Ecran + souris figés
Fermé
coco
-
25 janv. 2009 à 18:19
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 - 26 janv. 2009 à 16:25
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 - 26 janv. 2009 à 16:25
A voir également:
- Ecran + souris figés
- Double ecran - Guide
- Mon écran se fige et plus rien ne répond - Guide
- Capture d'écran whatsapp - Accueil - Messagerie instantanée
- Capture d'écran samsung - Guide
- Comment activer le pavé tactile sans souris - Guide
6 réponses
^^Marie^^
Messages postés
113901
Date d'inscription
mardi 6 septembre 2005
Statut
Membre
Dernière intervention
28 août 2020
3 275
25 janv. 2009 à 18:42
25 janv. 2009 à 18:42
Bonjour
Pourquoi avoir utilise ComboFix ?
• Télécharge ToolsCleaner de A.Roshtein sur ton Bureau.(sur un des 2 liens)
http://pc-system.fr/
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
• Clique sur Recherche et laisse le scan se terminer.
• Clique, sur Suppression pour finaliser.
• Tu peux, si tu le souhaites, te servir des Options facultatives.
• Clique sur Quitter, pour que le rapport puisse se créer.
• Poste moi le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur( C:\).
+ 1 log hijackthis
Pourquoi avoir utilise ComboFix ?
• Télécharge ToolsCleaner de A.Roshtein sur ton Bureau.(sur un des 2 liens)
http://pc-system.fr/
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
• Clique sur Recherche et laisse le scan se terminer.
• Clique, sur Suppression pour finaliser.
• Tu peux, si tu le souhaites, te servir des Options facultatives.
• Clique sur Quitter, pour que le rapport puisse se créer.
• Poste moi le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur( C:\).
+ 1 log hijackthis
ComboFix 09-01-21.04 - CORYNE 2009-01-25 18:23:58.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.767.309 [GMT 1:00]
Lancé depuis: c:\documents and settings\CORYNE\Bureau\killbagle.exe
AV: avast! antivirus 4.8.1296 [VPS 090125-0] *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\CORYNE\Application Data\inst.exe
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\system32\_000007_.tmp.dll
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-25 au 2009-01-25 ))))))))))))))))))))))))))))))))))))
.
2009-01-09 20:58 . 2009-01-24 00:27 <REP> d-------- c:\documents and settings\Les garçons\Tracing
2009-01-09 20:58 . 2009-01-24 00:27 <REP> d-------- c:\documents and settings\Les garçons\Tracing
2008-12-30 18:34 . 2008-12-30 18:34 <REP> d-------- c:\program files\MSN Reaper
2008-12-25 10:27 . 2008-12-25 10:41 <REP> d----c--- c:\documents and settings\CORYNE\Application Data\MP-Manager
2008-12-25 10:24 . 2008-12-25 10:24 <REP> d-------- c:\program files\MPMAN
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-25 17:30 --------- dc----w c:\documents and settings\CORYNE\Application Data\DNA
2009-01-25 17:30 --------- d-----w c:\program files\DNA
2009-01-25 17:13 --------- dc----w c:\documents and settings\CORYNE\Application Data\uTorrent
2009-01-25 11:37 --------- dc----w c:\documents and settings\All Users\Application Data\Google Updater
2009-01-25 09:58 --------- dc----w c:\documents and settings\CORYNE\Application Data\dvdcss
2009-01-23 09:26 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-23 09:26 --------- d-----w c:\program files\Netropa
2009-01-23 09:26 --------- d-----w c:\program files\Google
2009-01-06 09:51 --------- dc----w c:\documents and settings\CORYNE\Application Data\Image Zone Express
2008-12-31 10:12 --------- dc----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-31 08:58 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-27 13:50 --------- d-----w c:\program files\COCO PERSO
2008-12-19 16:07 --------- d-----w c:\program files\Microsoft Silverlight
2008-12-19 16:07 --------- d-----w c:\program files\Microsoft
2008-12-19 16:06 --------- d-----w c:\program files\Windows Live
2008-12-19 16:06 --------- d-----w c:\program files\Microsoft Sync Framework
2008-12-19 16:00 --------- d-----w c:\program files\Windows Live SkyDrive
