Problème virus et/ou cheval de troie
saimonesays
-
saimonesays -
saimonesays -
Bonjour,
Voilà mon PC est infecté par un virus et/ou un cheval de troie, je ne sais pas, mais toujours est-il que mon Antivir m'alerte environ toutes les 2 minutes qu'il y a un pb.
J'ai fait un scan complet avec antivir + un scan malware rien à faire.
Voici le rapport HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:32:32, on 05.10.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\Simon\AppData\Local\Temp\b.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eLock\autolockprocess\AutoLockProcess.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\NetAppel\NetAppel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TechSmith\Jing\Jing.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Windows\System32\calc.exe
C:\Windows\System32\calc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
Voilà mon PC est infecté par un virus et/ou un cheval de troie, je ne sais pas, mais toujours est-il que mon Antivir m'alerte environ toutes les 2 minutes qu'il y a un pb.
J'ai fait un scan complet avec antivir + un scan malware rien à faire.
Voici le rapport HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:32:32, on 05.10.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\Simon\AppData\Local\Temp\b.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eLock\autolockprocess\AutoLockProcess.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\NetAppel\NetAppel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TechSmith\Jing\Jing.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Windows\System32\calc.exe
C:\Windows\System32\calc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
A voir également:
- Problème virus et/ou cheval de troie
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Cheval de troie virus comment le supprimer - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
29 réponses
Autant pour moi :)
2/41 antivirus sur virus total, voici les 2 résultats positifs :
Panda 10.0.2.2 2009.10.04 Suspicious file
PCTools 4.4.2.0 2009.10.05 -
Prevx 3.0 2009.10.05 -
Rising 21.49.22.00 2009.09.30 Trojan.DL.QQHelper.xs
2/41 antivirus sur virus total, voici les 2 résultats positifs :
Panda 10.0.2.2 2009.10.04 Suspicious file
PCTools 4.4.2.0 2009.10.05 -
Prevx 3.0 2009.10.05 -
Rising 21.49.22.00 2009.09.30 Trojan.DL.QQHelper.xs
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Comme je t ai deja dit, le fichier b.exe n'apparait pas dans le dossier.
Meme en faisant une recherche sur le C: il ne le trouve pas
MErci
Meme en faisant une recherche sur le C: il ne le trouve pas
MErci
Par précaution, Lance HijackThis > "Open the misc tool section" > "Delete a file on reboot"
-> dans la fenêtre qui s'ouvre, colle ce chemin :
C:\Users\Simon\AppData\Local\Temp\b.exe
puis clique sur "Ouvrir"
Valide le message, l'ordinateur va redémarrer (sinon fais-le toi-même)
ensuite, précise où en sont tes problèmes
-> dans la fenêtre qui s'ouvre, colle ce chemin :
C:\Users\Simon\AppData\Local\Temp\b.exe
puis clique sur "Ouvrir"
Valide le message, l'ordinateur va redémarrer (sinon fais-le toi-même)
ensuite, précise où en sont tes problèmes
C'est ce que j'ai fait
En redémarrant, j ai refait un hijackthis et j ai tjs ca :(
O4 - HKCU\..\Run: [PopRock] C:\Users\Simon\AppData\Local\Temp\b.exe
En redémarrant, j ai refait un hijackthis et j ai tjs ca :(
O4 - HKCU\..\Run: [PopRock] C:\Users\Simon\AppData\Local\Temp\b.exe
Télécharge combofix (sUBs) http://download.bleepingcomputer.com/sUBs/ComboFix.exe sur ton Bureau
Double clique combofix.exe et suis les instructions.
Installe la console de récupération si proposé et continue.
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Double clique combofix.exe et suis les instructions.
Installe la console de récupération si proposé et continue.
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Bonjour eZula,
Voici le rapport :
ComboFix 09-10-06.03 - Simon 07.10.2009 9:08:55.1.4 - NTFSx86
Microsoft® Windows Vista™ Professionnel 6.0.6001.1.1252.41.1036.18.1791.531 [GMT 2:00]
Lancé depuis: C:\Users\Simon\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-07 au 2009-10-07 ))))))))))))))))))))))))))))))))))))
.
2009-10-07 07:16:11 . 2009-10-07 07:16:11 0 d-----w- C:\Users\rousset.GROUPE-PROCAB\AppData\Local\temp
2009-10-07 07:16:07 . 2009-10-07 07:16:07 0 d-----w- C:\Users\rousset\AppData\Local\temp
2009-10-07 07:16:07 . 2009-10-07 07:16:07 0 d-----w- C:\Users\Default\AppData\Local\temp
2009-10-07 07:16:07 . 2009-10-07 07:16:07 0 d-----w- C:\Users\berlovan\AppData\Local\temp
2009-10-05 12:57:35 . 2009-10-05 13:21:20 0 d-----w- C:\Users\Simon\AppData\Roaming\Notepad++
2009-10-05 12:57:35 . 2009-10-05 12:57:38 0 d-----w- C:\Program Files\Notepad++
2009-10-05 09:06:57 . 2008-06-19 15:24:30 28544 ----a-w- C:\Windows\system32\drivers\pavboot.sys
2009-10-05 09:06:36 . 2009-10-05 09:06:36 0 d-----w- C:\Program Files\Panda Security
2009-10-05 08:07:30 . 2009-10-05 08:11:10 0 d-----w- C:\Users\Simon\AppData\Local\VirtualStore
2009-10-05 07:51:29 . 2009-10-05 08:03:22 0 d-----w- C:\ToolBar SD
2009-10-05 07:49:32 . 2009-10-05 07:49:33 0 d-----w- C:\Program Files\CCleaner
2009-10-05 07:39:05 . 2009-10-05 08:38:04 0 d-----w- C:\GenProc
2009-10-05 07:32:02 . 2009-10-05 07:32:02 0 d-----w- C:\Program Files\Trend Micro
2009-10-05 07:14:42 . 2009-10-01 08:29:14 195440 ------w- C:\Windows\system32\MpSigStub.exe
2009-10-01 15:50:24 . 2008-02-17 15:16:00 90112 ----a-w- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\a2x2jijk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
2009-10-01 15:50:24 . 2007-12-28 09:15:38 172032 ----a-w- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\a2x2jijk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe
2009-10-01 15:50:24 . 2007-10-07 23:57:52 307200 ----a-w- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\a2x2jijk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
2009-10-01 07:14:24 . 2009-08-07 02:24:08 44768 ----a-w- C:\Windows\system32\wups2.dll
2009-10-01 07:14:24 . 2009-08-07 02:24:04 53472 ----a-w- C:\Windows\system32\wuauclt.exe
2009-10-01 07:14:24 . 2009-08-07 02:23:45 1929952 ----a-w- C:\Windows\system32\wuaueng.dll
