So...
Ca y est je suis de nouveau sur le pc fixe !
(qui rame, mais qui tourne !!! )
Donc voilà le rapport MBAM :
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4052
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 7.0.6002.18005
29/05/2010 01:01:25
mbam-log-2010-05-29 (01-01-25).txt
Type d'examen: Examen complet (C:\|D:\|E:\|F:\|I:\|J:\|K:\|)
Elément(s) analysé(s): 472208
Temps écoulé: 1 heure(s), 12 minute(s), 40 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 26
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nod32 (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xwincwtc (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\userinit (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ddbxvwsys (Trojan.Vundo) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Users\Héloïse\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MMUQYX6V\rvqxfn[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\6_ldry3no.exe (Trojan.Zbot) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\xjgal.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\miragge.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\blwlkkkej\jpweiuitssd.exe (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\q1.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\4_pinnew.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\60325cahp25ca0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\60325cahp25ca2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\avto.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\avto1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\avto2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\avto3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Roaming\sdra64.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\teste1_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\teste2_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\teste3_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\0.11248424636499021.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Héloïse\AppData\Local\Temp\tutqpo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\svchosty.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Héloïse\AppData\Local\Temp\win16.exe (Trojan.Agent) -> Quarantined and deleted successfully.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Je lance le RSIT.exe tout de suite.
Houlà mais c'est super rapide, c'est même pas un logiciel, en fait !
Donc voilà, il vient de m'ouvrir ce log :
Logfile of random's system information tool 1.07 (written by random/random)
Run by Héloïse at 2010-05-29 01:13:15
Microsoft
Windows Vista
Édition Familiale Premium Service Pack 2
System drive C: has 37 GB (11%) free of 336 GB
Total RAM: 3070 MB (50% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Norton Internet Security - Analyse système complète - Héloïse.job
C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"CCUTRAYICON"=FactoryMode []
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176]
"SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-09-25 54672]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
""= []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2008-06-02 178712]
"boinctray"=C:\Program Files\BOINC\boinctray.exe [2008-09-19 58112]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-11-09 180224]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2007-04-03 44168]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OnlineStorage"=C:\Program Files\mes données\OrangeDrvHome.exe [2010-03-24 217088]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"Halo2"=C:\Users\HLOSE~1\AppData\Local\Temp\sshnas21.dll,Beep16 []
"M5T8QL3YW3"=C:\Users\Héloïse\AppData\Local\Temp\Cwl.exe [2010-05-28 179200]
"hsfg9w8gujsokgahi8gysgnsdgefshyjy"=C:\Users\Héloïse\AppData\Local\Temp\mdm.exe [2010-05-28 60004]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BOINC Manager.lnk - C:\Program Files\BOINC\boincmgr.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Héloïse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Notification de cadeaux MSN.lnk - C:\Users\Héloïse\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
shell\AutoRun\command - K:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{455e9db9-3aff-11df-b7e8-001d60929345}]
shell\AutoRun\command - L:\i8ikdjwt.exe
shell\open\command - L:\i8ikdjwt.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53a5cdbc-06fc-11df-b892-001d60929345}]
shell\AutoRun\command - yhh.bat
shell\open\command - yhh.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5dcba33d-5ffb-11df-a142-001d60929345}]
shell\AutoRun\command - M:\U3ROM/flyhigh.exe
shell\Explore\command - M:\U3ROM/flyhigh.exe
shell\opeN\command - M:\U3ROM/flyhigh.exe
======List of files/folders created in the last 3 months======
2010-05-29 00:56:58 ----D---- C:\Program Files\trend micro
2010-05-29 00:56:56 ----D---- C:\rsit
2010-05-28 23:37:54 ----D---- C:\Users\Héloïse\AppData\Roaming\Malwarebytes
2010-05-28 22:41:01 ----A---- C:\Windows\ntbtlog.txt
2010-05-28 22:05:07 ----D---- C:\ProgramData\Malwarebytes
2010-05-28 22:05:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-28 11:42:33 ----SHD---- C:\Users\Héloïse\AppData\Roaming\lowsec
2010-05-28 10:43:35 ----SHD---- C:\Users\Héloïse\AppData\Roaming\twain32
2010-05-27 14:00:35 ----A---- C:\Windows\IsUninst.exe
2010-05-27 13:27:48 ----D---- C:\Windows\system32\AGEIA
2010-05-27 13:27:46 ----D---- C:\Program Files\AGEIA Technologies
2010-05-27 13:26:54 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-05-27 13:25:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-05-27 13:25:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-05-27 13:25:57 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-05-27 13:25:56 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-05-27 13:25:56 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-05-27 13:25:56 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-05-27 13:25:55 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-05-27 13:25:55 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-05-27 13:25:55 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-05-27 13:25:55 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-05-27 13:25:54 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-05-27 13:25:54 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-05-27 13:25:54 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-05-27 13:25:53 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-05-27 13:25:53 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-05-27 13:25:53 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-05-27 13:25:52 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-05-27 13:25:52 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-05-27 13:25:52 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-05-27 13:25:51 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-05-27 13:25:51 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-05-27 13:25:51 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-05-27 13:25:50 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-05-27 13:25:50 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-05-27 13:25:49 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-05-27 13:25:49 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-05-27 13:25:48 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-05-27 13:25:48 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-05-27 13:25:47 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-05-27 13:25:47 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-05-27 13:25:46 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-05-27 13:25:46 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-05-27 13:25:45 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-05-27 13:25:45 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-05-27 13:25:44 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-05-27 13:25:44 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-05-27 13:25:43 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-05-27 13:25:43 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-05-27 13:25:42 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-05-27 13:25:42 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-05-27 13:25:41 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-05-27 13:25:41 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-05-27 13:25:41 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-05-27 13:25:40 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-05-27 13:25:40 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-05-27 13:25:39 ----A---- C:\Windows\system32\xinput1_3.dll
2010-05-27 13:25:39 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-05-27 13:25:38 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-05-27 13:25:37 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-05-27 13:25:37 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-05-27 13:25:37 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-05-27 13:25:36 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-05-27 13:25:34 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-05-27 13:25:34 ----A---- C:\Windows\system32\d3dx10.dll
2010-05-27 13:25:33 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-05-27 13:25:33 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-05-27 13:25:33 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-05-27 13:25:32 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-05-27 13:25:32 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-05-27 13:25:31 ----A---- C:\Windows\system32\xinput1_2.dll
2010-05-27 13:25:31 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-05-27 13:25:30 ----A---- C:\Windows\system32\xinput1_1.dll
2010-05-27 13:25:29 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-05-27 13:25:14 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-05-27 13:25:13 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-05-27 13:25:13 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-05-27 13:25:13 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-05-27 13:25:12 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-05-27 13:25:12 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-05-27 13:25:11 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-05-27 13:25:11 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-05-27 13:25:10 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-05-26 20:12:22 ----A---- C:\Windows\system32\tzres.dll
2010-05-24 14:42:12 ----D---- C:\Users\Héloïse\AppData\Roaming\OnlineStorage
2010-05-24 14:42:11 ----D---- C:\Program Files\mes données
2010-05-23 11:38:55 ----A---- C:\Windows\system32\hpzll64X.dll
2010-05-13 10:34:06 ----D---- C:\Users\Héloïse\AppData\Roaming\HPAppData
2010-05-12 11:30:07 ----A---- C:\Windows\system32\inetcomm.dll
2010-05-04 22:26:50 ----D---- C:\Users\Héloïse\AppData\Roaming\Template
2010-04-14 13:04:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-14 13:04:13 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-14 13:04:11 ----A---- C:\Windows\system32\vbscript.dll
2010-04-14 13:04:08 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-04-14 13:03:26 ----A---- C:\Windows\system32\wintrust.dll
2010-04-14 13:03:26 ----A---- C:\Windows\system32\cabview.dll
2010-03-31 19:02:52 ----A---- C:\Windows\system32\mshtml.dll
2010-03-31 19:02:51 ----A---- C:\Windows\system32\wininet.dll
2010-03-31 19:02:51 ----A---- C:\Windows\system32\urlmon.dll
2010-03-31 19:02:49 ----A---- C:\Windows\system32\ieframe.dll
2010-03-31 19:02:48 ----A---- C:\Windows\system32\mshtmled.dll
2010-03-31 19:02:48 ----A---- C:\Windows\system32\ieui.dll
2010-03-31 19:02:47 ----A---- C:\Windows\system32\iepeers.dll
2010-03-31 19:02:47 ----A---- C:\Windows\system32\ieencode.dll
2010-03-31 19:02:46 ----A---- C:\Windows\system32\ieapfltr.dll
2010-03-26 16:07:19 ----D---- C:\Users\Héloïse\AppData\Roaming\StatSoft
2010-03-26 16:07:00 ----A---- C:\Windows\system32\novamnk6.dll
2010-03-26 16:07:00 ----A---- C:\Windows\system32\novamik6.dll
2010-03-26 16:06:56 ----D---- C:\Program Files\Common Files\StatSoft
2010-03-26 16:06:55 ----D---- C:\ProgramData\StatSoft
2010-03-26 16:05:59 ----D---- C:\Program Files\StatSoft
2010-03-26 15:38:20 ----D---- C:\stat
2010-03-24 04:00:29 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-15 22:38:43 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-15 22:38:40 ----A---- C:\Windows\system32\httpapi.dll
2010-03-09 21:08:47 ----D---- C:\Program Files\DivX
2010-03-09 21:08:47 ----D---- C:\Program Files\Common Files\DivX Shared
2010-03-01 17:36:57 ----D---- C:\Users\Héloïse\AppData\Roaming\vlc
2010-03-01 11:18:01 ----A---- C:\Windows\system32\secproc_isv.dll
2010-03-01 11:18:01 ----A---- C:\Windows\system32\secproc.dll
2010-03-01 11:18:00 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-03-01 11:17:59 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-03-01 11:17:59 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-03-01 11:17:59 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-03-01 11:17:59 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-03-01 11:17:59 ----A---- C:\Windows\system32\RMActivate.exe
2010-03-01 11:17:59 ----A---- C:\Windows\system32\msdrm.dll
2010-03-01 11:17:52 ----A---- C:\Windows\system32\gameux.dll
2010-03-01 11:17:51 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-03-01 11:17:51 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-03-01 11:09:19 ----A---- C:\Windows\matlab.ini
======List of files/folders modified in the last 3 months======
2010-05-29 01:12:45 ----D---- C:\Windows\Temp
2010-05-29 01:12:44 ----D---- C:\ProgramData\BOINC
2010-05-29 01:11:05 ----D---- C:\Windows\System32
2010-05-29 01:11:05 ----D---- C:\Windows\inf
2010-05-29 01:11:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-29 01:07:29 ----D---- C:\Windows\system32\Tasks
2010-05-29 01:07:27 ----D---- C:\Windows\Tasks
2010-05-29 01:05:24 ----D---- C:\Windows
2010-05-29 01:04:52 ----D---- C:\Windows\SMINST
2010-05-29 01:04:51 ----D---- C:\Windows\Prefetch
2010-05-29 01:02:42 ----D---- C:\Windows\system32\drivers
2010-05-29 01:02:42 ----D---- C:\Windows\fr-FR
2010-05-29 01:01:24 ----D---- C:\Program Files
2010-05-28 22:05:07 ----HD---- C:\ProgramData
2010-05-28 01:16:27 ----SHD---- C:\System Volume Information
2010-05-27 19:59:56 ----D---- C:\Users\Héloïse\AppData\Roaming\dvdcss
2010-05-27 13:34:48 ----A---- C:\Windows\system32\wrap_oal.dll
2010-05-27 13:34:48 ----A---- C:\Windows\system32\OpenAL32.dll
2010-05-27 13:28:50 ----SHD---- C:\Windows\Installer
2010-05-27 13:28:49 ----HD---- C:\Config.Msi
2010-05-27 13:28:48 ----D---- C:\Windows\system32\catroot
2010-05-27 13:26:54 ----D---- C:\Program Files\Common Files
2010-05-27 13:25:29 ----RSD---- C:\Windows\assembly
2010-05-27 13:25:17 ----D---- C:\Windows\Microsoft.NET
2010-05-27 13:22:25 ----D---- C:\Windows\Logs
2010-05-27 13:02:26 ----D---- C:\Program Files\JDownloader
2010-05-27 03:01:10 ----D---- C:\Windows\winsxs
2010-05-27 03:01:10 ----D---- C:\Windows\system32\fr-FR
2010-05-22 13:16:58 ----D---- C:\Users\Héloïse\AppData\Roaming\Mozilla
2010-05-22 13:16:22 ----D---- C:\Program Files\Mozilla Firefox
2010-05-21 07:55:37 ----D---- C:\Windows\system32\catroot2
2010-05-13 10:13:25 ----D---- C:\Program Files\Windows Mail
2010-05-12 23:14:25 ----D---- C:\ProgramData\Microsoft Help
2010-05-12 21:11:54 ----SD---- C:\Users\Héloïse\AppData\Roaming\Microsoft
2010-05-12 11:21:16 ----N---- C:\Windows\system32\MpSigStub.exe
2010-05-06 18:40:09 ----D---- C:\ProgramData\Roxio
2010-05-06 12:51:23 ----A---- C:\Windows\system32\hpzids01.dll
2010-05-02 12:57:05 ----RSD---- C:\Windows\Fonts
2010-04-30 20:51:06 ----A---- C:\Windows\system32\mrt.exe
2010-04-07 23:42:42 ----D---- C:\Users\Héloïse\AppData\Roaming\OpenOffice.org2
2010-04-06 13:32:31 ----D---- C:\Program Files\HP
2010-03-26 16:06:21 ----D---- C:\Program Files\Common Files\microsoft shared
2010-03-16 15:54:14 ----D---- C:\Program Files\Movie Maker
2010-03-02 04:35:35 ----D---- C:\Windows\rescache
2010-03-02 04:17:36 ----D---- C:\Windows\AppPatch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 CbFs;CbFs; \??\C:\Windows\system32\drivers\cbfs32.sys [2010-03-23 137384]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-11-09 59388]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-07 56816]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-07-10 2769408]
R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
R3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 QCDonner;Logitech QuickCam Express(PID_0840); C:\Windows\system32\DRIVERS\LVCD.sys [2004-04-27 474304]
R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [2007-09-25 15152]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 MusCAudio;MusCAudio; C:\Windows\system32\drivers\MusCAudio.sys [2008-11-11 23096]
S3 MusCVideo;MusCVideo; C:\Windows\system32\DRIVERS\MusCVideo.sys [2008-11-11 3768]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\Windows\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-07-10 606208]
R2 BOINC;BOINC; C:\Program Files\BOINC\boinc.exe [2008-09-19 721664]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-06-02 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 matlabserver;MATLAB Server; C:\Program Files\MATLAB71\webserver\bin\win32\matlabserver.exe [2005-07-27 536576]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568]
S2 IntelDHSvcConf;Intel DH Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 AlertService;Intel(R) Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2006-09-11 188416]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-03-28 69120]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ISSM;Intel(R) Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2006-09-11 75264]
S3 M1 Server;Intel(R) Viiv(TM) Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2006-08-31 26624]
S3 MCLServiceATL;Intel(R) Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2006-09-11 167936]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Remote UI Service;Intel(R) Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2006-09-11 544256]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-05-11 887544]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe []
-----------------EOF-----------------
La sécurité
Aide à la désinfection
Sujets résolus ou anciens
![Infection urgent [RESOLU] Icon_minitime](https://2img.net/i/fa/icon_minitime.gif){kind=icon}
Ven 28 Mai 2010 - 20:53
L'espoir revient 
...-*-)]}
![Infection urgent [RESOLU] 99207](/users/1514/20/65/73/smiles/99207.gif)
)
UsbFix te proposera d'uploader un dossier compressé à cette adresse : http://chiquitine.changelog.fr/Sample/Upload.php
