Votre question

Envoi de mail sans actions de ma part

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Septembre 2010 18:34:37

Bonjour,
l'ordinateur de ma copine envoie des mails à n'importe quel moment. Et on dirait même quand le pc est éteint quand on degarde les heures d'envoi. Je pense qu'elle a donné son mot de passe sur un site bidon (elle est sur msn).
J'ai passé 2 antivirus : avast et Malwarebytes' Anti-Malware --> RAS.
Je me penche sur la solution de modifier le mot de passe, par contre pouvez-vous quand même analyser ces logs s'il vous plaît :

nb : j'ai remplacé les logs avec RSIT



Citation :
Logfile of random's system information tool 1.08 (written by random/random)
Run by admin at 2010-09-13 18:32:27
Microsoft(R) Windows(R) 2000 Professionnel Service Pack 2, v.4478
System drive C: has 143 GB (94%) free of 153 GB
Total RAM: 1023 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:33:40, on 13/09/2010
Platform: Windows 2003 SP2, v.4478 (WinNT 5.02.3790)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Documents and Settings\admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Notepad++\notepad++.exe
C:\Documents and Settings\admin\Mes documents\Downloads\RSIT.exe
C:\Program Files\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O15 - ESC Trusted Zone: http://runonce.msn.com
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Ouverture de session réseau (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Emplacement protégé (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe
O23 - Service: Fournisseur d'un jeu de stratégie résultant (RSoPProv) - Unknown owner - C:\WINDOWS\system32\RSoPProv.exe
O23 - Service: Gestionnaire de comptes de sécurité (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spouleur d'impression (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Service de disque virtuel (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 7211 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3466300918-1222426081-2901991069-500Core.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-06 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-06 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Documents and Settings\admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-13 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2001-10-25 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=RASSFM
KDCSVC
WDIGEST
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"disablecad"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"ForceClassicControlPanel"=1
"NoDesktopCleanupWizard"=1
"NoInstrumentation"=0
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoSMBalloonTip"=1
"NoSMConfigurePrograms"=1
"NoStartMenuMFUprogramsList"=0
"NoStrCmpLogical"=0
"NoWelcomeScreen"=1
"RestrictRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideRunAsVerb"=1
"NoActiveDesktop"=1
"NoDesktopCleanupWizard"=1
"NoDriveTypeAutoRun"=255
"NoInstrumentation"=0
"NoNetConnectDisconnect"=1
"NoResolveTrack"=1
"NoSetActiveDesktop"=1
"NoStartMenuMFUprogramsList"=0
"HonorAutoRunSetting"=1
"RestrictRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Documents and Settings\admin\Local Settings\Temp\HP\OJ6500vE709_Basic_12\setup\hpznui01.exe"="C:\Documents and Settings\admin\Local Settings\Temp\HP\OJ6500vE709_Basic_12\setup\hpznui01.exe:*:Enabled:hpznui01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Documents and Settings\admin\Local Settings\Temp\HP\OJ6500vE709_Basic_12\setup\hpznui01.exe"="C:\Documents and Settings\admin\Local Settings\Temp\HP\OJ6500vE709_Basic_12\setup\hpznui01.exe:*:Enabled:hpznui01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="StripMyRights.exe /D /L N

======File associations======

.reg - edit -
.reg - open -

======List of files/folders created in the last 3 months======

2010-09-13 18:32:27 ----D---- C:\rsit
2010-09-13 18:32:27 ----D---- C:\Program Files\trend micro
2010-09-13 18:03:05 ----A---- C:\WINDOWS\msnfix.txt
2010-09-09 22:41:57 ----D---- C:\Documents and Settings\admin\Application Data\Malwarebytes
2010-09-09 22:41:49 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-09 22:41:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-09 22:41:47 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-09-09 22:41:47 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-09 22:36:07 ----RD---- C:\32788R22FWJFW
2010-09-09 22:36:03 ----D---- C:\Documents and Settings\All Users\Application Data\Redirected
2010-09-01 19:35:35 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-09-01 19:35:35 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-17 00:16:21 ----A---- C:\WINDOWS\system32\framedyn.dll
2010-07-17 00:16:01 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2010-07-17 00:15:47 ----A---- C:\WINDOWS\system32\drivers\StarOpen.sys
2010-07-17 00:09:20 ----A---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-07-17 00:07:57 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2010-07-17 00:07:53 ----A---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-07-17 00:05:25 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-07-17 00:05:24 ----A---- C:\WINDOWS\system32\wshirda.dll
2010-07-17 00:05:24 ----A---- C:\WINDOWS\system32\irmon.dll
2010-07-17 00:05:24 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-07-17 00:05:23 ----A---- C:\WINDOWS\system32\irftp.exe
2010-07-17 00:04:45 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2010-07-17 00:04:44 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2010-07-16 23:51:18 ----A---- C:\WINDOWS\system32\FsUsbExService.Exe
2010-07-16 23:51:18 ----A---- C:\WINDOWS\system32\FsUsbExDisk.Sys
2010-07-16 23:51:18 ----A---- C:\WINDOWS\system32\FsUsbExDevice.Dll
2010-07-16 23:49:46 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-16 23:48:55 ----D---- C:\Documents and Settings\admin\Application Data\Samsung
2010-07-16 23:48:34 ----D---- C:\Program Files\Common Files
2010-07-16 23:48:21 ----D---- C:\Program Files\MarkAny
2010-07-16 23:48:21 ----D---- C:\Documents and Settings\All Users\Application Data\Samsung
2010-07-16 23:46:59 ----D---- C:\WINDOWS\system32\XPSViewer
2010-07-16 23:46:55 ----D---- C:\Program Files\MSBuild
2010-07-16 23:46:53 ----D---- C:\WINDOWS\system32\en-US
2010-07-16 23:46:46 ----D---- C:\Program Files\Reference Assemblies
2010-07-16 23:46:25 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-07-16 23:46:25 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-07-16 23:46:25 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-07-16 23:46:24 ----D---- C:\9d1be0f30aac36ae029acf159be5
2010-07-16 23:46:09 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-07-16 23:46:09 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-07-16 23:46:08 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-07-16 23:46:01 ----D---- C:\Program Files\MSXML 6.0
2010-07-16 23:25:37 ----D---- C:\Program Files\Samsung
2010-07-16 23:25:18 ----D---- C:\Program Files\Fichiers communs\Samsung

======List of files/folders modified in the last 3 months======

2010-09-13 18:32:27 ----D---- C:\Program Files
2010-09-13 18:14:55 ----SHD---- C:\WINDOWS\Installer
2010-09-13 18:14:53 ----HD---- C:\Config.Msi
2010-09-13 18:14:52 ----D---- C:\WINDOWS\system32\drivers
2010-09-13 18:14:52 ----D---- C:\WINDOWS\system32
2010-09-13 18:13:41 ----SD---- C:\WINDOWS\Tasks
2010-09-13 18:03:05 ----D---- C:\WINDOWS
2010-09-13 17:53:05 ----D---- C:\WINDOWS\Temp
2010-09-09 20:25:28 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-07 17:11:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-09-02 23:02:15 ----D---- C:\Program Files\adslTV
2010-09-01 20:19:19 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-07 15:28:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-17 12:41:32 ----RSD---- C:\WINDOWS\assembly
2010-07-17 12:38:59 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-17 00:17:23 ----D---- C:\WINDOWS\inf
2010-07-17 00:15:37 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-17 00:04:48 ----D---- C:\WINDOWS\security
2010-07-16 23:52:15 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-16 23:46:51 ----RSD---- C:\WINDOWS\Fonts
2010-07-16 23:46:34 ----D---- C:\WINDOWS\system32\dllcache
2010-07-16 23:25:18 ----D---- C:\Program Files\Fichiers communs
2010-07-05 23:31:31 ----SD---- C:\Documents and Settings\admin\Application Data\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 crcdisk;Pilote de filtre de disque CRC; C:\WINDOWS\system32\DRIVERS\crcdisk.sys [2007-02-17 17920]
R0 DfsDriver;DfsDriver; C:\WINDOWS\system32\drivers\Dfs.sys [2001-10-25 34816]
R0 uagp35;Filtre AGP version 3.5 Microsoft; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2007-02-16 46080]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AmdK7;Pilote processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2001-10-25 41984]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 FETNDIS;Pilote de carte VIA famille Rhine 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2003-03-25 40448]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 11776]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 13312]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2001-10-25 20864]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2007-02-17 17408]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-01-25 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-01-25 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-01-25 21568]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2003-03-27 9216]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2007-02-16 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2007-02-17 18432]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2007-02-17 16384]
S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2001-10-25 28160]
S3 vga;vga; C:\WINDOWS\system32\DRIVERS\vgapnp.sys [2007-02-17 24064]
S3 VIAudio;Contrôleur audio VIA AC'97 (WDM); C:\WINDOWS\system32\drivers\ac97via.sys [2003-03-25 86912]
S3 WLBS;Équilibrage de la charge réseau; C:\WINDOWS\system32\DRIVERS\wlbs.sys [2001-10-25 174592]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2001-10-25 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2001-10-25 82944]
S4 adpu320;adpu320; C:\WINDOWS\system32\drivers\adpu320.sys []
S4 afcnt;afcnt; C:\WINDOWS\system32\drivers\afcnt.sys []
S4 AmdIde;AmdIde; C:\WINDOWS\system32\drivers\AmdIde.sys []
S4 arc;arc; C:\WINDOWS\system32\drivers\arc.sys []
S4 cpqarry2;cpqarry2; C:\WINDOWS\system32\drivers\cpqarry2.sys []
S4 cpqcissm;cpqcissm; C:\WINDOWS\system32\drivers\cpqcissm.sys []
S4 cpqfcalm;cpqfcalm; C:\WINDOWS\system32\drivers\cpqfcalm.sys []
S4 dellcerc;dellcerc; C:\WINDOWS\system32\drivers\dellcerc.sys []
S4 elxstor;elxstor; C:\WINDOWS\system32\drivers\elxstor.sys []
S4 hpcisss;hpcisss; C:\WINDOWS\system32\drivers\hpcisss.sys []
S4 iirsp;iirsp; C:\WINDOWS\system32\drivers\iirsp.sys []
S4 ipsraidn;ipsraidn; C:\WINDOWS\system32\drivers\ipsraidn.sys []
S4 lp6nds35;lp6nds35; C:\WINDOWS\system32\drivers\lp6nds35.sys []
S4 nfrd960;nfrd960; C:\WINDOWS\system32\drivers\nfrd960.sys []
S4 ql2100;ql2100; C:\WINDOWS\system32\drivers\ql2100.sys []
S4 ql2200;ql2200; C:\WINDOWS\system32\drivers\ql2200.sys []
S4 ql2300;ql2300; C:\WINDOWS\system32\drivers\ql2300.sys []
S4 symmpi;symmpi; C:\WINDOWS\system32\drivers\symmpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AeLookupSvc;Service Application Experience Lookup; C:\WINDOWS\system32\svchost.exe [2001-10-25 14848]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2001-10-25 14848]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2001-10-25 14848]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-06 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2001-10-25 14848]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2001-10-25 14848]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2010-01-26 243056]
S3 RSoPProv;Fournisseur d'un jeu de stratégie résultant; C:\WINDOWS\system32\RSoPProv.exe [2001-10-25 67072]
S3 UMWdf;Infrastructure de pilote-mode utilisateur Windows; C:\WINDOWS\system32\wdfmgr.exe [2001-10-25 8704]
S3 vds;Service de disque virtuel; C:\WINDOWS\System32\vds.exe [2001-10-25 353792]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S4 Dfs;Système de fichiers distribués; C:\WINDOWS\system32\Dfssvc.exe [2001-10-25 164864]
S4 kdc;Centre de distribution de clés Kerberos; C:\WINDOWS\System32\lsass.exe [2001-10-25 16384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 sacsvr;Application d'assistance de la Console d'administration spéciale; C:\WINDOWS\System32\svchost.exe [2001-10-25 14848]
S4 TrkSvr;Serveur de suivi de lien distribué; C:\WINDOWS\system32\svchost.exe [2001-10-25 14848]
S4 WinHttpAutoProxySvc;Service de découverte automatique de Proxy Web pour les services HTTP Windows; C:\WINDOWS\system32\svchost.exe [2001-10-25 14848]
S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2001-10-25 14848]

-----------------EOF-----------------





merci d'avance.

Autres pages sur : envoi mail actions part

14 Septembre 2010 10:03:02

salut,

change le mot de passe ( ou de copine ...! )
15 Septembre 2010 09:48:55

C'est ce que j'ai fait (changement de mot de passe). Pas d'envoi de nouveau mail pour le moment mais j'aimerai avoir un avis sur ce rapport au cas où il y aurait quelques choses.
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS