c:\users\Lionel\AppData\Roaming\LimeWire
2010-09-25 13:10 . 2009-06-03 12:14 14312 ----a-w- c:\windows\system32\drivers\pciide.sys
2010-09-22 08:16 . 2009-06-07 15:41 1 ----a-w- c:\users\Lionel\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-21 16:21 . 2009-12-12 18:12 -------- d-----w- c:\programdata\Apple Computer
2010-09-19 11:34 . 2009-05-28 13:10 -------- d-----w- c:\program files\Google
2010-09-18 17:46 . 2009-05-28 13:21 -------- d-----w- c:\program files\Common Files\Skype
2010-09-18 17:45 . 2009-05-28 13:15 -------- d-----w- c:\programdata\Microsoft Help
2010-09-18 17:45 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-09-18 17:45 . 2010-08-19 17:07 -------- d-----w- c:\program files\PC Connectivity Solution
2010-09-18 17:45 . 2009-06-07 15:39 -------- d-----w- c:\program files\OpenOffice.org 3
2010-09-18 17:45 . 2009-05-28 13:21 -------- d-----w- c:\program files\Picasa2
2010-09-18 17:45 . 2009-05-28 13:07 -------- d-----w- c:\program files\Microsoft Works
2010-09-18 12:47 . 2009-05-28 14:05 115544 ----a-w- c:\users\Lionel\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-13 22:31 . 2010-01-23 14:35 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-05 11:14 . 2009-06-07 10:34 206 ----a-w- c:\users\Lionel\AppData\Roaming\wklnhst.dat
2010-08-28 17:49 . 2010-05-29 13:30 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-08-28 17:19 . 2009-05-28 13:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-28 17:17 . 2010-08-19 17:04 -------- d-----w- c:\program files\Samsung
2010-08-28 17:17 . 2010-08-19 17:04 -------- d-----w- c:\program files\Common Files\Samsung
2010-08-28 17:17 . 2010-08-19 17:06 -------- d-----w- c:\users\Lionel\AppData\Roaming\Samsung
2010-08-28 17:17 . 2010-08-19 17:05 -------- d-----w- c:\programdata\Samsung
2010-08-28 16:34 . 2010-06-23 16:46 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-08-28 16:33 . 2010-06-23 16:42 -------- d-----w- c:\programdata\DivX
2010-08-28 16:32 . 2009-11-20 15:31 -------- d-----w- c:\program files\DivX
2010-08-28 16:30 . 2010-06-23 16:45 850200 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-08-28 16:30 . 2010-06-23 16:45 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-08-28 16:22 . 2009-05-28 13:11 -------- d-----w- c:\program files\Common Files\Nero
2010-08-28 16:22 . 2009-05-28 13:11 -------- d-----w- c:\programdata\Nero
2010-08-28 16:17 . 2009-11-02 14:14 -------- d-----w- c:\program files\Reallusion
2010-08-28 16:15 . 2010-01-22 17:55 -------- d-----w- c:\program files\DVDFab 6
2010-08-28 16:15 . 2010-01-22 17:55 47360 ----a-w- c:\users\Lionel\AppData\Roaming\pcouffin.sys
2010-08-28 16:15 . 2010-01-22 17:55 47360 ----a-w- c:\users\Lionel\AppData\Roaming\pcouffin.sys
2010-08-28 16:15 . 2010-01-22 17:55 -------- d-----w- c:\users\Lionel\AppData\Roaming\Vso
2010-08-27 17:03 . 2009-05-28 13:12 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-08-27 16:29 . 2009-12-16 17:37 -------- d-----w- c:\programdata\Norton
2010-08-27 16:26 . 2010-08-27 16:26 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-08-27 16:26 . 2010-08-27 16:26 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-08-27 16:23 . 2009-05-28 13:12 -------- d-----w- c:\programdata\Symantec
2010-08-19 17:23 . 2010-08-19 17:23 -------- d-----w- c:\programdata\PC Suite
2010-08-19 17:23 . 2010-08-19 17:23 -------- d-----w- c:\users\Lionel\AppData\Roaming\PC Suite
2010-08-19 17:21 . 2010-08-19 17:21 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-08-19 17:10 . 2010-08-19 17:10 -------- d-----w- c:\program files\DIFX
2010-08-19 17:05 . 2010-08-19 17:05 -------- d-----w- c:\program files\MarkAny
2010-08-17 12:43 . 2010-08-17 12:43 -------- d-----w- c:\program files\Common Files\Java
2010-08-17 12:42 . 2009-06-07 15:38 -------- d-----w- c:\program files\Java
2010-08-16 09:47 . 2009-10-05 05:08 -------- d-----w- c:\users\Lionel\AppData\Roaming\HpUpdate
2010-07-17 03:00 . 2010-05-26 10:16 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-14 14:56 . 2009-12-13 19:12 10134 ----a-r- c:\users\Lionel\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
2010-06-26 11:06 . 2010-06-26 11:06 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-05-28 22:45 . 2009-05-28 22:32 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}"= "c:\program files\Eazel-FR\tbEaze.dll" [2009-07-02 2215960]
"{6d6b212b-2245-4898-8b16-9a11b81ff9e1}"= "c:\program files\Softonic_France_FF\tbSof1.dll" [2010-08-27 2734688]