2009-10-01 07:14:24 . 2009-08-07 01:45:15 2421760 ----a-w- C:\Windows\system32\wucltux.dll
2009-10-01 07:13:57 . 2009-08-07 02:24:09 35552 ----a-w- C:\Windows\system32\wups.dll
2009-10-01 07:13:57 . 2009-08-07 02:23:52 575704 ----a-w- C:\Windows\system32\wuapi.dll
2009-10-01 07:13:57 . 2009-08-07 01:44:40 87552 ----a-w- C:\Windows\system32\wudriver.dll
2009-10-01 07:13:41 . 2009-08-06 17:23:06 171608 ----a-w- C:\Windows\system32\wuwebv.dll
2009-10-01 07:13:41 . 2009-08-06 16:44:46 33792 ----a-w- C:\Windows\system32\wuapp.exe
2009-09-09 07:56:43 . 2009-09-09 07:56:43 89822 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\Uninstall.exe
2009-09-09 07:56:30 . 2009-10-07 06:55:16 0 d-----w- C:\Users\Simon\AppData\Roaming\Dropbox
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-07 06:56:31 . 2009-06-19 14:17:51 0 d-----w- C:\Users\Simon\AppData\Roaming\Skype
2009-10-07 06:55:25 . 2009-06-19 14:19:47 0 d-----w- C:\Users\Simon\AppData\Roaming\skypePM
2009-10-07 06:54:45 . 2009-01-05 08:46:14 0 d-----w- C:\Program Files\LogMeIn
2009-10-06 09:30:49 . 2009-01-05 11:06:26 12 ----a-w- C:\Windows\bthservsdp.dat
2009-10-05 11:24:07 . 2009-07-20 08:45:57 0 d-----w- C:\Users\Simon\AppData\Roaming\Spotify
2009-09-30 07:06:00 . 2009-06-04 07:49:06 0 d-----w- C:\Program Files\Microsoft Silverlight
2009-09-29 07:12:31 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail
2009-09-29 07:10:49 . 2008-05-20 20:47:45 0 d-----w- C:\ProgramData\Microsoft Help
2009-09-03 14:45:56 . 2008-01-21 07:42:05 672084 ----a-w- C:\Windows\system32\perfh00C.dat
2009-09-03 14:45:56 . 2008-01-21 07:42:05 124228 ----a-w- C:\Windows\system32\perfc00C.dat
2009-09-02 23:51:00 . 2009-09-02 23:51:00 26785147 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe
2009-09-02 23:45:26 . 2009-09-02 23:45:26 499712 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\msvcp71.dll
2009-09-02 23:45:26 . 2009-09-02 23:45:26 348160 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\msvcr71.dll
2009-09-02 23:45:22 . 2009-09-02 23:45:22 77824 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\DropboxExt.3.dll
2009-08-31 09:28:41 . 2009-08-31 09:28:27 0 d-----w- C:\Program Files\seRapid
2009-08-28 12:39:07 . 2009-09-03 07:09:22 28672 ----a-w- C:\Windows\system32\Apphlpdm.dll
2009-08-28 10:15:30 . 2009-09-03 07:09:19 4240384 ----a-w- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-08-27 13:13:19 . 2009-01-05 11:33:46 0 d-----w- C:\Program Files\NetAppel
2009-08-27 13:12:18 . 2009-06-02 08:00:17 0 d-----w- C:\Users\Simon\AppData\Roaming\NetAppel
2009-08-21 13:00:18 . 2009-06-08 09:08:15 0 d-----w- C:\Users\Simon\AppData\Roaming\uTorrent
2009-08-21 12:09:12 . 2009-07-10 08:38:16 0 d-----w- C:\Program Files\K-Lite Codec Pack
2009-08-20 11:46:22 . 2009-08-20 11:46:22 0 d-----w- C:\Users\Simon\AppData\Roaming\Lunascape
2009-08-20 11:44:49 . 2009-08-20 11:44:49 0 d-----w- C:\Program Files\Lunascape
2009-08-19 07:02:11 . 2009-07-30 15:35:21 55656 ----a-w- C:\Windows\system32\drivers\avgntflt.sys
2009-08-18 11:28:40 . 2009-06-02 07:14:38 100672 ----a-w- C:\Users\Simon\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-18 07:50:31 . 2009-01-05 09:56:40 0 d-----w- C:\Program Files\Microsoft Works
2009-08-14 17:07:56 . 2009-09-28 07:05:47 897608 ----a-w- C:\Windows\system32\drivers\tcpip.sys
2009-08-14 16:29:41 . 2009-09-28 07:05:47 104960 ----a-w- C:\Windows\system32\netiohlp.dll
2009-08-14 16:29:41 . 2009-09-28 07:05:44 17920 ----a-w- C:\Windows\system32\netevent.dll
2009-08-14 14:16:55 . 2009-09-28 07:05:46 9728 ----a-w- C:\Windows\system32\TCPSVCS.EXE
2009-08-14 14:16:55 . 2009-09-28 07:05:45 17920 ----a-w- C:\Windows\system32\ROUTE.EXE
2009-08-14 14:16:52 . 2009-09-28 07:05:45 11264 ----a-w- C:\Windows\system32\MRINFO.EXE
2009-08-14 14:16:51 . 2009-09-28 07:05:46 27136 ----a-w- C:\Windows\system32\NETSTAT.EXE
2009-08-14 14:16:50 . 2009-09-28 07:05:46 19968 ----a-w- C:\Windows\system32\ARP.EXE
2009-08-14 14:16:49 . 2009-09-28 07:05:46 8704 ----a-w- C:\Windows\system32\HOSTNAME.EXE
2009-08-14 14:16:49 . 2009-09-28 07:05:46 10240 ----a-w- C:\Windows\system32\finger.exe
2009-08-03 11:38:21 . 2009-08-03 11:38:45 410984 ----a-w- C:\Windows\system32\deploytk.dll
2009-07-31 12:52:15 . 2009-07-31 12:52:26 38208 ----a-w- C:\Users\Simon\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-07-21 21:52:28 . 2009-07-29 07:07:52 915456 ----a-w- C:\Windows\system32\wininet.dll
2009-07-21 21:47:28 . 2009-07-29 07:07:52 109056 ----a-w- C:\Windows\system32\iesysprep.dll
2009-07-21 21:47:27 . 2009-07-29 07:07:52 71680 ----a-w- C:\Windows\system32\iesetup.dll
2009-07-21 20:13:58 . 2009-07-29 07:07:52 133632 ----a-w- C:\Windows\system32\ieUnatt.exe
2009-07-17 14:35:11 . 2009-08-12 07:10:14 71680 ----a-w- C:\Windows\system32\atl.dll
2009-07-14 13:00:17 . 2009-08-12 07:10:00 313344 ----a-w- C:\Windows\system32\wmpdxm.dll
2009-07-14 12:59:28 . 2009-08-12 07:09:59 4096 ----a-w- C:\Windows\system32\dxmasf.dll
2009-07-14 12:58:44 . 2009-08-12 07:10:00 7680 ----a-w- C:\Windows\system32\spwmp.dll
2009-07-14 10:59:56 . 2009-08-12 07:09:59 8147456 ----a-w- C:\Windows\system32\wmploc.DLL
2009-07-11 19:32:52 . 2009-09-28 07:05:21 293376 ----a-w- C:\Windows\system32\wlanmsm.dll
2009-07-11 19:32:52 . 2009-09-28 07:05:14 513024 ----a-w- C:\Windows\system32\wlansvc.dll
2009-07-11 19:32:52 . 2009-09-28 07:05:14 302592 ----a-w- C:\Windows\system32\wlansec.dll
2009-07-11 19:29:04 . 2009-09-28 07:05:14 127488 ----a-w- C:\Windows\system32\L2SecHC.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-09-02 23:45:22 77824 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\DropboxExt.3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-09-02 23:45:22 77824 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\DropboxExt.3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-09-02 23:45:22 77824 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\DropboxExt.3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 22:38:12 121392 ----a-w- C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 02:23:55 1233920]
"NetAppel"="C:\Program Files\NetAppel\NetAppel.exe" [2009-07-17 11:53:07 9099056]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 10:34:04 5724184]
"Jing"="C:\Program Files\TechSmith\Jing\Jing.exe" [2009-05-25 23:03:08 2893064]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2009-04-23 13:51:38 691656]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2009-06-02 09:56:00 24264488]
"Google Update"="C:\Users\Simon\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-07-06 10:06:45 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-21 02:23:59 1008184]
"Acer Empowering Technology Monitor"="C:\Acer\Empowering Technology\SysMonitor.exe" [2008-04-15 14:11:18 326176]
"AutoLockProcess"="C:\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe" [2008-01-23 14:33:10 561152]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 01:06:32 40048]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48:22 57344]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 22:38:28 526896]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 17:46:10 63048]
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2008-06-29 22:01:01 52168]
"Windows Mobile-based device management"="C:\Windows\WindowsMobile\wmdc.exe" [2007-01-24 11:21:26 563080]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-12-25 23:08:00 13683232]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-12-25 23:08:00 92704]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-05-26 15:18:30 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-06-05 11:39:22 292136]
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 11:08:11 209153]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-08-03 11:38:26 148888]
"RtHDVCpl"="RtHDVCpl.exe" - C:\Windows\RtHDVCpl.exe [2008-01-29 10:51:52 4911104]
C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe [2009-9-3 26785147]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
ASETRES.EXE [2008-4-14 20480]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2008-5-20 535336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List]
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"= C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C25D4E79-3934-4F16-8559-115981301687}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{73428F3B-FB8F-4022-AF04-DCEA01D4166D}"= UDP:990:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001
"TCP Query User{04E6974E-22C8-404D-89BB-4728E4CFDE25}C:\\program files\\microsoft office\\office12\\outlook.exe"= UDP:C:\program files\microsoft office\office12\outlook.exe:Microsoft Office Outlook
"UDP Query User{2A960729-59E8-46B2-B88D-FE869D350A45}C:\\program files\\microsoft office\\office12\\outlook.exe"= TCP:C:\program files\microsoft office\office12\outlook.exe:Microsoft Office Outlook
"{CBF71289-AD05-4F79-98A7-363AF23DEADB}"= UDP:5721:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{ADDE234A-798D-4BCD-B0D4-B3EBA6E25E31}"= UDP:1034:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{F6266064-7F92-450A-B474-D482FE62F26B}"= UDP:5678:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{DB76B952-D3A5-48C2-91F2-BD20B84462C1}"= UDP:999:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{0F7E42F5-F13B-4266-8B94-BAB082B6D377}"= UDP:26675:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{1C9EA4C4-93A7-4B44-9A0B-0CB7692A23FD}"= UDP:990:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"{53271EDE-85F4-4DE2-8793-54A0751C209D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{7D82AE62-B4C0-4E8A-AACA-63B5C21467E9}C:\\program files\\call of duty 4\\iw3mp.exe"= UDP:C:\program files\call of duty 4\iw3mp.exe:iw3mp
"UDP Query User{75070076-A0A7-45FD-B1DF-AD810AD7588C}C:\\program files\\call of duty 4\\iw3mp.exe"= TCP:C:\program files\call of duty 4\iw3mp.exe:iw3mp
"{06D048E6-9B9F-4E0F-991D-C97C5FD5A474}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{7C02C524-4E06-41F9-A4BB-D9D3868FDEEA}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{AA4307FB-ACBE-45F9-99A7-759ED3997DA0}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{2889F075-F9F0-479E-9090-CD04780C3A61}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{F719E976-EC11-4208-804D-372636309728}"= UDP:5721:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{0649F210-CD22-4EA6-A2C1-9A547CB0212F}"= UDP:1034:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{DEE79333-471C-4FCD-A110-A7F1B17BAF61}"= UDP:5678:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{A38F6779-B319-481E-A015-185177BBFB26}"= UDP:999:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{385D357F-C62B-45FD-B278-C5A7431670D1}"= UDP:26675:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{D92D4573-49DA-4C44-8400-63D52D56418C}"= UDP:990:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"TCP Query User{25783556-81EF-4974-8C33-2C0E1A5AC9B7}C:\\program files\\secway\\simplite-msn 2.2\\simplite-msn.exe"= UDP:C:\program files\secway\simplite-msn 2.2\simplite-msn.exe:SimpPro
"UDP Query User{6ADB5580-7785-4580-BFC7-2D05D1DC7297}C:\\program files\\secway\\simplite-msn 2.2\\simplite-msn.exe"= TCP:C:\program files\secway\simplite-msn 2.2\simplite-msn.exe:SimpPro
"{33BC24AC-398E-48B1-8129-CC32EAE7240F}"= UDP:C:\Program Files\NetAppel\NetAppel.exe:NetAppel
"{43076226-E091-4753-A615-2EB6221E9A97}"= TCP:C:\Program Files\NetAppel\NetAppel.exe:NetAppel
"{35B3928B-54D5-4C1A-ADE9-E58366B7A404}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{482B5C02-B6B5-4807-830D-CF0F2E49DC18}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{57EDA746-87BC-49C2-A981-2C9C4E3E05EF}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{484DEC8C-3C83-4BE0-A9E5-489C85440D74}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{A5EFC7D8-9B96-4249-B7B7-0ACCF8F2C126}C:\\program files\\zattoo\\zattood.exe"= UDP:C:\program files\zattoo\zattood.exe:zattood
"UDP Query User{AF28FEE8-8791-417E-8022-2C698EDD8F7C}C:\\program files\\zattoo\\zattood.exe"= TCP:C:\program files\zattoo\zattood.exe:zattood
"{4B3DB011-57E0-402A-AC8F-B2B72644D8CC}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{200D89AD-7902-478C-930E-8AC42B503D9B}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{AE653238-8625-4DB4-952B-5996B33C0E15}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{FD2DE80E-E2B5-42E6-8ABE-06263AC0E4DC}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{FEA7590C-185A-4768-A0BA-4FBDB1AC20C6}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{18A220CB-0B50-4E80-8C4E-8F260991417A}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{FE5F8D25-A7EB-411E-8717-EDCB62DFDFF5}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{46393171-ECBC-444F-8665-246FC35C03E9}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{D9CEB6FF-0F8A-46DA-8E10-0AAC0AA64B59}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{27F0AB5A-1882-4E35-80F5-31423849222D}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{61B57C03-F760-4CA1-8438-DE14E7124347}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{5400960E-4EED-4916-9983-E773C232CC1D}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{46B50DAA-BFD0-41F7-89AC-D203305C17BB}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{49BE9D21-1C0A-47A4-8FA1-5212292EA007}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{6DA831DA-95B7-4362-8CAE-BF320C79C4EF}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{609FA76C-8F03-43F4-A77C-68BA1A0153D2}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{F4E2847E-16E8-4286-9090-BE1185C59CD1}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{76A8DA20-6D24-415D-A02A-28E05710512F}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{AC406508-1DBF-42DB-8C21-EEBEDC36B395}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{903EAD21-1D35-46AB-9F70-1F29C7DAD554}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{32675B7C-498C-470E-BCFF-4E94BF80B036}C:\\program files\\zattoo\\zattoo.exe"= UDP:C:\program files\zattoo\zattoo.exe:
"UDP Query User{B6A64F11-D2A7-42CF-8E27-7BD6A95D64E4}C:\\program files\\zattoo\\zattoo.exe"= TCP:C:\program files\zattoo\zattoo.exe:
"{65FB419F-0711-4A1E-AB0B-7DA43B1D202F}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{6126C437-8555-4383-B003-E242D069D123}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{D25F1B8B-3761-4DA9-B83C-1A9B32213727}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{B76F813F-57AF-46C7-B787-94DA020576B6}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{4ECF04A8-7159-4248-8BCC-8724B6AF8AC4}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{44CB8202-BA3F-48A8-997B-337017CA5988}"= UDP:C:\Program Files\Spotify\spotify.exe:Spotify
"{0397781F-5365-43AA-A168-24553C735D08}"= TCP:C:\Program Files\Spotify\spotify.exe:Spotify
"{9AA5BC05-A155-407A-A3EE-D45FE7A51334}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{C73EC226-E364-4761-96F2-342DB8D31153}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{BDF81001-DFDA-43FE-B63E-DCE863BB2BBA}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{3BA0F2D4-8FB9-483E-A9A4-F5894BB8E903}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{0BE28AC1-3974-4464-931C-90327B38601E}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{1ED93B91-4670-4CB1-B0C0-3CF633B8B83B}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{95905E66-267D-4F2B-918F-767EAE34D4ED}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{654C0CDD-0B25-4069-A31C-0E76F81DE46D}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{1D0D2485-3C35-488A-AA20-58C33C517D60}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{65EF6C9D-8DCE-4F5D-8E45-13E2484717D1}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{D0810B34-1F36-4A83-8026-321756BE4F25}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{9ACB1A4F-2A12-4028-909F-CD14018535F3}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{9DA8001C-05F3-4AE4-AE37-2756ED0B17B4}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{57F37E0E-1192-4551-A72F-27AA2F77FE6D}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{63E34994-FBF9-4273-A17D-FAFB251F92D7}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{2278334A-7304-409C-BD08-9891168D24F1}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{8421188E-E91D-4A8B-98FE-5064691D9F4F}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{6F09A071-75F0-460E-A295-172B7912CC95}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{E76A97B4-435A-443B-B0E8-C2BA59569F7B}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{73EB3F1A-B763-41F6-99D4-02D17B4BFCD1}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{347C8503-C5C8-44A9-B9FC-9881EE58B0F3}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{4BA12FDB-C278-49A8-A953-BE32E1E5BF7D}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{04F224BF-F3EC-4646-AE74-B61ECDAF6F19}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{B36B45A5-86D3-4027-953B-80F22EDAF823}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{D7115EF1-7355-4493-A901-A4D5DD38648C}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{C1B16398-236D-4CCA-A162-E87CB1689623}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{1EDED898-52BA-4662-B6BB-B3FAE355E526}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{069B14AC-A743-4B43-9B27-AA41B4D5B7E5}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{222AEE24-BD57-4C03-AE85-209D8BC35ED9}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{A5C54F9A-BE52-42B1-B3A5-55896C0E5D9B}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{120E081B-267B-4E94-8DC2-1F44707825A3}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"= C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
R0 eLock2BurnerLockDriver;Disk Performance Monitor Filter Driver;C:\Windows\System32\drivers\eLock2burnerlockdriver.sys [20.05.2008 23:11:20 22048]
R0 pavboot;pavboot;C:\Windows\System32\drivers\pavboot.sys [05.10.2009 11:06:57 28544]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;C:\Program Files\Avira\AntiVir Desktop\sched.exe [30.07.2009 17:35:20 108289]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;C:\Windows\System32\drivers\eLock2FSCTLDriver.sys [20.05.2008 23:11:20 86048]
R2 eProtection;eProtection Service;C:\Program Files\Acer\eProtection\service\eProtectionServ.exe [20.05.2008 23:10:37 24576]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\rainfo.sys [24.07.2008 19:46:12 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [05.01.2009 10:46:38 47640]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
.
Contenu du dossier 'Tâches planifiées'
2009-10-05 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4123799123-1532054555-1242224909-1144Core.job
- C:\Users\Simon\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-06 10:06:46 . 2009-07-06 10:06:45]
2009-10-07 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4123799123-1532054555-1242224909-1144UA.job
- C:\Users\Simon\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-06 10:06:46 . 2009-07-06 10:06:45]
2009-10-06 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20:38 . 2007-10-19 10:20:38]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: {C83EE8FE-057B-43E1-A333-7DFFA3AAE9BD} = 192.168.0.2,192.168.0.1
FF - ProfilePath - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\a2x2jijk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - component: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\a2x2jijk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npornap.dll
FF - plugin: C:\Users\Simon\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -
HKLM-Run-Apanel - C:\ACERSW\config\SetApanel.cmd
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-pdfSaver3 - (no file)
Par contre, le programme a complètement déréglé ma connexion réseau... je l'ai remis comme avant.
A+
Voici le rapport :
ComboFix 09-10-06.03 - Simon 07.10.2009 9:08:55.1.4 - NTFSx86
Microsoft® Windows Vista™ Professionnel 6.0.6001.1.1252.41.1036.18.1791.531 [GMT 2:00]
Lancé depuis: C:\Users\Simon\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-07 au 2009-10-07 ))))))))))))))))))))))))))))))))))))
.
2009-10-07 07:16:11 . 2009-10-07 07:16:11 0 d-----w- C:\Users\rousset.GROUPE-PROCAB\AppData\Local\temp
2009-10-07 07:16:07 . 2009-10-07 07:16:07 0 d-----w- C:\Users\rousset\AppData\Local\temp
2009-10-07 07:16:07 . 2009-10-07 07:16:07 0 d-----w- C:\Users\Default\AppData\Local\temp
2009-10-07 07:16:07 . 2009-10-07 07:16:07 0 d-----w- C:\Users\berlovan\AppData\Local\temp
2009-10-05 12:57:35 . 2009-10-05 13:21:20 0 d-----w- C:\Users\Simon\AppData\Roaming\Notepad++
2009-10-05 12:57:35 . 2009-10-05 12:57:38 0 d-----w- C:\Program Files\Notepad++
2009-10-05 09:06:57 . 2008-06-19 15:24:30 28544 ----a-w- C:\Windows\system32\drivers\pavboot.sys
2009-10-05 09:06:36 . 2009-10-05 09:06:36 0 d-----w- C:\Program Files\Panda Security
2009-10-05 08:07:30 . 2009-10-05 08:11:10 0 d-----w- C:\Users\Simon\AppData\Local\VirtualStore
2009-10-05 07:51:29 . 2009-10-05 08:03:22 0 d-----w- C:\ToolBar SD
2009-10-05 07:49:32 . 2009-10-05 07:49:33 0 d-----w- C:\Program Files\CCleaner
2009-10-05 07:39:05 . 2009-10-05 08:38:04 0 d-----w- C:\GenProc
2009-10-05 07:32:02 . 2009-10-05 07:32:02 0 d-----w- C:\Program Files\Trend Micro
2009-10-05 07:14:42 . 2009-10-01 08:29:14 195440 ------w- C:\Windows\system32\MpSigStub.exe
2009-10-01 15:50:24 . 2008-02-17 15:16:00 90112 ----a-w- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\a2x2jijk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
2009-10-01 15:50:24 . 2007-12-28 09:15:38 172032 ----a-w- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\a2x2jijk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe
2009-10-01 15:50:24 . 2007-10-07 23:57:52 307200 ----a-w- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\a2x2jijk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
2009-10-01 07:14:24 . 2009-08-07 02:24:08 44768 ----a-w- C:\Windows\system32\wups2.dll
2009-10-01 07:14:24 . 2009-08-07 02:24:04 53472 ----a-w- C:\Windows\system32\wuauclt.exe
2009-10-01 07:14:24 . 2009-08-07 02:23:45 1929952 ----a-w- C:\Windows\system32\wuaueng.dll
2009-10-01 07:14:24 . 2009-08-07 01:45:15 2421760 ----a-w- C:\Windows\system32\wucltux.dll
2009-10-01 07:13:57 . 2009-08-07 02:24:09 35552 ----a-w- C:\Windows\system32\wups.dll
2009-10-01 07:13:57 . 2009-08-07 02:23:52 575704 ----a-w- C:\Windows\system32\wuapi.dll
2009-10-01 07:13:57 . 2009-08-07 01:44:40 87552 ----a-w- C:\Windows\system32\wudriver.dll
2009-10-01 07:13:41 . 2009-08-06 17:23:06 171608 ----a-w- C:\Windows\system32\wuwebv.dll
2009-10-01 07:13:41 . 2009-08-06 16:44:46 33792 ----a-w- C:\Windows\system32\wuapp.exe
2009-09-09 07:56:43 . 2009-09-09 07:56:43 89822 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\Uninstall.exe
2009-09-09 07:56:30 . 2009-10-07 06:55:16 0 d-----w- C:\Users\Simon\AppData\Roaming\Dropbox
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-07 06:56:31 . 2009-06-19 14:17:51 0 d-----w- C:\Users\Simon\AppData\Roaming\Skype
2009-10-07 06:55:25 . 2009-06-19 14:19:47 0 d-----w- C:\Users\Simon\AppData\Roaming\skypePM
2009-10-07 06:54:45 . 2009-01-05 08:46:14 0 d-----w- C:\Program Files\LogMeIn
2009-10-06 09:30:49 . 2009-01-05 11:06:26 12 ----a-w- C:\Windows\bthservsdp.dat
2009-10-05 11:24:07 . 2009-07-20 08:45:57 0 d-----w- C:\Users\Simon\AppData\Roaming\Spotify
2009-09-30 07:06:00 . 2009-06-04 07:49:06 0 d-----w- C:\Program Files\Microsoft Silverlight
2009-09-29 07:12:31 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail
2009-09-29 07:10:49 . 2008-05-20 20:47:45 0 d-----w- C:\ProgramData\Microsoft Help
2009-09-03 14:45:56 . 2008-01-21 07:42:05 672084 ----a-w- C:\Windows\system32\perfh00C.dat
2009-09-03 14:45:56 . 2008-01-21 07:42:05 124228 ----a-w- C:\Windows\system32\perfc00C.dat
2009-09-02 23:51:00 . 2009-09-02 23:51:00 26785147 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe
2009-09-02 23:45:26 . 2009-09-02 23:45:26 499712 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\msvcp71.dll
2009-09-02 23:45:26 . 2009-09-02 23:45:26 348160 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\msvcr71.dll
2009-09-02 23:45:22 . 2009-09-02 23:45:22 77824 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\DropboxExt.3.dll
2009-08-31 09:28:41 . 2009-08-31 09:28:27 0 d-----w- C:\Program Files\seRapid
2009-08-28 12:39:07 . 2009-09-03 07:09:22 28672 ----a-w- C:\Windows\system32\Apphlpdm.dll
2009-08-28 10:15:30 . 2009-09-03 07:09:19 4240384 ----a-w- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-08-27 13:13:19 . 2009-01-05 11:33:46 0 d-----w- C:\Program Files\NetAppel
2009-08-27 13:12:18 . 2009-06-02 08:00:17 0 d-----w- C:\Users\Simon\AppData\Roaming\NetAppel
2009-08-21 13:00:18 . 2009-06-08 09:08:15 0 d-----w- C:\Users\Simon\AppData\Roaming\uTorrent
2009-08-21 12:09:12 . 2009-07-10 08:38:16 0 d-----w- C:\Program Files\K-Lite Codec Pack
2009-08-20 11:46:22 . 2009-08-20 11:46:22 0 d-----w- C:\Users\Simon\AppData\Roaming\Lunascape
2009-08-20 11:44:49 . 2009-08-20 11:44:49 0 d-----w- C:\Program Files\Lunascape
2009-08-19 07:02:11 . 2009-07-30 15:35:21 55656 ----a-w- C:\Windows\system32\drivers\avgntflt.sys
2009-08-18 11:28:40 . 2009-06-02 07:14:38 100672 ----a-w- C:\Users\Simon\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-18 07:50:31 . 2009-01-05 09:56:40 0 d-----w- C:\Program Files\Microsoft Works
2009-08-14 17:07:56 . 2009-09-28 07:05:47 897608 ----a-w- C:\Windows\system32\drivers\tcpip.sys
2009-08-14 16:29:41 . 2009-09-28 07:05:47 104960 ----a-w- C:\Windows\system32\netiohlp.dll
2009-08-14 16:29:41 . 2009-09-28 07:05:44 17920 ----a-w- C:\Windows\system32\netevent.dll
2009-08-14 14:16:55 . 2009-09-28 07:05:46 9728 ----a-w- C:\Windows\system32\TCPSVCS.EXE
2009-08-14 14:16:55 . 2009-09-28 07:05:45 17920 ----a-w- C:\Windows\system32\ROUTE.EXE
2009-08-14 14:16:52 . 2009-09-28 07:05:45 11264 ----a-w- C:\Windows\system32\MRINFO.EXE
2009-08-14 14:16:51 . 2009-09-28 07:05:46 27136 ----a-w- C:\Windows\system32\NETSTAT.EXE
2009-08-14 14:16:50 . 2009-09-28 07:05:46 19968 ----a-w- C:\Windows\system32\ARP.EXE
2009-08-14 14:16:49 . 2009-09-28 07:05:46 8704 ----a-w- C:\Windows\system32\HOSTNAME.EXE
2009-08-14 14:16:49 . 2009-09-28 07:05:46 10240 ----a-w- C:\Windows\system32\finger.exe
2009-08-03 11:38:21 . 2009-08-03 11:38:45 410984 ----a-w- C:\Windows\system32\deploytk.dll
2009-07-31 12:52:15 . 2009-07-31 12:52:26 38208 ----a-w- C:\Users\Simon\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-07-21 21:52:28 . 2009-07-29 07:07:52 915456 ----a-w- C:\Windows\system32\wininet.dll
2009-07-21 21:47:28 . 2009-07-29 07:07:52 109056 ----a-w- C:\Windows\system32\iesysprep.dll
2009-07-21 21:47:27 . 2009-07-29 07:07:52 71680 ----a-w- C:\Windows\system32\iesetup.dll
2009-07-21 20:13:58 . 2009-07-29 07:07:52 133632 ----a-w- C:\Windows\system32\ieUnatt.exe
2009-07-17 14:35:11 . 2009-08-12 07:10:14 71680 ----a-w- C:\Windows\system32\atl.dll
2009-07-14 13:00:17 . 2009-08-12 07:10:00 313344 ----a-w- C:\Windows\system32\wmpdxm.dll
2009-07-14 12:59:28 . 2009-08-12 07:09:59 4096 ----a-w- C:\Windows\system32\dxmasf.dll
2009-07-14 12:58:44 . 2009-08-12 07:10:00 7680 ----a-w- C:\Windows\system32\spwmp.dll
2009-07-14 10:59:56 . 2009-08-12 07:09:59 8147456 ----a-w- C:\Windows\system32\wmploc.DLL
2009-07-11 19:32:52 . 2009-09-28 07:05:21 293376 ----a-w- C:\Windows\system32\wlanmsm.dll
2009-07-11 19:32:52 . 2009-09-28 07:05:14 513024 ----a-w- C:\Windows\system32\wlansvc.dll
2009-07-11 19:32:52 . 2009-09-28 07:05:14 302592 ----a-w- C:\Windows\system32\wlansec.dll
2009-07-11 19:29:04 . 2009-09-28 07:05:14 127488 ----a-w- C:\Windows\system32\L2SecHC.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-09-02 23:45:22 77824 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\DropboxExt.3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-09-02 23:45:22 77824 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\DropboxExt.3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-09-02 23:45:22 77824 ----a-w- C:\Users\Simon\AppData\Roaming\Dropbox\bin\DropboxExt.3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 22:38:12 121392 ----a-w- C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 02:23:55 1233920]
"NetAppel"="C:\Program Files\NetAppel\NetAppel.exe" [2009-07-17 11:53:07 9099056]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 10:34:04 5724184]
"Jing"="C:\Program Files\TechSmith\Jing\Jing.exe" [2009-05-25 23:03:08 2893064]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2009-04-23 13:51:38 691656]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2009-06-02 09:56:00 24264488]
"Google Update"="C:\Users\Simon\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-07-06 10:06:45 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-21 02:23:59 1008184]
"Acer Empowering Technology Monitor"="C:\Acer\Empowering Technology\SysMonitor.exe" [2008-04-15 14:11:18 326176]
"AutoLockProcess"="C:\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe" [2008-01-23 14:33:10 561152]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 01:06:32 40048]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48:22 57344]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 22:38:28 526896]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 17:46:10 63048]
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2008-06-29 22:01:01 52168]
"Windows Mobile-based device management"="C:\Windows\WindowsMobile\wmdc.exe" [2007-01-24 11:21:26 563080]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-12-25 23:08:00 13683232]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-12-25 23:08:00 92704]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-05-26 15:18:30 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-06-05 11:39:22 292136]
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 11:08:11 209153]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-08-03 11:38:26 148888]
"RtHDVCpl"="RtHDVCpl.exe" - C:\Windows\RtHDVCpl.exe [2008-01-29 10:51:52 4911104]
C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe [2009-9-3 26785147]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
ASETRES.EXE [2008-4-14 20480]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2008-5-20 535336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List]
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"= C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C25D4E79-3934-4F16-8559-115981301687}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{73428F3B-FB8F-4022-AF04-DCEA01D4166D}"= UDP:990:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001
"TCP Query User{04E6974E-22C8-404D-89BB-4728E4CFDE25}C:\\program files\\microsoft office\\office12\\outlook.exe"= UDP:C:\program files\microsoft office\office12\outlook.exe:Microsoft Office Outlook
"UDP Query User{2A960729-59E8-46B2-B88D-FE869D350A45}C:\\program files\\microsoft office\\office12\\outlook.exe"= TCP:C:\program files\microsoft office\office12\outlook.exe:Microsoft Office Outlook
"{CBF71289-AD05-4F79-98A7-363AF23DEADB}"= UDP:5721:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{ADDE234A-798D-4BCD-B0D4-B3EBA6E25E31}"= UDP:1034:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{F6266064-7F92-450A-B474-D482FE62F26B}"= UDP:5678:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{DB76B952-D3A5-48C2-91F2-BD20B84462C1}"= UDP:999:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{0F7E42F5-F13B-4266-8B94-BAB082B6D377}"= UDP:26675:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{1C9EA4C4-93A7-4B44-9A0B-0CB7692A23FD}"= UDP:990:LocalSubnet:LocalSubnet|IF={0A65AB2D-59AA-4678-80E1-A89AA753FE90}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"{53271EDE-85F4-4DE2-8793-54A0751C209D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{7D82AE62-B4C0-4E8A-AACA-63B5C21467E9}C:\\program files\\call of duty 4\\iw3mp.exe"= UDP:C:\program files\call of duty 4\iw3mp.exe:iw3mp
"UDP Query User{75070076-A0A7-45FD-B1DF-AD810AD7588C}C:\\program files\\call of duty 4\\iw3mp.exe"= TCP:C:\program files\call of duty 4\iw3mp.exe:iw3mp
"{06D048E6-9B9F-4E0F-991D-C97C5FD5A474}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{7C02C524-4E06-41F9-A4BB-D9D3868FDEEA}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{AA4307FB-ACBE-45F9-99A7-759ED3997DA0}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{2889F075-F9F0-479E-9090-CD04780C3A61}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{F719E976-EC11-4208-804D-372636309728}"= UDP:5721:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{0649F210-CD22-4EA6-A2C1-9A547CB0212F}"= UDP:1034:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{DEE79333-471C-4FCD-A110-A7F1B17BAF61}"= UDP:5678:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{A38F6779-B319-481E-A015-185177BBFB26}"= UDP:999:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{385D357F-C62B-45FD-B278-C5A7431670D1}"= UDP:26675:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{D92D4573-49DA-4C44-8400-63D52D56418C}"= UDP:990:LocalSubnet:LocalSubnet|IF={70A5935F-0FD5-4C9D-9DAB-9BCD3E7B86B4}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"TCP Query User{25783556-81EF-4974-8C33-2C0E1A5AC9B7}C:\\program files\\secway\\simplite-msn 2.2\\simplite-msn.exe"= UDP:C:\program files\secway\simplite-msn 2.2\simplite-msn.exe:SimpPro
"UDP Query User{6ADB5580-7785-4580-BFC7-2D05D1DC7297}C:\\program files\\secway\\simplite-msn 2.2\\simplite-msn.exe"= TCP:C:\program files\secway\simplite-msn 2.2\simplite-msn.exe:SimpPro
"{33BC24AC-398E-48B1-8129-CC32EAE7240F}"= UDP:C:\Program Files\NetAppel\NetAppel.exe:NetAppel
"{43076226-E091-4753-A615-2EB6221E9A97}"= TCP:C:\Program Files\NetAppel\NetAppel.exe:NetAppel
"{35B3928B-54D5-4C1A-ADE9-E58366B7A404}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{482B5C02-B6B5-4807-830D-CF0F2E49DC18}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{57EDA746-87BC-49C2-A981-2C9C4E3E05EF}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{484DEC8C-3C83-4BE0-A9E5-489C85440D74}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{A5EFC7D8-9B96-4249-B7B7-0ACCF8F2C126}C:\\program files\\zattoo\\zattood.exe"= UDP:C:\program files\zattoo\zattood.exe:zattood
"UDP Query User{AF28FEE8-8791-417E-8022-2C698EDD8F7C}C:\\program files\\zattoo\\zattood.exe"= TCP:C:\program files\zattoo\zattood.exe:zattood
"{4B3DB011-57E0-402A-AC8F-B2B72644D8CC}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{200D89AD-7902-478C-930E-8AC42B503D9B}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{AE653238-8625-4DB4-952B-5996B33C0E15}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{FD2DE80E-E2B5-42E6-8ABE-06263AC0E4DC}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{FEA7590C-185A-4768-A0BA-4FBDB1AC20C6}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{18A220CB-0B50-4E80-8C4E-8F260991417A}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{FE5F8D25-A7EB-411E-8717-EDCB62DFDFF5}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{46393171-ECBC-444F-8665-246FC35C03E9}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{D9CEB6FF-0F8A-46DA-8E10-0AAC0AA64B59}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{27F0AB5A-1882-4E35-80F5-31423849222D}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{61B57C03-F760-4CA1-8438-DE14E7124347}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{5400960E-4EED-4916-9983-E773C232CC1D}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{46B50DAA-BFD0-41F7-89AC-D203305C17BB}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{49BE9D21-1C0A-47A4-8FA1-5212292EA007}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{6DA831DA-95B7-4362-8CAE-BF320C79C4EF}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{609FA76C-8F03-43F4-A77C-68BA1A0153D2}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{F4E2847E-16E8-4286-9090-BE1185C59CD1}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{76A8DA20-6D24-415D-A02A-28E05710512F}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{AC406508-1DBF-42DB-8C21-EEBEDC36B395}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{903EAD21-1D35-46AB-9F70-1F29C7DAD554}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{32675B7C-498C-470E-BCFF-4E94BF80B036}C:\\program files\\zattoo\\zattoo.exe"= UDP:C:\program files\zattoo\zattoo.exe:
"UDP Query User{B6A64F11-D2A7-42CF-8E27-7BD6A95D64E4}C:\\program files\\zattoo\\zattoo.exe"= TCP:C:\program files\zattoo\zattoo.exe:
"{65FB419F-0711-4A1E-AB0B-7DA43B1D202F}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{6126C437-8555-4383-B003-E242D069D123}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{D25F1B8B-3761-4DA9-B83C-1A9B32213727}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{B76F813F-57AF-46C7-B787-94DA020576B6}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{4ECF04A8-7159-4248-8BCC-8724B6AF8AC4}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{44CB8202-BA3F-48A8-997B-337017CA5988}"= UDP:C:\Program Files\Spotify\spotify.exe:Spotify
"{0397781F-5365-43AA-A168-24553C735D08}"= TCP:C:\Program Files\Spotify\spotify.exe:Spotify
"{9AA5BC05-A155-407A-A3EE-D45FE7A51334}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{C73EC226-E364-4761-96F2-342DB8D31153}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{BDF81001-DFDA-43FE-B63E-DCE863BB2BBA}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{3BA0F2D4-8FB9-483E-A9A4-F5894BB8E903}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{0BE28AC1-3974-4464-931C-90327B38601E}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{1ED93B91-4670-4CB1-B0C0-3CF633B8B83B}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{95905E66-267D-4F2B-918F-767EAE34D4ED}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{654C0CDD-0B25-4069-A31C-0E76F81DE46D}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{1D0D2485-3C35-488A-AA20-58C33C517D60}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{65EF6C9D-8DCE-4F5D-8E45-13E2484717D1}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{D0810B34-1F36-4A83-8026-321756BE4F25}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{9ACB1A4F-2A12-4028-909F-CD14018535F3}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{9DA8001C-05F3-4AE4-AE37-2756ED0B17B4}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{57F37E0E-1192-4551-A72F-27AA2F77FE6D}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{63E34994-FBF9-4273-A17D-FAFB251F92D7}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{2278334A-7304-409C-BD08-9891168D24F1}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{8421188E-E91D-4A8B-98FE-5064691D9F4F}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{6F09A071-75F0-460E-A295-172B7912CC95}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{E76A97B4-435A-443B-B0E8-C2BA59569F7B}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{73EB3F1A-B763-41F6-99D4-02D17B4BFCD1}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{347C8503-C5C8-44A9-B9FC-9881EE58B0F3}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{4BA12FDB-C278-49A8-A953-BE32E1E5BF7D}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{04F224BF-F3EC-4646-AE74-B61ECDAF6F19}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{B36B45A5-86D3-4027-953B-80F22EDAF823}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{D7115EF1-7355-4493-A901-A4D5DD38648C}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{C1B16398-236D-4CCA-A162-E87CB1689623}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{1EDED898-52BA-4662-B6BB-B3FAE355E526}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{069B14AC-A743-4B43-9B27-AA41B4D5B7E5}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{222AEE24-BD57-4C03-AE85-209D8BC35ED9}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{A5C54F9A-BE52-42B1-B3A5-55896C0E5D9B}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{120E081B-267B-4E94-8DC2-1F44707825A3}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"= C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
R0 eLock2BurnerLockDriver;Disk Performance Monitor Filter Driver;C:\Windows\System32\drivers\eLock2burnerlockdriver.sys [20.05.2008 23:11:20 22048]
R0 pavboot;pavboot;C:\Windows\System32\drivers\pavboot.sys [05.10.2009 11:06:57 28544]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;C:\Program Files\Avira\AntiVir Desktop\sched.exe [30.07.2009 17:35:20 108289]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;C:\Windows\System32\drivers\eLock2FSCTLDriver.sys [20.05.2008 23:11:20 86048]
R2 eProtection;eProtection Service;C:\Program Files\Acer\eProtection\service\eProtectionServ.exe [20.05.2008 23:10:37 24576]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\rainfo.sys [24.07.2008 19:46:12 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [05.01.2009 10:46:38 47640]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
.
Contenu du dossier 'Tâches planifiées'
2009-10-05 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4123799123-1532054555-1242224909-1144Core.job
- C:\Users\Simon\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-06 10:06:46 . 2009-07-06 10:06:45]
2009-10-07 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4123799123-1532054555-1242224909-1144UA.job
- C:\Users\Simon\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-06 10:06:46 . 2009-07-06 10:06:45]
2009-10-06 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20:38 . 2007-10-19 10:20:38]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: {C83EE8FE-057B-43E1-A333-7DFFA3AAE9BD} = 192.168.0.2,192.168.0.1
FF - ProfilePath - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\a2x2jijk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - component: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\a2x2jijk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npornap.dll
FF - plugin: C:\Users\Simon\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -
HKLM-Run-Apanel - C:\ACERSW\config\SetApanel.cmd
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-pdfSaver3 - (no file)
Par contre, le programme a complètement déréglé ma connexion réseau... je l'ai remis comme avant.
A+