2008-12-19 15:49 --------- d-----w c:\program files\Fichiers communs\Windows Live
2008-12-18 12:31 --------- d-----w c:\program files\IncrediMail
2008-12-13 15:10 --------- d-----w c:\documents and settings\Les garçons\Application Data\vlc
2008-12-13 15:05 --------- d-----w c:\documents and settings\Les garçons\Application Data\dvdcss
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-08 16:01 55,136 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2008-12-07 12:31 --------- dc----w c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-12-04 23:11 308,584 ----a-w c:\windows\WLXPGSS.SCR
2008-12-04 13:00 --------- dc----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2008-12-04 12:15 --------- d-----w c:\program files\Java
2008-11-27 09:24 43,648 -c--a-w c:\documents and settings\CORYNE\Application Data\GDIPFONTCACHEV1.DAT
2008-11-27 07:57 --------- d-----w c:\program files\Astonsoft
2008-11-26 09:04 --------- dc----w c:\documents and settings\CORYNE\Application Data\Canneverbe_Limited
2008-11-09 17:58 12,959,232 -c--a-w C:\7582_Eval.exe
2008-04-19 08:22 47,360 -c--a-w c:\documents and settings\CORYNE\Application Data\pcouffin.sys
2008-03-15 16:35 0 -c--a-w c:\program files\temp01
2008-07-21 16:43 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008072120080722\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-27 68856]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-11-05 4347120]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-16 342848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 397312]
"AspireService"="c:\program files\Acer\Acer eMode Management\AspireService.exe" [2005-09-29 114688]
"MediaSync"="c:\program files\Acer\Acer eConsole\MediaSync.exe" [2005-09-21 425984]
"MULTIMEDIA KEYBOARD"="c:\program files\Netropa\Multimedia Keyboard\MMKeybd.exe" [2002-01-17 147456]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"Canal Widget"="c:\program files\Canal\Canal Widget\Launcher.exe" [2008-12-17 105528]
"LogProtect"="c:\program files\LogProtect\logprotect.exe" [2006-06-20 2348544]
"Motive SmartBridge"="c:\progra~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"Pense-bête"="c:\program files\AXEL\Pense-bête\pensebet.exe" [2002-06-10 972800]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-09-22 c:\windows\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
LE COMPAGNON CLUB.lnk - c:\program files\Club-Internet\LE COMPAGNON CLUB\bin\matcli.exe [2008-09-08 217088]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9383:TCP"= 9383:TCP:BitComet 9383 TCP
"9383:UDP"= 9383:UDP:BitComet 9383 UDP
R0 m5287;m5287;c:\windows\system32\drivers\m5287.sys [2005-02-05 85888]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-22 111184]
R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [2008-03-17 6656]
R3 P1120VID;Creative WebCam NX Ultra;c:\windows\system32\drivers\P1120Vid.sys [2004-01-12 1252474]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-07-22 20560]
R4 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2008-06-03 61440]
R4 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2008-12-19 55136]
R4 nhksrv;Netropa NHK Server;c:\program files\Netropa\Multimedia Keyboard\nhksrv.exe [2008-03-17 28672]
R4 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 w200bus;Sony Ericsson W200 driver (WDM);c:\windows\system32\drivers\w200bus.sys [2008-03-28 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;c:\windows\system32\drivers\w200mdfl.sys [2008-03-28 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;c:\windows\system32\drivers\w200mdm.sys [2008-03-28 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\w200mgmt.sys [2008-03-28 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;c:\windows\system32\drivers\w200obex.sys [2008-03-28 86368]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a655066-d265-11dd-a84d-0016ecc26f77}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
.
- - - - ORPHELINS SUPPRIMES - - - -
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKCU-Run-Cld2000.exe - c:\program files\Calendrier\Cld2000.exe
HKCU-RunOnce-TONLFR - c:\program files\club-internet\LE COMPAGNON CLUB\SmartBridge\DExec.exe
HKLM-Run-Agendatronic Alarm - c:\progra~1\RIBMON~1\AGENDA~1\AlarmClock\AlarmClock.exe
HKLM-Run-PlatriumWeather - c:\program files\Platrium\bin\1.2.103.0\Weather.exe
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
mStart Page = hxxp://fr.yahoo.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://www.king.com/ctl/kingcomie.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-25 18:31:44
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(700)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Acer\Acer eConsole\MediaServerService.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Netropa\Multimedia Keyboard\Traymon.exe
c:\program files\Netropa\Onscreen Display\osd.exe
c:\program files\LogProtect\lpwchdg.exe
c:\program files\Club-Internet\LE COMPAGNON CLUB\bin\mpbtn.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
.
**************************************************************************
.
Heure de fin: 2009-01-25 18:34:17 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-25 17:34:14
Avant-CF: 39 817 891 840 octets libres
Après-CF: 41,501,720,576 octets libres
209 --- E O F --- 2009-01-23 23:29:34
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.767.309 [GMT 1:00]
Lancé depuis: c:\documents and settings\CORYNE\Bureau\killbagle.exe
AV: avast! antivirus 4.8.1296 [VPS 090125-0] *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\CORYNE\Application Data\inst.exe
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\system32\_000007_.tmp.dll
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-25 au 2009-01-25 ))))))))))))))))))))))))))))))))))))
.
2009-01-09 20:58 . 2009-01-24 00:27 <REP> d-------- c:\documents and settings\Les garçons\Tracing
2009-01-09 20:58 . 2009-01-24 00:27 <REP> d-------- c:\documents and settings\Les garçons\Tracing
2008-12-30 18:34 . 2008-12-30 18:34 <REP> d-------- c:\program files\MSN Reaper
2008-12-25 10:27 . 2008-12-25 10:41 <REP> d----c--- c:\documents and settings\CORYNE\Application Data\MP-Manager
2008-12-25 10:24 . 2008-12-25 10:24 <REP> d-------- c:\program files\MPMAN
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-25 17:30 --------- dc----w c:\documents and settings\CORYNE\Application Data\DNA
2009-01-25 17:30 --------- d-----w c:\program files\DNA
2009-01-25 17:13 --------- dc----w c:\documents and settings\CORYNE\Application Data\uTorrent
2009-01-25 11:37 --------- dc----w c:\documents and settings\All Users\Application Data\Google Updater
2009-01-25 09:58 --------- dc----w c:\documents and settings\CORYNE\Application Data\dvdcss
2009-01-23 09:26 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-23 09:26 --------- d-----w c:\program files\Netropa
2009-01-23 09:26 --------- d-----w c:\program files\Google
2009-01-06 09:51 --------- dc----w c:\documents and settings\CORYNE\Application Data\Image Zone Express
2008-12-31 10:12 --------- dc----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-31 08:58 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-27 13:50 --------- d-----w c:\program files\COCO PERSO
2008-12-19 16:07 --------- d-----w c:\program files\Microsoft Silverlight
2008-12-19 16:07 --------- d-----w c:\program files\Microsoft
2008-12-19 16:06 --------- d-----w c:\program files\Windows Live
2008-12-19 16:06 --------- d-----w c:\program files\Microsoft Sync Framework
2008-12-19 16:00 --------- d-----w c:\program files\Windows Live SkyDrive
2008-12-19 15:49 --------- d-----w c:\program files\Fichiers communs\Windows Live
2008-12-18 12:31 --------- d-----w c:\program files\IncrediMail
2008-12-13 15:10 --------- d-----w c:\documents and settings\Les garçons\Application Data\vlc
2008-12-13 15:05 --------- d-----w c:\documents and settings\Les garçons\Application Data\dvdcss
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-08 16:01 55,136 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2008-12-07 12:31 --------- dc----w c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-12-04 23:11 308,584 ----a-w c:\windows\WLXPGSS.SCR
2008-12-04 13:00 --------- dc----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2008-12-04 12:15 --------- d-----w c:\program files\Java
2008-11-27 09:24 43,648 -c--a-w c:\documents and settings\CORYNE\Application Data\GDIPFONTCACHEV1.DAT
2008-11-27 07:57 --------- d-----w c:\program files\Astonsoft
2008-11-26 09:04 --------- dc----w c:\documents and settings\CORYNE\Application Data\Canneverbe_Limited
2008-11-09 17:58 12,959,232 -c--a-w C:\7582_Eval.exe
2008-04-19 08:22 47,360 -c--a-w c:\documents and settings\CORYNE\Application Data\pcouffin.sys
2008-03-15 16:35 0 -c--a-w c:\program files\temp01
2008-07-21 16:43 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008072120080722\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-27 68856]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-11-05 4347120]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-16 342848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 397312]
"AspireService"="c:\program files\Acer\Acer eMode Management\AspireService.exe" [2005-09-29 114688]
"MediaSync"="c:\program files\Acer\Acer eConsole\MediaSync.exe" [2005-09-21 425984]
"MULTIMEDIA KEYBOARD"="c:\program files\Netropa\Multimedia Keyboard\MMKeybd.exe" [2002-01-17 147456]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"Canal Widget"="c:\program files\Canal\Canal Widget\Launcher.exe" [2008-12-17 105528]
"LogProtect"="c:\program files\LogProtect\logprotect.exe" [2006-06-20 2348544]
"Motive SmartBridge"="c:\progra~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"Pense-bête"="c:\program files\AXEL\Pense-bête\pensebet.exe" [2002-06-10 972800]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-09-22 c:\windows\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
LE COMPAGNON CLUB.lnk - c:\program files\Club-Internet\LE COMPAGNON CLUB\bin\matcli.exe [2008-09-08 217088]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9383:TCP"= 9383:TCP:BitComet 9383 TCP
"9383:UDP"= 9383:UDP:BitComet 9383 UDP
R0 m5287;m5287;c:\windows\system32\drivers\m5287.sys [2005-02-05 85888]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-22 111184]
R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [2008-03-17 6656]
R3 P1120VID;Creative WebCam NX Ultra;c:\windows\system32\drivers\P1120Vid.sys [2004-01-12 1252474]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-07-22 20560]
R4 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2008-06-03 61440]
R4 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2008-12-19 55136]
R4 nhksrv;Netropa NHK Server;c:\program files\Netropa\Multimedia Keyboard\nhksrv.exe [2008-03-17 28672]
R4 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 w200bus;Sony Ericsson W200 driver (WDM);c:\windows\system32\drivers\w200bus.sys [2008-03-28 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;c:\windows\system32\drivers\w200mdfl.sys [2008-03-28 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;c:\windows\system32\drivers\w200mdm.sys [2008-03-28 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\w200mgmt.sys [2008-03-28 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;c:\windows\system32\drivers\w200obex.sys [2008-03-28 86368]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a655066-d265-11dd-a84d-0016ecc26f77}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
.
- - - - ORPHELINS SUPPRIMES - - - -
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKCU-Run-Cld2000.exe - c:\program files\Calendrier\Cld2000.exe
HKCU-RunOnce-TONLFR - c:\program files\club-internet\LE COMPAGNON CLUB\SmartBridge\DExec.exe
HKLM-Run-Agendatronic Alarm - c:\progra~1\RIBMON~1\AGENDA~1\AlarmClock\AlarmClock.exe
HKLM-Run-PlatriumWeather - c:\program files\Platrium\bin\1.2.103.0\Weather.exe
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
mStart Page = hxxp://fr.yahoo.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://www.king.com/ctl/kingcomie.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-25 18:31:44
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(700)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Acer\Acer eConsole\MediaServerService.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Netropa\Multimedia Keyboard\Traymon.exe
c:\program files\Netropa\Onscreen Display\osd.exe
c:\program files\LogProtect\lpwchdg.exe
c:\program files\Club-Internet\LE COMPAGNON CLUB\bin\mpbtn.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
.
**************************************************************************
.
Heure de fin: 2009-01-25 18:34:17 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-25 17:34:14
Avant-CF: 39 817 891 840 octets libres
Après-CF: 41,501,720,576 octets libres
209 --- E O F --- 2009-01-23 23:29:34
[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\Combofix.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\CORYNE\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\CORYNE\Bureau\hijackthis.log: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Msnfix.zip: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1.lnk: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\hijackthis.log: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\MsnFix: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\MSNFix\MsnFix: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1\Navilog1.exe: trouvé !
C:\Documents and Settings\CORYNE\Mes documents\msnfix.txt: trouvé !
C:\Documents and Settings\CORYNE\Recent\MSNFix.lnk: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\CORYNE\Bureau\HijackThis.exe: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Msnfix.zip: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1.lnk: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1\Navilog1.exe: supprimé !
C:\Documents and Settings\CORYNE\Recent\MSNFix.lnk: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Combofix.txt: supprimé !
C:\cleannavi.txt: supprimé !
C:\Documents and Settings\CORYNE\Bureau\hijackthis.log: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\hijackthis.log: supprimé !
C:\Documents and Settings\CORYNE\Mes documents\msnfix.txt: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\MsnFix: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1: supprimé !
C:\Program Files\Navilog1: supprimé !
-->- Recherche:
C:\Combofix.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\CORYNE\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\CORYNE\Bureau\hijackthis.log: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Msnfix.zip: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1.lnk: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\hijackthis.log: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\MsnFix: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\MSNFix\MsnFix: trouvé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1\Navilog1.exe: trouvé !
C:\Documents and Settings\CORYNE\Mes documents\msnfix.txt: trouvé !
C:\Documents and Settings\CORYNE\Recent\MSNFix.lnk: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\CORYNE\Bureau\HijackThis.exe: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Msnfix.zip: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1.lnk: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1\Navilog1.exe: supprimé !
C:\Documents and Settings\CORYNE\Recent\MSNFix.lnk: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Combofix.txt: supprimé !
C:\cleannavi.txt: supprimé !
C:\Documents and Settings\CORYNE\Bureau\hijackthis.log: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\hijackthis.log: supprimé !
C:\Documents and Settings\CORYNE\Mes documents\msnfix.txt: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\MsnFix: supprimé !
C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1: supprimé !
C:\Program Files\Navilog1: supprimé !
je n'arrive pas a coller le rapport hijackthis
^^Marie^^
Messages postés
113901
Date d'inscription
mardi 6 septembre 2005
Statut
Membre
Dernière intervention
28 août 2020
3 275
25 janv. 2009 à 19:31
25 janv. 2009 à 19:31
Re
Qui t'a fait passer tous ces Fix ?
Tout selectionner
Copier >> CTRL+C
Coller >> CTRL+V
Qui t'a fait passer tous ces Fix ?
Tout selectionner
Copier >> CTRL+C
Coller >> CTRL+V
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
^^Marie^^
Messages postés
113901
Date d'inscription
mardi 6 septembre 2005
Statut
Membre
Dernière intervention
28 août 2020
3 275
26 janv. 2009 à 16:25
26 janv. 2009 à 16:25
Re
Edition
Tout selectionner
Edition
Copier
Edition
Coller
Edition
Tout selectionner
Edition
Copier
Edition
Coller