Se connecter / S'enregistrer
Votre question

Rapport hijack rsit. ordi qui rame

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Novembre 2009 12:29:45

Bonjour,
Depuis une semaine mon ordi rame, le conseil était de faire un rapport RSIT, mais apres je sais pas trop quoi supprimer.
Si qelqu'un peut m'aider.
Merci

Logfile of random's system information tool 1.06 (written by random/random)
Run by darty at 2009-11-19 12:22:46
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 24 GB (35%) free of 69 GB
Total RAM: 1023 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:57, on 19/11/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16916)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\darty\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\darty.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe

--
End of file - 5446 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{6AD8BF81-6EB3-441D-AD5F-B915DBEB3EB4}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-17 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-10-09 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-17 149280]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 1232896]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooquickpdfv7]
C:\Windows\system32\oopmagentts.exe [2007-10-10 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe [2007-12-10 695808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-01-11 778240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MultiFrame.lnk]
C:\PROGRA~1\ASUS\ASUSMU~1\MULTIF~1.EXE [2006-12-29 991600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk]
C:\PROGRA~1\PDFCRE~1\PDFCRE~1.EXE [2009-03-20 2859008]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e48e719-3ba7-11de-848c-a095d13e9ef0}]
shell\Auto\command - F:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21e91871-7723-11dc-a8d8-001a92e82eea}]
shell\AutoRun\command - F:\setup.exe -SMS

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d6a5b54-affd-11de-b81f-001a92e82eea}]
shell\AutoRun\command - eyt.exe
shell\open\command - eyt.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9fd48958-1216-11dd-931d-0019d2cf6708}]
shell\Auto\command - F:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa6928d1-36f3-11dd-ad5f-001a92e82eea}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6547f0c-8393-11de-907a-0019d2cf6708}]
shell\AutoRun\command - H:\fsaht.cmd
shell\open\command - H:\fsaht.cmd


======List of files/folders created in the last 1 months======

2009-11-19 11:36:20 ----D---- C:\rsit
2009-11-18 13:08:06 ----A---- C:\Windows\system32\aswBoot.exe
2009-11-14 10:30:19 ----D---- C:\Users\darty\AppData\Roaming\CloneSpy
2009-11-12 12:42:54 ----D---- C:\Users\darty\AppData\Roaming\Icones
2009-11-12 12:42:54 ----D---- C:\Program Files\Winsudate
2009-11-12 12:35:21 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-09 14:52:50 ----A---- C:\Windows\IsUn040c.exe
2009-11-09 14:20:03 ----D---- C:\Users\darty\AppData\Roaming\DAEMON Tools Lite
2009-11-09 14:19:59 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-11-04 12:19:16 ----HD---- C:\ProgramData\CanonBJ
2009-11-04 10:20:33 ----A---- C:\Windows\system32\mshtml.dll
2009-10-29 00:05:27 ----D---- C:\Users\darty\AppData\Roaming\vlc
2009-10-28 10:36:18 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 10:36:05 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 10:36:03 ----A---- C:\Windows\system32\spwmp.dll
2009-10-28 10:36:02 ----A---- C:\Windows\system32\dxmasf.dll
2009-10-28 10:35:58 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-25 15:32:58 ----D---- C:\Users\darty\AppData\Roaming\Faerie Solitaire
2009-10-25 14:34:07 ----D---- C:\ProgramData\Adobe
2009-10-23 09:42:27 ----D---- C:\Windows\system32\QuickTime
2009-10-23 09:42:20 ----A---- C:\Windows\system32\rmoc3260.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5032.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5016.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\MACDec.dll
2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp6vfw.dll
2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp31vfw.dll
2009-10-23 09:42:17 ----A---- C:\Windows\system32\mpg4c32.dll
2009-10-23 09:42:17 ----A---- C:\Windows\system32\huffyuv.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vsfilter.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vorbisfile.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vobsub.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\unrar.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\OpenQuicktimeLib.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivxVfWCodec.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivx.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidvfw.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidcore.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbisenc.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbis.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\OggDS.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\ogg.dll
2009-10-23 09:42:14 ----A---- C:\Windows\system32\WMV9VCM.dll
2009-10-23 09:42:14 ----A---- C:\Windows\system32\divx.dll
2009-10-23 09:42:13 ----A---- C:\Windows\system32\msvcr70.dll
2009-10-23 09:42:13 ----A---- C:\Windows\system32\cpuinf32.dll
2009-10-23 09:42:12 ----D---- C:\Users\darty\AppData\Roaming\Real
2009-10-23 09:42:12 ----D---- C:\ProgramData\Real
2009-10-22 22:23:43 ----D---- C:\Program Files\Movie Maker 2.6
2009-10-22 21:41:03 ----D---- C:\ProgramData\FLEXnet
2009-10-22 15:55:49 ----D---- C:\Program Files\Solitaire Cruise
2009-10-22 14:10:55 ----A---- C:\Windows\system32\wininet.dll
2009-10-22 14:10:52 ----A---- C:\Windows\system32\urlmon.dll
2009-10-22 14:10:50 ----A---- C:\Windows\system32\ieframe.dll
2009-10-22 14:10:47 ----A---- C:\Windows\system32\mstime.dll
2009-10-22 14:10:47 ----A---- C:\Windows\system32\ieapfltr.dll
2009-10-22 14:10:46 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\occache.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\iertutil.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\dxtmsft.dll
2009-10-22 14:10:44 ----A---- C:\Windows\system32\mshtmled.dll
2009-10-22 14:10:44 ----A---- C:\Windows\system32\ieaksie.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\ieencode.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\icardie.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\dxtrans.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\ieui.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\advpack.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\admparse.dll
2009-10-22 14:10:41 ----A---- C:\Windows\system32\iesetup.dll
2009-10-22 14:10:41 ----A---- C:\Windows\system32\iernonce.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\pngfilt.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\mshtmler.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieakui.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-20 18:43:34 ----D---- C:\Users\darty\AppData\Roaming\PoBros
2009-10-20 13:04:36 ----D---- C:\Users\darty\AppData\Roaming\MBT

======List of files/folders modified in the last 1 months======

2009-11-19 12:22:55 ----D---- C:\Windows\Temp
2009-11-19 12:22:09 ----HD---- C:\ProgramData
2009-11-19 12:20:04 ----SHD---- C:\Windows\Installer
2009-11-19 12:19:45 ----D---- C:\Windows\system32\drivers
2009-11-19 12:18:56 ----A---- C:\Windows\system32\acovcnt.exe
2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Adobe
2009-11-19 12:10:16 ----D---- C:\Program Files\Adobe
2009-11-19 12:09:35 ----RD---- C:\Program Files
2009-11-19 12:09:35 ----D---- C:\Windows\System32
2009-11-19 12:07:55 ----D---- C:\Windows\Prefetch
2009-11-19 12:03:07 ----D---- C:\Windows\winsxs
2009-11-19 11:59:13 ----D---- C:\Users\darty\AppData\Roaming\Adobe
2009-11-19 11:56:12 ----D---- C:\Program Files\Common Files
2009-11-19 11:33:07 ----SD---- C:\Windows\Downloaded Program Files
2009-11-19 11:27:14 ----D---- C:\Program Files\Mozilla Firefox
2009-11-19 01:57:15 ----D---- C:\Windows
2009-11-19 01:03:29 ----D---- C:\Program Files\Google
2009-11-19 01:01:36 ----SHD---- C:\System Volume Information
2009-11-19 01:00:29 ----D---- C:\Users\darty\AppData\Roaming\uTorrent
2009-11-18 21:40:30 ----D---- C:\Users\darty\AppData\Roaming\Identities
2009-11-18 21:40:28 ----D---- C:\Users\darty\AppData\Roaming\Zylom
2009-11-17 22:55:57 ----D---- C:\ProgramData\Google
2009-11-14 15:15:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-14 15:14:57 ----D---- C:\Windows\inf
2009-11-14 15:13:14 ----D---- C:\Users\darty\AppData\Roaming\dvdcss
2009-11-14 11:05:41 ----D---- C:\Users\darty\AppData\Roaming\LimeWire
2009-11-12 21:36:12 ----D---- C:\Windows\system32\catroot
2009-11-12 21:33:18 ----D---- C:\Program Files\Windows Mail
2009-11-12 21:28:08 ----D---- C:\ProgramData\Microsoft Help
2009-11-12 12:45:49 ----SHD---- C:\$Recycle.Bin
2009-11-12 12:42:54 ----D---- C:\Program Files\Internet Explorer
2009-11-12 12:27:52 ----D---- C:\Windows\system32\catroot2
2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-31 10:08:31 ----D---- C:\Program Files\Windows Media Player
2009-10-31 10:08:30 ----D---- C:\Windows\system32\fr-FR
2009-10-24 09:18:27 ----D---- C:\Windows\system32\migration
2009-10-24 09:18:26 ----D---- C:\Windows\AppPatch
2009-10-22 21:40:09 ----D---- C:\Windows\system32\Tasks
2009-10-22 14:49:50 ----D---- C:\Program Files\VideoLAN
2009-10-21 21:06:50 ----AD---- C:\ProgramData\TEMP
2009-10-21 13:11:01 ----D---- C:\Program Files\RealArcade
2009-10-21 13:11:01 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-09-15 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-09-15 52368]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 CdaC15BA;CdaC15BA; \??\C:\Windows\system32\drivers\CdaC15BA.SYS [2008-11-24 12464]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-12-28 18688]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-14 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-12-16 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-12-19 1786880]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-12-21 2305536]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-10-09 82432]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2006-12-21 1132544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 WCPU;WCPU; \??\C:\Program Files\P4G\WCPU.sys [2007-01-02 11120]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2006-11-02 18432]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2006-12-20 90112]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2006-12-21 557056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [2008-11-24 54784]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-29 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2006-12-10 24576]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
S4 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-11-11 69120]

-----------------EOF-----------------

Autres pages sur : rapport hijack rsit ordi rame

a c 267 8 Sécurité
a b 9 Windows
19 Novembre 2009 16:22:16

Bonjour,

  • Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix pour l'exécuter.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    19 Novembre 2009 18:31:20

    Et voila


    merci de votre aide par avance



    ############################## | UsbFix V6.055 |

    User : darty (Administrateurs) # AMANDINE
    Update on 18/11/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 18:18:58 | 19/11/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Core(TM) Duo CPU T2350 @ 1.86GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6000 32-bit) #
    Internet Explorer 7.0.6000.16916
    Windows Firewall Status : Enabled
    AV : avast! antivirus 4.8.1356 [VPS 091119-1] 4.8.1356 [ Enabled | Updated ]

    C:\ -> Disque fixe local # 67,07 Go (28,62 Go free) [VistaOS] # NTFS
    D:\ -> Disque fixe local # 39,83 Go (12,12 Go free) [DATA] # NTFS
    E:\ -> Disque CD-ROM

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe 416
    C:\Windows\system32\csrss.exe 540
    C:\Windows\system32\wininit.exe 588
    C:\Windows\system32\csrss.exe 600
    C:\Windows\system32\services.exe 632
    C:\Windows\system32\lsass.exe 644
    C:\Windows\system32\lsm.exe 652
    C:\Windows\system32\winlogon.exe 728
    C:\Windows\system32\svchost.exe 832
    C:\Windows\system32\svchost.exe 904
    C:\Windows\System32\svchost.exe 960
    C:\Windows\system32\Ati2evxx.exe 1044
    C:\Windows\System32\svchost.exe 1060
    C:\Windows\System32\svchost.exe 1104
    C:\Windows\system32\svchost.exe 1132
    C:\Windows\system32\SLsvc.exe 1240
    C:\Windows\system32\svchost.exe 1280
    C:\Windows\system32\svchost.exe 1432
    C:\Windows\system32\Ati2evxx.exe 1504
    C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1604
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1624
    C:\Program Files\ATK Hotkey\Hcontrol.exe 1648
    C:\Program Files\ATKOSD2\ATKOSD2.exe 1656
    C:\Program Files\Wireless Console 2\wcourier.exe 1668
    C:\Program Files\ASUS\Splendid\ACMON.exe 1676
    C:\Program Files\Alwil Software\Avast4\ashServ.exe 1684
    C:\Program Files\P4G\BatteryLife.exe 1692
    C:\Windows\System32\ACEngSvr.exe 1748
    C:\Program Files\ATK Hotkey\ATKOSD.exe 1824
    C:\Windows\system32\Dwm.exe 408
    C:\Windows\Explorer.EXE 1372
    C:\Windows\System32\spoolsv.exe 1800
    C:\Windows\system32\svchost.exe 1008
    C:\Windows\system32\taskeng.exe 680
    C:\Program Files\Windows Defender\MSASCui.exe 2308
    C:\Windows\RtHDVCpl.exe 2408
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2620
    C:\Program Files\Java\jre6\bin\jusched.exe 2656
    C:\Program Files\ASUS\ATK Media\DMedia.exe 2664
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2752
    C:\Program Files\Windows Sidebar\sidebar.exe 2948
    C:\Windows\ehome\ehtray.exe 2956
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2996
    C:\Windows\ehome\ehmsas.exe 3004
    C:\Windows\system32\svchost.exe 3288
    C:\Windows\system32\drivers\CDAC11BA.EXE 3328
    C:\Program Files\CDBurnerXP\NMSAccessU.exe 3404
    C:\Windows\system32\svchost.exe 3560
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe 3576
    C:\Windows\system32\svchost.exe 3588
    C:\Windows\System32\StkCSrv.exe 3608
    C:\Windows\System32\svchost.exe 3660
    C:\Windows\system32\SearchIndexer.exe 3684
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 4012
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 4048
    C:\Windows\system32\taskeng.exe 2560
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe 2568
    C:\Windows\system32\wbem\wmiprvse.exe 2864
    C:\Windows\system32\wbem\unsecapp.exe 2280
    C:\Program Files\Windows Live\Contacts\wlcomm.exe 3176
    C:\Windows\system32\wuauclt.exe 5740
    C:\Program Files\Mozilla Firefox\firefox.exe 5148
    C:\Windows\system32\SearchProtocolHost.exe 4612
    C:\Windows\system32\conime.exe 4716
    C:\Windows\system32\wbem\wmiprvse.exe 3148

    ################## | Fichiers # Dossiers infectieux |


    ################## | Registre # Clés infectieuses |


    ################## | Registre # Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\G
    shell\AutoRun\command =eyt.exe
    shell\open\Command =eyt.exe

    HKCU\..\..\Explorer\MountPoints2\H
    shell\Auto\command =AdobeR.exe e
    shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    HKCU\..\..\Explorer\MountPoints2\{1e48e719-3ba7-11de-848c-a095d13e9ef0}
    shell\Auto\command =F:\AdobeR.exe e
    shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e

    HKCU\..\..\Explorer\MountPoints2\{21e91871-7723-11dc-a8d8-001a92e82eea}
    shell\AutoRun\command =F:\setup.exe -SMS

    HKCU\..\..\Explorer\MountPoints2\{2d6a5b54-affd-11de-b81f-001a92e82eea}
    shell\AutoRun\command =eyt.exe
    shell\open\Command =eyt.exe

    HKCU\..\..\Explorer\MountPoints2\{9fd48958-1216-11dd-931d-0019d2cf6708}
    shell\Auto\command =F:\AdobeR.exe e
    shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e

    HKCU\..\..\Explorer\MountPoints2\{aa6928d1-36f3-11dd-ad5f-001a92e82eea}
    shell\Auto\command =AdobeR.exe e
    shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    HKCU\..\..\Explorer\MountPoints2\{e6547f0c-8393-11de-907a-0019d2cf6708}
    shell\AutoRun\command =H:\fsaht.cmd
    shell\open\Command =H:\fsaht.cmd

    ################## | Cracks / Keygens / Serials |

    "C:\Users\darty\Documents\Virtual DJ Pro v5.0 (Crack)\virtualdj_trial.exe"
    16/09/2007 21:24 |Size 13283830 |Crc32 73cea9cd |Md5 f5e4257248f26f66b25e49d4595ccdf5


    ################## | ! Fin du rapport # UsbFix V6.055 ! |

    Contenus similaires
    a c 267 8 Sécurité
    a b 9 Windows
    19 Novembre 2009 18:39:08

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix présent sur ton Bureau pour le lancer.
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    19 Novembre 2009 19:00:05


    ############################## | UsbFix V6.055 |

    User : darty (Administrateurs) # AMANDINE
    Update on 18/11/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 18:51:44 | 19/11/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Core(TM) Duo CPU T2350 @ 1.86GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6000 32-bit) #
    Internet Explorer 7.0.6000.16916
    Windows Firewall Status : Enabled
    AV : avast! antivirus 4.8.1356 [VPS 091119-1] 4.8.1356 [ Enabled | Updated ]

    C:\ -> Disque fixe local # 67,07 Go (28,82 Go free) [VistaOS] # NTFS
    D:\ -> Disque fixe local # 39,83 Go (12,12 Go free) [DATA] # NTFS
    E:\ -> Disque CD-ROM

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe 416
    C:\Windows\system32\csrss.exe 544
    C:\Windows\system32\wininit.exe 592
    C:\Windows\system32\csrss.exe 604
    C:\Windows\system32\services.exe 636
    C:\Windows\system32\lsass.exe 648
    C:\Windows\system32\lsm.exe 656
    C:\Windows\system32\winlogon.exe 732
    C:\Windows\system32\svchost.exe 844
    C:\Windows\system32\svchost.exe 916
    C:\Windows\System32\svchost.exe 948
    C:\Windows\system32\Ati2evxx.exe 1040
    C:\Windows\System32\svchost.exe 1064
    C:\Windows\System32\svchost.exe 1088
    C:\Windows\system32\svchost.exe 1108
    C:\Windows\system32\SLsvc.exe 1244
    C:\Windows\system32\svchost.exe 1292
    C:\Windows\system32\svchost.exe 1440
    C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1560
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1572
    C:\Program Files\ATK Hotkey\Hcontrol.exe 1592
    C:\Program Files\ATKOSD2\ATKOSD2.exe 1600
    C:\Program Files\Wireless Console 2\wcourier.exe 1608
    C:\Program Files\ASUS\Splendid\ACMON.exe 1616
    C:\Program Files\P4G\BatteryLife.exe 1624
    C:\Program Files\Alwil Software\Avast4\ashServ.exe 1636
    C:\Windows\System32\ACEngSvr.exe 1712
    C:\Program Files\ATK Hotkey\ATKOSD.exe 1868
    C:\Windows\system32\Ati2evxx.exe 124
    C:\Windows\system32\Dwm.exe 588
    C:\Windows\Explorer.EXE 1412
    C:\Windows\System32\spoolsv.exe 1012
    C:\Windows\system32\runonce.exe 1864
    C:\Windows\system32\svchost.exe 1972
    C:\Windows\system32\taskeng.exe 348
    C:\Windows\system32\svchost.exe 2588
    C:\Windows\system32\drivers\CDAC11BA.EXE 2616
    C:\Program Files\CDBurnerXP\NMSAccessU.exe 2716
    C:\Windows\system32\svchost.exe 2864
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe 2880
    C:\Windows\system32\svchost.exe 2900
    C:\Windows\System32\StkCSrv.exe 2912
    C:\Windows\System32\svchost.exe 2964
    C:\Windows\system32\SearchIndexer.exe 2984
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 3268
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 3288
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe 3436
    C:\Windows\system32\taskeng.exe 3452
    C:\Windows\system32\wbem\wmiprvse.exe 3680
    C:\Windows\system32\PresentationSettings.exe 3732
    C:\Windows\system32\wbem\wmiprvse.exe 3800
    C:\Program Files\Alwil Software\Avast4\setup\avast.setup 3888

    ################## | Fichiers # Dossiers infectieux |


    ################## | Registre # Clés infectieuses |


    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\G\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\H\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{1e48e719-3ba7-11de-848c-a095d13e9ef0}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{21e91871-7723-11dc-a8d8-001a92e82eea}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{2d6a5b54-affd-11de-b81f-001a92e82eea}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{9fd48958-1216-11dd-931d-0019d2cf6708}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{aa6928d1-36f3-11dd-ad5f-001a92e82eea}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{e6547f0c-8393-11de-907a-0019d2cf6708}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [29/05/2009 10:41|--a------|1788] C:\aaw7boot.log
    [16/02/2006 19:24|--a------|2076] C:\ASUS_22620015.icm
    [18/09/2006 22:43|--a------|24] C:\autoexec.bat
    [02/11/2006 10:53|-rahs----|438840] C:\bootmgr
    [10/01/2007 20:35|-ra-s----|8192] C:\BOOTSECT.BAK
    [07/12/2006 04:00|--a------|23] C:\CA.txt
    [18/09/2006 22:43|--a------|10] C:\config.sys
    [07/10/2007 18:25|--a------|286720] C:\Debug.txt
    [03/04/2007 16:59|--a------|15854] C:\devlist.txt
    [18/09/2009 22:15|--a------|1967] C:\ErrLog.txt
    [20/12/2006 10:45|-rah-----|524288] C:\F3JP.BIN
    [09/01/2007 12:07|--a------|15] C:\F3JP_F3JR_Vista.10
    [03/01/2007 12:32|-rah-----|524288] C:\F3JR.BIN
    [03/04/2007 16:59|--a------|9] C:\Finish.log
    [?|?|?] C:\hiberfil.sys
    [08/01/2008 16:33|-rahs----|0] C:\IO.SYS
    [08/01/2008 16:33|-rahs----|0] C:\MSDOS.SYS
    [29/02/2004 16:44|--a------|52576] C:\orange.bmp
    [?|?|?] C:\pagefile.sys
    [03/04/2007 16:43|--a------|284] C:\RHDSetup.log
    [16/05/2006 01:22|--a------|5] C:\Store.LOG
    [19/11/2009 18:55|--a------|4935] C:\UsbFix.txt
    [26/10/2009 13:04|--a------|367296342] D:\Desperate.Housewives.S06E05.HDTV.XviD-NoTV.avi
    [03/11/2009 22:18|--a------|333254072] D:\Desperate.Housewives.S06E06.VOSTFR.Gillop.avi
    [10/11/2009 01:08|--a------|366269186] D:\Desperate.Housewives.S06E07.HDTV.XviD-P0W4.avi
    [12/11/2009 15:12|--a------|366993408] D:\Desperate.Housewives.S06E07.VOSTFR.HDTV.XviD-DRAGONS.avi
    [27/07/2008 23:08|--ahs----|285696] D:\ehthumbs_vista.db
    [25/10/2009 15:53|--a------|324178280] D:\FlashForward.S01E05.VOSTFR.Gillop.avi
    [31/10/2009 22:28|--a------|365597942] D:\FlashForward.S01E06.VOSTFR.HDTV.XviD-GKS.avi
    [24/10/2009 09:57|--a------|355208528] D:\Greys.Anatomy.S06E06.VOSTFR.FASTSUB.HDTV.XviD-DFX.avi
    [02/11/2009 11:43|--a------|364319794] D:\Greys.Anatomy.S06E07.VOSTFR.HDTV.XviD-GKS.avi
    [12/11/2009 15:13|--a------|364851042] D:\Greys.Anatomy.S06E08.REPACK.VOSTFR.HDTV.XviD-GKS [tracker-surfer.fr].avi
    [29/10/2009 16:50|--a------|725704704] D:\Loose Change - 11 septembre 2001 - Fr par Slayer91acph.avi
    [27/10/2009 23:08|--a------|732997324] D:\ukd-confessions-xvid.avi
    [19/09/2009 22:20|--a------|100263] D:\VirtualDJ Local Database v6.xml
    [29/10/2009 17:10|--a------|719558492] D:\ZERO - Enquete sur le 11 Septembre Vostfr.avi

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.
    # D:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Suspect | http://www.virustotal.com |


    ################## | Cracks / Keygens / Serials |

    "C:\Users\darty\Documents\Virtual DJ Pro v5.0 (Crack)\virtualdj_trial.exe"
    16/09/2007 21:24 |Size 13283830 |Crc32 73cea9cd |Md5 f5e4257248f26f66b25e49d4595ccdf5


    ################## | ! Fin du rapport # UsbFix V6.055 ! |

    a c 267 8 Sécurité
    a b 9 Windows
    19 Novembre 2009 19:17:23

  • Relance UsbFix et choisis l'option 5 pour le désinstaller.

  • Supprime les traces de Norton avec ceci.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    19 Novembre 2009 19:32:21

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 3196
    Windows 6.0.6000

    19/11/2009 19:31:34
    mbam-log-2009-11-19 (19-31-34).txt

    Type de recherche: Examen rapide
    Eléments examinés: 90434
    Temps écoulé: 5 minute(s), 46 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
    C:\Program Files\Winsudate\gibusr.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
    19 Novembre 2009 19:33:52

    je savais que ce fichier étéait pas bon mais j'arrivais pas a le supprimer... j'espere que ca va etre bon maintenant
    en tout cas merci déjà pour cet aide, suis preneuse d'autre trucs pour netoyer l'ordi
    a c 267 8 Sécurité
    a b 9 Windows
    19 Novembre 2009 19:48:13

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Poste le rapport info situé dans C:\rsit.
    19 Novembre 2009 20:06:41

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by darty at 2009-11-19 20:05:36
    Microsoft® Windows Vista™ Édition Familiale Premium
    System drive C: has 29 GB (43%) free of 69 GB
    Total RAM: 1023 MB (23% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:05:46, on 19/11/2009
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16916)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\darty\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\darty.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [uTorrent] "C:\Users\darty\Desktop\utorrent.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe

    --
    End of file - 5309 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Ad-Aware Update (Weekly).job
    C:\Windows\tasks\User_Feed_Synchronization-{6AD8BF81-6EB3-441D-AD5F-B915DBEB3EB4}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-17 41760]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-10-09 1006264]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-17 149280]
    "ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 1232896]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "uTorrent"=C:\Users\darty\Desktop\utorrent.exe [2009-11-19 289072]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooquickpdfv7]
    C:\Windows\system32\oopmagentts.exe [2007-10-10 69632]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
    C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe [2007-12-10 695808]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
    C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-01-11 778240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
    C:\Program Files\uTorrent\uTorrent.exe [2009-11-19 289072]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MultiFrame.lnk]
    C:\PROGRA~1\ASUS\ASUSMU~1\MULTIF~1.EXE [2006-12-29 991600]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk]
    C:\PROGRA~1\PDFCRE~1\PDFCRE~1.EXE [2009-03-20 2859008]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=145
    "NoDriveTypeAutoRun"=145
    "HonorAutoRunSetting"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======List of files/folders created in the last 1 months======

    2009-11-19 18:55:03 ----RASHD---- C:\autorun.inf
    2009-11-19 18:17:42 ----D---- C:\UsbFix
    2009-11-19 15:50:26 ----D---- C:\Users\darty\AppData\Roaming\Ashtons Family Resort
    2009-11-19 15:50:26 ----D---- C:\ProgramData\Ashtons Family Resort
    2009-11-19 14:01:53 ----D---- C:\Users\darty\AppData\Roaming\Malwarebytes
    2009-11-19 14:01:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-11-19 13:41:01 ----D---- C:\Program Files\Zylom Games
    2009-11-19 12:50:59 ----D---- C:\Program Files\uTorrent
    2009-11-19 11:36:20 ----D---- C:\rsit
    2009-11-18 13:08:06 ----A---- C:\Windows\system32\aswBoot.exe
    2009-11-14 10:30:19 ----D---- C:\Users\darty\AppData\Roaming\CloneSpy
    2009-11-12 12:42:54 ----D---- C:\Users\darty\AppData\Roaming\Icones
    2009-11-12 12:35:21 ----A---- C:\Windows\system32\WSDApi.dll
    2009-11-09 14:52:50 ----A---- C:\Windows\IsUn040c.exe
    2009-11-09 14:20:03 ----D---- C:\Users\darty\AppData\Roaming\DAEMON Tools Lite
    2009-11-09 14:19:59 ----D---- C:\ProgramData\DAEMON Tools Lite
    2009-11-04 12:19:16 ----HD---- C:\ProgramData\CanonBJ
    2009-11-04 10:20:33 ----A---- C:\Windows\system32\mshtml.dll
    2009-10-29 00:05:27 ----D---- C:\Users\darty\AppData\Roaming\vlc
    2009-10-28 10:36:18 ----A---- C:\Windows\system32\wmp.dll
    2009-10-28 10:36:05 ----A---- C:\Windows\system32\unregmp2.exe
    2009-10-28 10:36:03 ----A---- C:\Windows\system32\spwmp.dll
    2009-10-28 10:36:02 ----A---- C:\Windows\system32\dxmasf.dll
    2009-10-28 10:35:58 ----A---- C:\Windows\system32\wmploc.DLL
    2009-10-25 15:32:58 ----D---- C:\Users\darty\AppData\Roaming\Faerie Solitaire
    2009-10-25 14:34:07 ----D---- C:\ProgramData\Adobe
    2009-10-23 09:42:27 ----D---- C:\Windows\system32\QuickTime
    2009-10-23 09:42:20 ----A---- C:\Windows\system32\rmoc3260.dll
    2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5032.dll
    2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5016.dll
    2009-10-23 09:42:20 ----A---- C:\Windows\system32\MACDec.dll
    2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp6vfw.dll
    2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp31vfw.dll
    2009-10-23 09:42:17 ----A---- C:\Windows\system32\mpg4c32.dll
    2009-10-23 09:42:17 ----A---- C:\Windows\system32\huffyuv.dll
    2009-10-23 09:42:16 ----A---- C:\Windows\system32\vsfilter.dll
    2009-10-23 09:42:16 ----A---- C:\Windows\system32\vorbisfile.dll
    2009-10-23 09:42:16 ----A---- C:\Windows\system32\vobsub.dll
    2009-10-23 09:42:16 ----A---- C:\Windows\system32\unrar.dll
    2009-10-23 09:42:16 ----A---- C:\Windows\system32\OpenQuicktimeLib.dll
    2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivxVfWCodec.dll
    2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivx.dll
    2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidvfw.dll
    2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidcore.dll
    2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbisenc.dll
    2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbis.dll
    2009-10-23 09:42:15 ----A---- C:\Windows\system32\OggDS.dll
    2009-10-23 09:42:15 ----A---- C:\Windows\system32\ogg.dll
    2009-10-23 09:42:14 ----A---- C:\Windows\system32\WMV9VCM.dll
    2009-10-23 09:42:14 ----A---- C:\Windows\system32\divx.dll
    2009-10-23 09:42:13 ----A---- C:\Windows\system32\msvcr70.dll
    2009-10-23 09:42:13 ----A---- C:\Windows\system32\cpuinf32.dll
    2009-10-23 09:42:12 ----D---- C:\Users\darty\AppData\Roaming\Real
    2009-10-23 09:42:12 ----D---- C:\ProgramData\Real
    2009-10-22 22:23:43 ----D---- C:\Program Files\Movie Maker 2.6
    2009-10-22 21:41:03 ----D---- C:\ProgramData\FLEXnet
    2009-10-22 15:55:49 ----D---- C:\Program Files\Solitaire Cruise
    2009-10-22 14:10:55 ----A---- C:\Windows\system32\wininet.dll
    2009-10-22 14:10:52 ----A---- C:\Windows\system32\urlmon.dll
    2009-10-22 14:10:50 ----A---- C:\Windows\system32\ieframe.dll
    2009-10-22 14:10:47 ----A---- C:\Windows\system32\mstime.dll
    2009-10-22 14:10:47 ----A---- C:\Windows\system32\ieapfltr.dll
    2009-10-22 14:10:46 ----A---- C:\Windows\system32\iedkcs32.dll
    2009-10-22 14:10:45 ----A---- C:\Windows\system32\occache.dll
    2009-10-22 14:10:45 ----A---- C:\Windows\system32\msfeeds.dll
    2009-10-22 14:10:45 ----A---- C:\Windows\system32\iertutil.dll
    2009-10-22 14:10:45 ----A---- C:\Windows\system32\dxtmsft.dll
    2009-10-22 14:10:44 ----A---- C:\Windows\system32\mshtmled.dll
    2009-10-22 14:10:44 ----A---- C:\Windows\system32\ieaksie.dll
    2009-10-22 14:10:43 ----A---- C:\Windows\system32\ieencode.dll
    2009-10-22 14:10:43 ----A---- C:\Windows\system32\icardie.dll
    2009-10-22 14:10:43 ----A---- C:\Windows\system32\dxtrans.dll
    2009-10-22 14:10:42 ----A---- C:\Windows\system32\jsproxy.dll
    2009-10-22 14:10:42 ----A---- C:\Windows\system32\ieui.dll
    2009-10-22 14:10:42 ----A---- C:\Windows\system32\advpack.dll
    2009-10-22 14:10:42 ----A---- C:\Windows\system32\admparse.dll
    2009-10-22 14:10:41 ----A---- C:\Windows\system32\iesetup.dll
    2009-10-22 14:10:41 ----A---- C:\Windows\system32\iernonce.dll
    2009-10-22 14:10:40 ----A---- C:\Windows\system32\pngfilt.dll
    2009-10-22 14:10:40 ----A---- C:\Windows\system32\mshtmler.dll
    2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieUnatt.exe
    2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieakui.dll
    2009-10-22 14:10:40 ----A---- C:\Windows\system32\ie4uinit.exe
    2009-10-20 18:43:34 ----D---- C:\Users\darty\AppData\Roaming\PoBros
    2009-10-20 13:04:36 ----D---- C:\Users\darty\AppData\Roaming\MBT

    ======List of files/folders modified in the last 1 months======

    2009-11-19 20:05:36 ----D---- C:\Windows\Temp
    2009-11-19 20:02:30 ----D---- C:\Program Files\Mozilla Firefox
    2009-11-19 19:54:07 ----D---- C:\Windows\system32\drivers
    2009-11-19 19:53:14 ----A---- C:\Windows\system32\acovcnt.exe
    2009-11-19 19:43:56 ----D---- C:\Windows
    2009-11-19 19:39:22 ----D---- C:\Windows\system32\catroot2
    2009-11-19 19:31:33 ----RD---- C:\Program Files
    2009-11-19 19:23:48 ----HD---- C:\ProgramData
    2009-11-19 19:23:48 ----D---- C:\Program Files\Common Files\Symantec Shared
    2009-11-19 18:55:00 ----SD---- C:\Windows\Downloaded Program Files
    2009-11-19 18:52:46 ----SHD---- C:\$Recycle.Bin
    2009-11-19 15:50:24 ----D---- C:\Windows\Prefetch
    2009-11-19 15:50:16 ----D---- C:\Users\darty\AppData\Roaming\Identities
    2009-11-19 15:50:14 ----D---- C:\Users\darty\AppData\Roaming\Zylom
    2009-11-19 15:49:25 ----D---- C:\Users\darty\AppData\Roaming\uTorrent
    2009-11-19 14:17:43 ----D---- C:\Windows\System32
    2009-11-19 14:15:29 ----SD---- C:\ProgramData\Microsoft
    2009-11-19 12:45:47 ----SHD---- C:\System Volume Information
    2009-11-19 12:20:04 ----SHD---- C:\Windows\Installer
    2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Macrovision Shared
    2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Adobe
    2009-11-19 12:10:16 ----D---- C:\Program Files\Adobe
    2009-11-19 12:03:07 ----D---- C:\Windows\winsxs
    2009-11-19 11:59:13 ----D---- C:\Users\darty\AppData\Roaming\Adobe
    2009-11-19 11:56:12 ----D---- C:\Program Files\Common Files
    2009-11-19 01:03:29 ----D---- C:\Program Files\Google
    2009-11-17 22:55:57 ----D---- C:\ProgramData\Google
    2009-11-14 15:15:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-11-14 15:14:57 ----D---- C:\Windows\inf
    2009-11-14 15:13:14 ----D---- C:\Users\darty\AppData\Roaming\dvdcss
    2009-11-14 11:05:41 ----D---- C:\Users\darty\AppData\Roaming\LimeWire
    2009-11-12 21:36:12 ----D---- C:\Windows\system32\catroot
    2009-11-12 21:33:18 ----D---- C:\Program Files\Windows Mail
    2009-11-12 21:28:08 ----D---- C:\ProgramData\Microsoft Help
    2009-11-12 12:42:54 ----D---- C:\Program Files\Internet Explorer
    2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
    2009-10-31 10:08:31 ----D---- C:\Program Files\Windows Media Player
    2009-10-31 10:08:30 ----D---- C:\Windows\system32\fr-FR
    2009-10-24 09:18:27 ----D---- C:\Windows\system32\migration
    2009-10-24 09:18:26 ----D---- C:\Windows\AppPatch
    2009-10-22 21:40:09 ----D---- C:\Windows\system32\Tasks
    2009-10-22 14:49:50 ----D---- C:\Program Files\VideoLAN
    2009-10-21 21:06:50 ----AD---- C:\ProgramData\TEMP
    2009-10-21 13:11:01 ----D---- C:\Program Files\RealArcade
    2009-10-21 13:11:01 ----D---- C:\Program Files\CCleaner

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-09-15 23152]
    R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-09-15 52368]
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
    R2 CdaC15BA;CdaC15BA; \??\C:\Windows\system32\drivers\CdaC15BA.SYS [2008-11-24 12464]
    R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-12-28 18688]
    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-14 32256]
    R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-12-16 14208]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
    R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-12-19 1786880]
    R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-12-21 2305536]
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-10-09 82432]
    R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
    R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2006-12-21 1132544]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
    R3 WCPU;WCPU; \??\C:\Program Files\P4G\WCPU.sys [2007-01-02 11120]
    S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
    S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
    S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
    S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
    S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
    S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
    S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
    S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2006-11-02 18432]
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
    S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
    S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
    S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
    S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
    S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
    S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
    S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
    S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
    S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
    S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
    S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2006-12-20 90112]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
    R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2006-12-21 557056]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
    R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
    R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [2008-11-24 54784]
    R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-29 123248]
    R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2006-12-10 24576]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
    S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2006-11-02 22016]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-27 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
    S4 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-11-11 69120]

    -----------------EOF-----------------
    a c 267 8 Sécurité
    a b 9 Windows
    19 Novembre 2009 20:42:21

    C'est le rapport log que tu m'as posté et non le rapport info.

  • Mets à jour Vista :
    http://update.microsoft.com/
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS