> Tous les forums > Forum Sécurité
 explorateur windows a cessé de fonctionnerSujet résolu
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
Vinzzz25
  Posté le 29/03/2010 @ 18:23 
Aller en bas de la page 

Bonjour à tous ,

désolé pour ce message qui est peut être récurrent pour certains ...

mais quand je fais un clic droit sur un dossier , j'ai une fenêtre qui s'ouvre et qui m'indique que l'explorateur windows a cessé de fonctionner ...

je n'ai pas trouvé la solution

j'ai certainement récupéré un virus ... suite à un téléchargement d'une mise à jour Java , ou Norton ??

je suis sous Vista ed familiale premium

ci jointle rapport Hijack:

je suis entrain de faire une recherche d'infection avec Malwarebytes'

merci pour votre aide

Logfile of random's system information tool 1.06 (written by random/random)
Run by Utilisateur at 2010-03-29 03:39:02
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 15 GB (20%) free of 76 GB
Total RAM: 1919 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:39:12, on 29/03/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\ASUSTPE.exe
C:\Windows\ASScrPro.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Windows\regx32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Mediafour\MacDrive 7\MacDrive.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Utilisateur\Downloads\RSIT.exe
C:\Program Files\trend micro\Utilisateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [TrialReset] C:\Windows\regx32.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [MacDrive application] "C:\Program Files\Mediafour\MacDrive 7\MacDrive.exe"
O4 - HKLM\..\Run: [Getting started with MacDrive] "C:\Program Files\Mediafour\MacDrive 7\MDGetStarted.exe" /auto
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MacDrive service (MacDriveService) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 11383 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{52D2FF01-2DD9-45C6-AF01-E261B243BE0E}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll [2009-08-29 392560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL [2009-08-30 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
Ask Search Assistant BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-25 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-03 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-25 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
Ask Toolbar BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll [2009-08-29 392560]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-25 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2007-09-03 630784]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-23 815104]
"ASUSTPE"=C:\Windows\system32\ASUSTPE.exe [2006-12-13 106496]
"ASUS Camera ScreenSaver"=C:\Windows\ASScrProlog.exe [2007-11-08 37232]
"ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe [2007-11-08 33136]
"PowerForPhone"=C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-06-26 778240]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-09-26 1057064]
"TrialReset"=C:\Windows\regx32.exe [2008-07-03 285327]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-06-02 80896]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"MacDrive application"=C:\Program Files\Mediafour\MacDrive 7\MacDrive.exe [2008-09-23 201304]
"Getting started with MacDrive"=C:\Program Files\Mediafour\MacDrive 7\MDGetStarted.exe [2008-09-02 141312]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
""= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-19 39408]
"NoSpam"= []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2e67b137-6209-11de-9f43-001d60af006a}]
shell\AutoRun\command - G:\setup_vmc_lite.exe /checkApplicationPresence

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5244ab56-7821-11dd-8ffd-001d60af006a}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5244ab59-7821-11dd-8ffd-001d60af006a}]
shell\AutoRun\command - H:\LaunchU3.exe -a


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-03-29 03:39:02 ----D---- C:\rsit
2010-03-29 03:39:02 ----D---- C:\Program Files\trend micro
2010-03-29 03:25:23 ----D---- C:\ProgramData\Sun
2010-03-29 03:24:28 ----A---- C:\Windows\system32\javaws.exe
2010-03-29 03:24:28 ----A---- C:\Windows\system32\javaw.exe
2010-03-29 03:24:28 ----A---- C:\Windows\system32\java.exe
2010-03-29 02:57:38 ----D---- C:\Program Files\CCleaner
2010-03-29 01:32:29 ----D---- C:\Program Files\Mozilla Firefox
2010-03-29 01:07:02 ----D---- C:\Program Files\Symantec
2010-03-29 01:06:08 ----D---- C:\Program Files\Norton Internet Security
2010-03-29 01:06:07 ----D---- C:\ProgramData\Norton
2010-03-29 01:05:19 ----D---- C:\ProgramData\NortonInstaller
2010-03-29 01:05:19 ----D---- C:\Program Files\NortonInstaller
2010-03-29 00:36:53 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-26 00:57:31 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-26 00:57:27 ----A---- C:\Windows\system32\httpapi.dll
2010-03-11 10:30:17 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-03-11 10:30:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-03-11 10:26:43 ----D---- C:\Program Files\TomTom International B.V
2010-03-02 11:24:55 ----A---- C:\Windows\system32\jscript.dll
2010-03-02 11:24:22 ----A---- C:\Windows\system32\tzres.dll
2010-03-02 11:23:35 ----A---- C:\Windows\system32\secproc_isv.dll
2010-03-02 11:23:35 ----A---- C:\Windows\system32\secproc.dll
2010-03-02 11:23:32 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-03-02 11:23:31 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-03-02 11:23:31 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-03-02 11:23:31 ----A---- C:\Windows\system32\RMActivate.exe
2010-03-02 11:23:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-03-02 11:23:30 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-03-02 11:23:30 ----A---- C:\Windows\system32\msdrm.dll
2010-03-02 11:22:51 ----A---- C:\Windows\system32\gameux.dll
2010-03-02 11:22:50 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-03-02 11:22:50 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-03-02 11:22:36 ----A---- C:\Windows\system32\quartz.dll
2010-03-02 11:22:35 ----A---- C:\Windows\system32\tsbyuv.dll
2010-03-02 11:22:35 ----A---- C:\Windows\system32\msyuv.dll
2010-03-02 11:22:35 ----A---- C:\Windows\system32\msvidc32.dll
2010-03-02 11:22:35 ----A---- C:\Windows\system32\msrle32.dll
2010-03-02 11:22:35 ----A---- C:\Windows\system32\iyuv_32.dll
2010-03-02 11:22:34 ----A---- C:\Windows\system32\msvfw32.dll
2010-03-02 11:22:34 ----A---- C:\Windows\system32\mciavi32.dll
2010-03-02 11:22:34 ----A---- C:\Windows\system32\avifil32.dll

======List of files/folders modified in the last 1 months======

2010-03-29 03:39:02 ----RD---- C:\Program Files
2010-03-29 03:38:51 ----D---- C:\Windows\Temp
2010-03-29 03:34:16 ----SHD---- C:\System Volume Information
2010-03-29 03:25:23 ----HD---- C:\ProgramData
2010-03-29 03:25:18 ----SHD---- C:\Windows\Installer
2010-03-29 03:25:14 ----HD---- C:\Config.Msi
2010-03-29 03:25:13 ----D---- C:\Program Files\Common Files\Java
2010-03-29 03:24:28 ----D---- C:\Windows\System32
2010-03-29 03:24:00 ----A---- C:\Windows\system32\deploytk.dll
2010-03-29 03:14:16 ----D---- C:\Program Files\Java
2010-03-29 03:03:42 ----D---- C:\Users\Utilisateur\AppData\Roaming\Azureus
2010-03-29 03:02:57 ----D---- C:\Windows\Minidump
2010-03-29 03:02:57 ----D---- C:\Windows\Debug
2010-03-29 03:02:57 ----D---- C:\Windows
2010-03-29 02:56:06 ----D---- C:\Windows\system32\drivers
2010-03-29 02:55:38 ----D---- C:\Windows\Prefetch
2010-03-29 02:52:59 ----A---- C:\Windows\system32\acovcnt.exe
2010-03-29 02:49:02 ----D---- C:\Windows\inf
2010-03-29 02:49:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-29 02:39:33 ----D---- C:\Program Files\TubeMaster
2010-03-29 01:34:18 ----D---- C:\Users\Utilisateur\AppData\Roaming\Mozilla
2010-03-29 01:26:36 ----D---- C:\Windows\system32\Tasks
2010-03-29 01:22:51 ----D---- C:\Windows\system32\catroot2
2010-03-29 01:14:32 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-03-29 01:07:11 ----RSD---- C:\Windows\assembly
2010-03-29 01:05:57 ----D---- C:\Windows\winsxs
2010-03-29 00:37:29 ----D---- C:\Program Files\Internet Explorer
2010-03-29 00:37:10 ----D---- C:\Windows\system32\catroot
2010-03-26 01:06:29 ----D---- C:\Program Files\Windows Mail
2010-03-26 01:06:29 ----D---- C:\Program Files\Movie Maker
2010-03-11 10:26:26 ----D---- C:\Program Files\TomTom HOME 2
2010-03-03 18:00:32 ----D---- C:\Windows\rescache
2010-03-03 17:42:13 ----D---- C:\Windows\system32\fr-FR
2010-03-03 17:42:13 ----D---- C:\Windows\AppPatch
2010-03-03 17:42:12 ----RSD---- C:\Windows\Fonts
2010-03-02 07:30:12 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20090829.001\BHDrvx86.sys [2009-08-30 506928]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\NIS\1100000.088\ccHPx86.sys [2009-08-25 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-08-29 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20090828.002\IDSVix86.sys [2009-08-30 342576]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-09-26 36776]
R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-09-26 38440]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-05-24 128016]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1100000.088\SRTSPX.SYS [2009-08-30 43696]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1100000.088\Ironx86.SYS [2009-08-30 114736]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\system32\drivers\NIS\1100000.088\SYMTDIV.SYS [2009-08-30 338480]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\Windows\system32\DRIVERS\l260x86.sys [2007-08-17 28672]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-08-29 102448]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-19 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-15 7680]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100328.020\NAVENG.SYS [2010-03-29 84912]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100328.020\NAVEX15.SYS [2010-03-29 1324720]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-01-11 35328]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\system32\drivers\NIS\1100000.088\SRTSP.SYS [2009-08-30 325168]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-03-29 124976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-23 181304]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-09-26 118952]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 FTDIBUS;Suunto USB Serial Drivers; C:\Windows\system32\drivers\sntbus.sys [2004-04-20 24209]
S3 FTSER2K;Suunto USB Serial Port Driver; C:\Windows\system32\drivers\sntser2k.sys [2004-04-20 57404]
S3 GTUHSBUS;GT UHS BUS; C:\Windows\system32\DRIVERS\gtuhsbus.sys [2008-03-26 59136]
S3 GTUHSNDISIPXP;GT UHS IP NDIS; C:\Windows\system32\DRIVERS\gtuhs51.sys [2008-02-18 106624]
S3 GTUHSSER;GT UHS SER; C:\Windows\system32\DRIVERS\gtuhsser.sys [2007-03-30 8064]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-10-14 4422560]
S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 ser2pl;USB Filter Driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2003-07-31 112000]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-09-26 1554728]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MacDriveService;MacDrive service; C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe [2008-11-26 150528]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe [2009-08-25 126392]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-04-19 24576]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
Publicité
Vinzzz25
 Posté le 29/03/2010 à 19:38 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page

rapport Malwarebytes :

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3927
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

29/03/2010 19:12:53
mbam-log-2010-03-29 (19-12-53).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 271373
Temps écoulé: 2 hour(s), 28 minute(s), 6 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
C:\Windows\regx32.exe (Hacktool.Agent) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\trialreset (Hacktool.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Utilisateur\Local Settings\Application Data\omoeu_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Utilisateur\Local Settings\Application Data\omoeu_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Utilisateur\Local Settings\Application Data\omoeu.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Windows\regx32.exe (Hacktool.Agent) -> Quarantined and deleted successfully.

Vinzzz25
 Posté le 29/03/2010 à 19:39 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page

le prob persiste ....{#}

philae
 Posté le 29/03/2010 à 20:58 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir,

normal puisque infection

désactiver l'autorun sur tous les lecteurs (USB, CD, DVD, SATA, Firewire, etc)

pour cela : Copier/coller dans le bloc notes, ce qui suit (en vert) sans ligne blanche au début mais une à la fin.


Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers]
"DisableAutoplay"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"


Fichier -> Enregistrez sous..
Clic sur bureau à gauche
Dans type de fichier->Tous les fichiers
Dans Nom-> regis.reg.
Allez sur le bureau
Cliquez droit sur le fichier ->fusionner
Acceptez la modification du Régistre

ensuite

* Télécharge et installe UsbFix (de C_XX & El Desaparecido) sur ton Bureau :

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
* Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi exécuter en tant qu'administrateur .
* choisis l'option 2 ( Suppression )
* Ton bureau disparaitra et le pc redémarrera .
* Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.
* Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt ) ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

* reposte un rapport RSIT à l'issu

Vinzzz25
 Posté le 29/03/2010 à 22:01 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page

merci bcp de ton aide , j'ai acheté un mac l'année dernière et je ne me sers quasiment plus de mon pc ... et c'est en voulant m'en servir que c'est arrivé ... en voulant récupérer des données ...et en faisant des mises à jour

j'ai fait ce que tu m'as dis , j'ai eu à un moment le message suivant : NTLDR manque ; " appuyer sur une touche pour continuer " mais rien ... j'ai du redemarrer le pc

je t'envoie le resultat ( je jongle du mac au pc ...)

Vinzzz25
 Posté le 29/03/2010 à 22:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page

voilà le rapport UsbFix
############################## | UsbFix V6.100 |

User : Utilisateur (Administrateurs) # VINCE
Update on 18/03/2010 by El Desaparecido , C_XX & Chimay8
Start at: 21:52:46 | 29/03/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18882
Windows Firewall Status : Enabled
AV : BitDefender Antivirus 12.0 [ (!) Disabled | Updated ]
FW : Pare-feu BitDefender [ (!) Disabled ]12.0

C:\ -> Disque fixe local # 74,52 Go (15,93 Go free) [VistaOS] # NTFS
D:\ -> Disque fixe local # 67,69 Go (67,33 Go free) [DATA] # NTFS
E:\ -> Disque amovible
F:\ -> Disque CD-ROM

################## | Elements infectieux |

Supprimé ! C:\Windows\IFinst27.exe
Supprimé ! C:\$Recycle.Bin\S-1-5-20
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3600559108-1307042116-1080335766-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-3600559108-1307042116-1080335766-1000

################## | Registre |


################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{2e67b137-6209-11de-9f43-001d60af006a}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{5244ab56-7821-11dd-8ffd-001d60af006a}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{5244ab59-7821-11dd-8ffd-001d60af006a}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[19/03/2007 03:56|--a------|2076] C:\ASUS_A00200E3.icm
[18/09/2006 23:43|--a------|24] C:\autoexec.bat
[11/04/2009 08:36|-rahs----|333257] C:\bootmgr
[18/04/2007 11:26|-ra-s----|8192] C:\BOOTSECT.BAK
[04/04/2007 06:01|--a------|19] C:\CA12.txt
[18/09/2006 23:43|--a------|10] C:\config.sys
[06/08/2008 10:52|--a------|0] C:\DBS.TXT
[08/11/2007 03:43|--a------|19768] C:\devlist.txt
[26/08/2008 17:23|-r-h-----|524288] C:\F5RL.BIN
[30/07/2007 18:55|-rah-----|524288] C:\F5RL.ROM
[13/09/2007 04:34|--a------|16] C:\F5RL_Vista.10
[08/11/2007 03:39|--a------|9] C:\Finish.log
[?|?|?] C:\hiberfil.sys
[09/12/2007 11:44|-rahs----|0] C:\IO.SYS
[09/12/2007 11:44|-rahs----|0] C:\MSDOS.SYS
[15/04/2007 01:26|--a------|27] C:\NERO.LOG
[16/03/2007 01:18|--a------|25] C:\OFFICE2007_A.TXT
[02/03/2008 12:39|--ah-----|5168] C:\os651826.bin
[?|?|?] C:\pagefile.sys
[07/11/2007 12:22|--a------|105] C:\Pass.txt
[19/07/2007 01:40|--a------|508] C:\Patch.LOG
[20/06/2007 19:53|--a------|10] C:\RECOVERY.DAT
[08/11/2007 03:02|--a------|372] C:\RHDSetup.log
[18/10/2008 06:37|--a------|594] C:\updatedatfix.log
[29/03/2010 21:57|--a------|2653] C:\UsbFix.txt
[14/09/2007 01:06|--a------|23] C:\V53.TXT

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

################## | Upload |

Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_VINCE.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.100 ! |

philae
 Posté le 29/03/2010 à 22:11 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir,

ok

* reposte un rapport RSIT

Vinzzz25
 Posté le 29/03/2010 à 22:15 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page

tout à l'air de fonctionner , je peux réutiliser mon clic droit pour ouvrir mes fichiers {#}

je ne sais pas comment te remercier , c'est vraiment super ! je ne suis pas un as en informatique ... et je te remercie encore une fois

philae
 Posté le 29/03/2010 à 22:18 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

de rien, c'est avec plaisir. Tu peux supprimer USBFix.

bonne soirée

Publicité
Vinzzz25
 Posté le 29/03/2010 à 22:21 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page

Voilà le rapport RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Utilisateur at 2010-03-29 22:19:58
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 16 GB (21%) free of 76 GB
Total RAM: 1919 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:20:10, on 29/03/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Utilisateur\Downloads\RSIT.exe
C:\Windows\system32\msfeedssync.exe
C:\Program Files\trend micro\Utilisateur.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [MacDrive application] "C:\Program Files\Mediafour\MacDrive 7\MacDrive.exe"
O4 - HKLM\..\Run: [Getting started with MacDrive] "C:\Program Files\Mediafour\MacDrive 7\MDGetStarted.exe" /auto
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MacDrive service (MacDriveService) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 9892 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Driver Fetch.job
C:\Windows\tasks\User_Feed_Synchronization-{52D2FF01-2DD9-45C6-AF01-E261B243BE0E}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
Ask Search Assistant BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-25 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-03 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-25 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
Ask Toolbar BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-25 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-10-26 1458176]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-23 815104]
"ASUSTPE"=C:\Windows\system32\ASUSTPE.exe [2006-12-13 106496]
"ASUS Camera ScreenSaver"=C:\Windows\ASScrProlog.exe [2007-11-08 37232]
"ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe [2007-11-08 33136]
"PowerForPhone"=C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-06-26 778240]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-09-26 1057064]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-06-02 80896]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"MacDrive application"=C:\Program Files\Mediafour\MacDrive 7\MacDrive.exe [2008-09-23 201304]
"Getting started with MacDrive"=C:\Program Files\Mediafour\MacDrive 7\MDGetStarted.exe [2008-09-02 141312]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-02-21 1093208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
""= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-19 39408]
"NoSpam"= []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-03-29 21:57:50 ----RASHD---- C:\autorun.inf
2010-03-29 21:52:44 ----A---- C:\UsbFix.txt
2010-03-29 21:41:09 ----D---- C:\UsbFix
2010-03-29 20:53:50 ----D---- C:\Program Files\Microsoft Security Essentials
2010-03-29 18:41:35 ----D---- C:\ProgramData\ma-config.com
2010-03-29 18:41:35 ----D---- C:\Program Files\ma-config.com
2010-03-29 16:42:37 ----D---- C:\Users\Utilisateur\AppData\Roaming\Malwarebytes
2010-03-29 16:42:28 ----D---- C:\ProgramData\Malwarebytes
2010-03-29 16:42:27 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-29 12:58:35 ----D---- C:\Program Files\Enigma Software Group
2010-03-29 04:00:14 ----D---- C:\Users\Utilisateur\AppData\Roaming\vlc
2010-03-29 03:39:02 ----D---- C:\rsit
2010-03-29 03:39:02 ----D---- C:\Program Files\trend micro
2010-03-29 03:25:23 ----D---- C:\ProgramData\Sun
2010-03-29 03:24:28 ----A---- C:\Windows\system32\javaws.exe
2010-03-29 03:24:28 ----A---- C:\Windows\system32\javaw.exe
2010-03-29 03:24:28 ----A---- C:\Windows\system32\java.exe
2010-03-29 02:57:38 ----D---- C:\Program Files\CCleaner
2010-03-29 01:32:29 ----D---- C:\Program Files\Mozilla Firefox
2010-03-29 01:06:07 ----D---- C:\ProgramData\Norton
2010-03-29 01:05:19 ----D---- C:\ProgramData\NortonInstaller
2010-03-29 00:36:53 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-26 00:57:31 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-26 00:57:27 ----A---- C:\Windows\system32\httpapi.dll
2010-03-11 10:30:17 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-03-11 10:30:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-03-11 10:26:43 ----D---- C:\Program Files\TomTom International B.V
2010-03-02 11:24:55 ----A---- C:\Windows\system32\jscript.dll
2010-03-02 11:24:22 ----A---- C:\Windows\system32\tzres.dll
2010-03-02 11:23:35 ----A---- C:\Windows\system32\secproc_isv.dll
2010-03-02 11:23:35 ----A---- C:\Windows\system32\secproc.dll
2010-03-02 11:23:32 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-03-02 11:23:31 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-03-02 11:23:31 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-03-02 11:23:31 ----A---- C:\Windows\system32\RMActivate.exe
2010-03-02 11:23:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-03-02 11:23:30 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-03-02 11:23:30 ----A---- C:\Windows\system32\msdrm.dll
2010-03-02 11:22:51 ----A---- C:\Windows\system32\gameux.dll
2010-03-02 11:22:50 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-03-02 11:22:50 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-03-02 11:22:36 ----A---- C:\Windows\system32\quartz.dll
2010-03-02 11:22:35 ----A---- C:\Windows\system32\tsbyuv.dll
2010-03-02 11:22:35 ----A---- C:\Windows\system32\msyuv.dll
2010-03-02 11:22:35 ----A---- C:\Windows\system32\msvidc32.dll
2010-03-02 11:22:35 ----A---- C:\Windows\system32\msrle32.dll
2010-03-02 11:22:35 ----A---- C:\Windows\system32\iyuv_32.dll
2010-03-02 11:22:34 ----A---- C:\Windows\system32\msvfw32.dll
2010-03-02 11:22:34 ----A---- C:\Windows\system32\mciavi32.dll
2010-03-02 11:22:34 ----A---- C:\Windows\system32\avifil32.dll

======List of files/folders modified in the last 1 months======

2010-03-29 22:19:47 ----D---- C:\Windows\Temp
2010-03-29 21:57:02 ----SHD---- C:\$RECYCLE.BIN
2010-03-29 21:55:40 ----D---- C:\Windows
2010-03-29 21:52:16 ----D---- C:\Windows\system32\drivers
2010-03-29 21:50:09 ----A---- C:\Windows\system32\acovcnt.exe
2010-03-29 21:44:52 ----D---- C:\Windows\System32
2010-03-29 21:44:52 ----D---- C:\Windows\inf
2010-03-29 21:44:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-29 21:33:02 ----SHD---- C:\System Volume Information
2010-03-29 21:21:15 ----RD---- C:\Program Files
2010-03-29 21:20:35 ----SHD---- C:\Windows\Installer
2010-03-29 21:20:34 ----HD---- C:\Config.Msi
2010-03-29 20:53:59 ----D---- C:\Windows\system32\catroot
2010-03-29 20:53:57 ----SD---- C:\ProgramData\Microsoft
2010-03-29 20:51:46 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-03-29 20:51:45 ----D---- C:\Windows\system32\Tasks
2010-03-29 20:07:17 ----D---- C:\Windows\Prefetch
2010-03-29 19:59:58 ----D---- C:\Users\Utilisateur\AppData\Roaming\WinRAR
2010-03-29 19:59:36 ----D---- C:\Program Files\WinRAR
2010-03-29 19:15:53 ----D---- C:\Windows\tracing
2010-03-29 18:49:10 ----D---- C:\Windows\Tasks
2010-03-29 18:41:35 ----HD---- C:\ProgramData
2010-03-29 03:25:13 ----D---- C:\Program Files\Common Files\Java
2010-03-29 03:24:00 ----A---- C:\Windows\system32\deploytk.dll
2010-03-29 03:14:16 ----D---- C:\Program Files\Java
2010-03-29 03:03:42 ----D---- C:\Users\Utilisateur\AppData\Roaming\Azureus
2010-03-29 03:02:57 ----D---- C:\Windows\Minidump
2010-03-29 03:02:57 ----D---- C:\Windows\Debug
2010-03-29 02:39:33 ----D---- C:\Program Files\TubeMaster
2010-03-29 01:34:18 ----D---- C:\Users\Utilisateur\AppData\Roaming\Mozilla
2010-03-29 01:22:51 ----D---- C:\Windows\system32\catroot2
2010-03-29 01:07:11 ----RSD---- C:\Windows\assembly
2010-03-29 01:05:57 ----D---- C:\Windows\winsxs
2010-03-29 00:37:29 ----D---- C:\Program Files\Internet Explorer
2010-03-26 01:06:29 ----D---- C:\Program Files\Windows Mail
2010-03-26 01:06:29 ----D---- C:\Program Files\Movie Maker
2010-03-11 10:26:26 ----D---- C:\Program Files\TomTom HOME 2
2010-03-03 18:00:32 ----D---- C:\Windows\rescache
2010-03-03 17:42:13 ----D---- C:\Windows\system32\fr-FR
2010-03-03 17:42:13 ----D---- C:\Windows\AppPatch
2010-03-03 17:42:12 ----RSD---- C:\Windows\Fonts
2010-03-02 07:30:12 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-09-26 36776]
R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-09-26 38440]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-05-24 128016]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-12-02 149040]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\Windows\system32\DRIVERS\l260x86.sys [2007-08-17 28672]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-19 18432]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-12-02 42368]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-15 7680]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-01-11 35328]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-10-26 1095936]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-23 181304]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-09-26 118952]
S2 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 FTDIBUS;Suunto USB Serial Drivers; C:\Windows\system32\drivers\sntbus.sys [2004-04-20 24209]
S3 FTSER2K;Suunto USB Serial Port Driver; C:\Windows\system32\drivers\sntser2k.sys [2004-04-20 57404]
S3 GTUHSBUS;GT UHS BUS; C:\Windows\system32\DRIVERS\gtuhsbus.sys [2008-03-26 59136]
S3 GTUHSNDISIPXP;GT UHS IP NDIS; C:\Windows\system32\DRIVERS\gtuhs51.sys [2008-02-18 106624]
S3 GTUHSSER;GT UHS SER; C:\Windows\system32\DRIVERS\gtuhsser.sys [2007-03-30 8064]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-10-14 4422560]
S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 ser2pl;USB Filter Driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2003-07-31 112000]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-09-26 1554728]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MacDriveService;MacDrive service; C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe [2008-11-26 150528]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-12-09 17904]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-04-19 24576]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]

-----------------EOF-----------------

philae
 Posté le 29/03/2010 à 22:30 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

si tout refonctionne, pas de problème. par contre, beaucoup de programmes au démarrage, du devrais alléger un peu

philae
 Posté le 29/03/2010 à 22:41 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

je pense que ton infection par clé USB posait qq soucis au pc.

Vinzzz25
 Posté le 29/03/2010 à 22:48 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page

ok , merci encore

dernière question :puis-je supprimer le fichier sur le bureau regis.reg ?

Vinzzz25
 Posté le 29/03/2010 à 22:51 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page

concernant les programmes nombreux au démarrage , je sais pas trop comment faire ...pour alléger le tout ;mais ça ira comme ça , je ne veux pas abuser de ta patience et de ton temps

merci de ta disponibilité

philae
 Posté le 29/03/2010 à 22:56 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

pour le fichier reg, oui tu supprimes.

pour le démarrage, tu allèges suivant tes besoins je dirais, en passant par

démarrer

exécuter

tu tapes msconfig

et dans l'onglet démarrage, tu supprimes en décochant les programmes dont tu n'as pas besoin, il y en a pas mal à mon avis.

sachant qu'ils sont tous accessibles manuellement et que tu peux tjs remettre au démarrage si cela te chante.

Vinzzz25
 Posté le 29/03/2010 à 23:22 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page

super ; c 'est fait

merci Philae

philae
 Posté le 29/03/2010 à 23:25 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

de rien bonne soirée

Page : [1] 
Page 1 sur 1

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
Explorateur windows qui cesse de fonctionner
Explorateur cesse de fonctionner (Windows 7)
Explorateur windows a cessé de fonctionner.
Msg "Explorateur windows a cessé de fonctionner"
explorateur windows a cessé de fonctionner...
explorateur windows a cesse de fonctionner
explorateur windows a céssé de fonctionner
Windows explorer a cessé de fonctionner !!! Help !
Explorateur windows vista a céssé de fonctionné
Noouveaux documents apparaissant dans l'Explorateur Windows
Plus de sujets relatifs à explorateur windows a cessé de fonctionner
 > Tous les forums > Forum Sécurité