[HKEY_CLASSES_ROOT\clsid\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

[HKEY_CLASSES_ROOT\clsid\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]
2010-08-27 16:51 2734688 ----a-w- c:\program files\Softonic_France_FF\tbSof1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]
2009-07-02 08:18 2215960 ----a-w- c:\program files\Eazel-FR\tbEaze.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}"= "c:\program files\Eazel-FR\tbEaze.dll" [2009-07-02 2215960]
"{6d6b212b-2245-4898-8b16-9a11b81ff9e1}"= "c:\program files\Softonic_France_FF\tbSof1.dll" [2010-08-27 2734688]

[HKEY_CLASSES_ROOT\clsid\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

[HKEY_CLASSES_ROOT\clsid\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A8F9752D-E2B8-4E7A-86B5-499F4330E2FE}"= "c:\program files\Eazel-FR\tbEaze.dll" [2009-07-02 2215960]
"{6D6B212B-2245-4898-8B16-9A11B81FF9E1}"= "c:\program files\Softonic_France_FF\tbSof1.dll" [2010-08-27 2734688]

[HKEY_CLASSES_ROOT\clsid\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

[HKEY_CLASSES_ROOT\clsid\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files\Samsung\Kies\" [X]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-01 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Google Update"="c:\users\Lionel\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-01-06 135664]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-24 6111232]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-03 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-03 92704]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-26 30192]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416]
"VX3000"="c:\windows\vVX3000.exe" [2009-04-10 721936]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2009-04-10 145760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-06-16 202256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]

c:\users\Lionel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-7-29 503808]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-3-27 809488]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-8-17 2043904]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-8-17 8919040]
WiFi Station pour Livebox.lnk - c:\program files\Hercules\WiFi Station pour Livebox\WiFiLB.exe [2009-6-1 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~4\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2008-10-10 13:46 69632 ----a-w- c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
"FirewallOverride"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 135664]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-26 30192]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-12-16 3453712]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 100224]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2010-02-04 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100901.003\BHDrvx86.sys [2010-08-31 692272]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20100924.001\IDSvix86.sys [2010-06-17 344112]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
S2 N360;Norton 360;c:\program files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-08-17 98304]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-08-25 102448]
S3 netr73;Hercules Wireless USB Dongle Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2007-01-31 256000]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]


--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - KLMDB
*Deregistered* - klmdb

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'

2010-09-26 c:\windows\Tasks\Extension de garantie-Lionel.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2009-05-28 10:13]

2010-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 16:41]

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 16:41]

2010-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3304485622-3776006356-228958792-1000Core.job
- c:\users\Lionel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-06 19:29]

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3304485622-3776006356-228958792-1000UA.job
- c:\users\Lionel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-06 19:29]

2010-09-26 c:\windows\Tasks\User_Feed_Synchronization-{8C18A21F-AB66-4B65-B65B-D360A5A19B5E}.job
- c:\windows\system32\msfeedssync.exe [2010-08-16 04:24]

2010-09-26 c:\windows\Tasks\User_Feed_Synchronization-{9248197A-5A97-4696-99F3-E6DC0CBD55F9}.job
- c:\windows\system32\msfeedssync.exe [2010-08-16 04:24]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/portail
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: kuaiche.com\software
DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} - hxxp://webtv.guidetv.orange.fr/resources/OCS_8971.cab
FF - ProfilePath - c:\users\Lionel\AppData\Roaming\Mozilla\Firefox\Profiles\00hmrf3c.default\
FF - prefs.js: browser.startup.homepage - hxxp://orange.fr/
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashgetXpi.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\Lionel\AppData\Roaming\Mozilla\Firefox\Profiles\00hmrf3c.default\extensions\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}\components\FFExternalAlert.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Sony\Media Go\npmediago.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\Lionel\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
SafeBoot-klmdb.sys
AddRemove-ffdshow_is1 - c:\program files\FreeTime\FormatFactory\FFModules\Filters\ffdshow\unins000.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-26 14:35
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


c:\users\Lionel\AppData\Local\Temp\catchme.dll 53248 bytes executable

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-3304485622-3776006356-228958792-1000\ë* d*]
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-3304485622-3776006356-228958792-1000\Û*¬ *]
@Allowed: (Read) (RestrictedCode)
DUMPHIVE0.003 (REGF)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2010-09-26 14:38:32
ComboFix-quarantined-files.txt 2010-09-26 12:38

Avant-CF: 374 246 150 144 octets libres
Après-CF: 374 929 825 792 octets libres

- - End Of File - - 9B3517470AE68FB5AC5EDCD642D67CDB
26 Septembre 2010 17:12:55

Bonjour,

*Ouvre le Bloc-notes afin d' y copier/coller les lignes ci-dessous (attention à ce que Retour à la ligne ne soit pas coché dans Format) :

KillAll::

File::
c:\users\Lionel\AppData\Roaming\pcouffin.sys

Rootkit::
pcouffin


-Enregistre-les sous CFScript.txt sur ton Bureau
-Comme sur l' image suivante, fais glisser CFScript.txt dans Combofix.exe : http://i538.photobucket.com/albums/ff348/Images-Secu/CF...
-Une fenêtre bleue apparaît, au message Type 1 to continue, or 2 to abort tape 1 puis valide
-Combofix va se lancer et faire redémarrer l' ordinateur
-Poste le rapport Combofix.txt qui est sauvegardé dans C:\Combofix

A+
Edit : A ce soir
26 Septembre 2010 19:02:30

Bonsoir,

Voici le rapport :


ComboFix 10-09-25.07 - Lionel 26/09/2010 18:26:27.2.4 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3325.1474 [GMT 2:00]
Lancé depuis: c:\users\Lionel\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Lionel\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\users\Lionel\AppData\Roaming\pcouffin.sys"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Lionel\AppData\Roaming\pcouffin.sys

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-08-26 au 2010-09-26 ))))))))))))))))))))))))))))))))))))
.

2010-09-26 16:35 . 2010-09-26 16:38 -------- d-----w- c:\users\Lionel\AppData\Local\temp
2010-09-26 16:35 . 2010-09-26 16:35 -------- d-----w- c:\users\Romain\AppData\Local\temp
2010-09-26 16:35 . 2010-09-26 16:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-25 13:47 . 2010-09-26 11:07 -------- d-----w- c:\program files\logiciels d'analyse anti-virus
2010-09-25 11:31 . 2010-09-26 11:17 -------- d-----w- c:\windows\BDOSCAN8
2010-09-25 08:46 . 2010-09-25 08:46 1283467 ----a-w- C:\UsbFix_Upload_Me_PC-DE-LIONEL.zip
2010-09-24 16:10 . 2010-09-25 08:46 -------- d-----w- C:\UsbFix
2010-09-22 15:48 . 2010-09-22 15:48 -------- d-----w- c:\users\Lionel\AppData\Roaming\Malwarebytes
2010-09-22 15:48 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-22 15:48 . 2010-09-22 15:48 -------- d-----w- c:\programdata\Malwarebytes
2010-09-22 15:48 . 2010-09-22 17:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-22 15:48 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-22 12:47 . 2010-09-26 11:08 -------- d-----w- c:\program files\trend micro
2010-09-22 12:47 . 2010-09-22 12:48 -------- d-----w- C:\rsit
2010-09-21 16:21 . 2010-09-21 16:21 -------- d-----w- c:\program files\QuickTime
2010-09-16 19:05 . 2010-09-16 19:05 349184 ----a-w- c:\windows\system32\ykhad.exe
2010-09-14 22:21 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-14 22:21 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-14 22:21 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-14 22:21 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-08-28 17:48 . 2010-08-28 17:48 -------- d-----w- c:\program files\Sony Media Go Install
2010-08-28 16:21 . 2008-05-02 06:26 1414440 ----a-w- c:\windows\system32\ShellManager310E2D762.dll
2010-08-27 16:52 . 2010-09-26 13:30 -------- d-----w- c:\users\Lionel\AppData\Local\CrashDumps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-26 16:40 . 2010-08-05 19:09 -------- d-----w- c:\users\Lionel\AppData\Roaming\LimeWire
2010-09-26 15:48 . 2009-06-07 15:41 1 ----a-w- c:\users\Lionel\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-26 14:24 . 2009-05-28 22:29 696402 ----a-w- c:\windows\system32\perfh00C.dat
2010-09-26 14:24 . 2009-05-28 22:29 132174 ----a-w- c:\windows\system32\perfc00C.dat
2010-09-26 13:03 . 2009-05-28 13:21 -------- d-----w- c:\program files\Picasa2
2010-09-25 13:10 . 2009-06-03 12:14 14312 ----a-w- c:\windows\system32\drivers\pciide.sys
2010-09-21 16:21 . 2009-12-12 18:12 -------- d-----w- c:\programdata\Apple Computer
2010-09-19 11:34 . 2009-05-28 13:10 -------- d-----w- c:\program files\Google
2010-09-18 17:46 . 2009-05-28 13:21 -------- d-----w- c:\program files\Common Files\Skype
2010-09-18 17:45 . 2009-05-28 13:15 -------- d-----w- c:\programdata\Microsoft Help
2010-09-18 17:45 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-09-18 17:45 . 2010-08-19 17:07 -------- d-----w- c:\program files\PC Connectivity Solution
2010-09-18 17:45 . 2009-06-07 15:39 -------- d-----w- c:\program files\OpenOffice.org 3
2010-09-18 17:45 . 2009-05-28 13:07 -------- d-----w- c:\program files\Microsoft Works
2010-09-18 12:47 . 2009-05-28 14:05 115544 ----a-w- c:\users\Lionel\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-13 22:31 . 2010-01-23 14:35 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-05 11:14 . 2009-06-07 10:34 206 ----a-w- c:\users\Lionel\AppData\Roaming\wklnhst.dat
2010-08-28 17:49 . 2010-05-29 13:30 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-08-28 17:19 . 2009-05-28 13:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-28 17:17 . 2010-08-19 17:04 -------- d-----w- c:\program files\Samsung
2010-08-28 17:17 . 2010-08-19 17:04 -------- d-----w- c:\program files\Common Files\Samsung
2010-08-28 17:17 . 2010-08-19 17:06 -------- d-----w- c:\users\Lionel\AppData\Roaming\Samsung
2010-08-28 17:17 . 2010-08-19 17:05 -------- d-----w- c:\programdata\Samsung
2010-08-28 16:34 . 2010-06-23 16:46 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-08-28 16:33 . 2010-08-28 16:33 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-08-28 16:33 . 2010-06-23 16:42 -------- d-----w- c:\programdata\DivX
2010-08-28 16:32 . 2009-11-20 15:31 -------- d-----w- c:\program files\DivX
2010-08-28 16:32 . 2010-08-28 16:32 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-08-28 16:32 . 2010-08-28 16:32 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-08-28 16:32 . 2010-08-28 16:32 57691 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-08-28 16:32 . 2010-08-28 16:32 84063 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-08-28 16:32 . 2010-08-28 16:32 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-08-28 16:30 . 2010-08-28 16:33 185640 ----a-w- c:\programdata\DivX\Setup\finishPlugin.dll
2010-08-28 16:30 . 2010-08-28 16:30 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-08-28 16:30 . 2010-06-23 16:45 850200 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-08-28 16:30 . 2010-06-23 16:45 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-08-28 16:22 . 2009-05-28 13:11 -------- d-----w- c:\program files\Common Files\Nero
2010-08-28 16:22 . 2009-05-28 13:11 -------- d-----w- c:\programdata\Nero
2010-08-28 16:17 . 2009-11-02 14:14 -------- d-----w- c:\program files\Reallusion
2010-08-28 16:15 . 2010-01-22 17:55 -------- d-----w- c:\program files\DVDFab 6
2010-08-28 16:15 . 2010-01-22 17:55 -------- d-----w- c:\users\Lionel\AppData\Roaming\Vso
2010-08-27 17:03 . 2009-05-28 13:12 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-08-27 16:29 . 2009-12-16 17:37 -------- d-----w- c:\programdata\Norton
2010-08-27 16:26 . 2010-08-27 16:26 -------- d-----w- c:\program files\Symantec
2010-08-27 16:26 . 2010-08-27 16:26 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-08-27 16:26 . 2010-08-27 16:26 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-08-27 16:26 . 2010-08-27 16:26 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-08-27 16:26 . 2010-08-27 16:26 -------- d-----w- c:\program files\Norton 360
2010-08-27 16:23 . 2009-05-28 13:12 -------- d-----w- c:\programdata\Symantec
2010-08-27 16:15 . 2010-08-27 16:15 -------- d-----w- c:\programdata\PCSettings
2010-08-27 16:15 . 2010-08-27 16:14 -------- d-----w- c:\programdata\NortonInstaller
2010-08-27 16:14 . 2010-08-27 16:14 -------- d-----w- c:\program files\NortonInstaller
2010-08-19 17:23 . 2010-08-19 17:23 -------- d-----w- c:\programdata\PC Suite
2010-08-19 17:23 . 2010-08-19 17:23 -------- d-----w- c:\users\Lionel\AppData\Roaming\PC Suite
2010-08-19 17:21 . 2010-08-19 17:21 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-08-19 17:10 . 2010-08-19 17:10 -------- d-----w- c:\program files\DIFX
2010-08-19 17:05 . 2010-08-19 17:05 -------- d-----w- c:\program files\MarkAny
2010-08-17 12:43 . 2010-08-17 12:43 -------- d-----w- c:\program files\Common Files\Java
2010-08-17 12:42 . 2009-06-07 15:38 -------- d-----w- c:\program files\Java
2010-08-16 09:47 . 2009-10-05 05:08 -------- d-----w- c:\users\Lionel\AppData\Roaming\HpUpdate
2010-07-17 03:00 . 2010-05-26 10:16 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-14 14:56 . 2009-12-13 19:12 10134 ----a-r- c:\users\Lionel\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
2010-06-26 11:06 . 2010-06-26 11:06 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-05-28 22:45 . 2009-05-28 22:32 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}"= "c:\program files\Eazel-FR\tbEaze.dll" [2009-07-02 2215960]
"{6d6b212b-2245-4898-8b16-9a11b81ff9e1}"= "c:\program files\Softonic_France_FF\tbSof1.dll" [2010-08-27 2734688]

[HKEY_CLASSES_ROOT\clsid\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

[HKEY_CLASSES_ROOT\clsid\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]
2010-08-27 16:51 2734688 ----a-w- c:\program files\Softonic_France_FF\tbSof1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]
2009-07-02 08:18 2215960 ----a-w- c:\program files\Eazel-FR\tbEaze.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}"= "c:\program files\Eazel-FR\tbEaze.dll" [2009-07-02 2215960]
"{6d6b212b-2245-4898-8b16-9a11b81ff9e1}"= "c:\program files\Softonic_France_FF\tbSof1.dll" [2010-08-27 2734688]

[HKEY_CLASSES_ROOT\clsid\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

[HKEY_CLASSES_ROOT\clsid\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A8F9752D-E2B8-4E7A-86B5-499F4330E2FE}"= "c:\program files\Eazel-FR\tbEaze.dll" [2009-07-02 2215960]
"{6D6B212B-2245-4898-8B16-9A11B81FF9E1}"= "c:\program files\Softonic_France_FF\tbSof1.dll" [2010-08-27 2734688]

[HKEY_CLASSES_ROOT\clsid\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

[HKEY_CLASSES_ROOT\clsid\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files\Samsung\Kies\" [X]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-01 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Google Update"="c:\users\Lionel\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-01-06 135664]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-24 6111232]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-03 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-03 92704]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-26 30192]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416]
"VX3000"="c:\windows\vVX3000.exe" [2009-04-10 721936]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2009-04-10 145760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-06-16 202256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]

c:\users\Lionel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-7-29 503808]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-3-27 809488]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-8-17 2043904]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-8-17 8919040]
WiFi Station pour Livebox.lnk - c:\program files\Hercules\WiFi Station pour Livebox\WiFiLB.exe [2009-6-1 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~4\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2008-10-10 13:46 69632 ----a-w- c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
"FirewallOverride"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 135664]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-26 30192]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-12-16 3453712]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 100224]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2010-02-04 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100901.003\BHDrvx86.sys [2010-08-31 692272]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20100924.001\IDSvix86.sys [2010-06-17 344112]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
S2 N360;Norton 360;c:\program files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-08-17 98304]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-08-25 102448]
S3 netr73;Hercules Wireless USB Dongle Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2007-01-31 256000]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'

2010-09-26 c:\windows\Tasks\Extension de garantie-Lionel.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2009-05-28 10:13]

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 16:41]

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 16:41]

2010-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3304485622-3776006356-228958792-1000Core.job
- c:\users\Lionel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-06 19:29]

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3304485622-3776006356-228958792-1000UA.job
- c:\users\Lionel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-06 19:29]

2010-09-26 c:\windows\Tasks\User_Feed_Synchronization-{8C18A21F-AB66-4B65-B65B-D360A5A19B5E}.job
- c:\windows\system32\msfeedssync.exe [2010-08-16 04:24]

2010-09-26 c:\windows\Tasks\User_Feed_Synchronization-{9248197A-5A97-4696-99F3-E6DC0CBD55F9}.job
- c:\windows\system32\msfeedssync.exe [2010-08-16 04:24]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/portail
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: kuaiche.com\software
DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} - hxxp://webtv.guidetv.orange.fr/resources/OCS_8971.cab
FF - ProfilePath - c:\users\Lionel\AppData\Roaming\Mozilla\Firefox\Profiles\00hmrf3c.default\
FF - prefs.js: browser.startup.homepage - hxxp://orange.fr/
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashgetXpi.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\Lionel\AppData\Roaming\Mozilla\Firefox\Profiles\00hmrf3c.default\extensions\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}\components\FFExternalAlert.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************
Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés:

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-3304485622-3776006356-228958792-1000\ë* d*]
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-3304485622-3776006356-228958792-1000\Û*¬ *]
@Allowed: (Read) (RestrictedCode)
DUMPHIVE0.003 (REGF)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(5500)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\System32\NLSData000c.dll
c:\program files\Norton 360\Engine\4.3.0.5\ccVrTrst.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Heure de fin: 2010-09-26 18:46:18 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-09-26 16:45
ComboFix2.txt 2010-09-26 12:38

Avant-CF: 373 311 426 560 octets libres
Après-CF: 373 533 868 032 octets libres

- - End Of File - - E5AEFA98F4A7B09EBC1A6DFDE8892E73


J'ai eu un petit problème après redémarrage. Je ne pouvait plus accéder à Internet.
Un message me disait : "impossible d'accéder aux clés de registre destinées à la suppression"
J'ai fait un redémarrage, et tout est rentré dans l'ordre .

A+
26 Septembre 2010 21:06:14

Re,

1) Télécharge :
CCleaner : Ici
Lance-le puis clique sur Options>Avancé et décoche Effacer uniquement les fichiers Temp de Windows datant de plus de 24 heures. Ferme le programme.

2) Lance CCleaner :
Dans le menu Nettoyeur, clique sur Analyse (laisse-le travailler) puis sur le bouton Lancer le nettoyage.
Fais cela plusieurs fois.

:) 
27 Septembre 2010 18:01:27

Salut,

J'ai fait le nettoyage. Il m'a supprimer 1 Go de fichier.
J'attend la suite
A+
27 Septembre 2010 18:49:07

:hello: ,

comment va ton Pc?

A+
27 Septembre 2010 20:32:49

Salut,

Mon PC va bien plus de problème signaler par Norton 360 et BitDefender.

Merci pour tout
A+
27 Septembre 2010 20:49:14

Re,

si tout est ok :

* Je te conseille de défragmenter ton Pc.
* Il est fortement recommandé d' avoir tous ses logiciels à jour.
* Tu peux supprimer ceux que nous avons utilisés (fais démarrer>Exécuter puis tape ComboFix /uninstall, RSIT, UsbFix, TDSSKiller...) traitant d' infections spécifiques.
* Garde Malwarebytes' Anti-Malware.

-----------------------------------------------------------------------------------------------------------------------------------

Pour la sécurité de ton PC, prends quelques minutes pour lire :
http://www.infos-du-net.com/forum/275481-11-dossier-pre...

-----------------------------------------------------------------------------------------------------------------------------------

Dénonce stv ton infection en postant sur Malware-Complaints :

- Règles du forum : http://www.malwarecomplaints.info/viewtopic.php?t=5
- Enregistre-toi à l' aide du bouton Register
- Choisis I Agree to these terms and am over or exactly 13 years of age

Indique aussi le nom du forum qui t' a aidé, Idn.

-----------------------------------------------------------------------------------------------------------------------------------

Marque ton sujet en (Résolu).

Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS