Sujet Précédent Sujet Suivant

Rapport Hijackthis

Ret -  
Narco!4 Messages postés 2446 Statut Contributeur -
Bonjour,
Apres avoir eu des probleme de connexion (par livebox) j'ai contacter orange --> je ne pouvais plus accéder a la livebox (l'ordi semblait ne plus pouvoir communiquer avec); le conseiller m'a di de désactiver l'ensemble des objets et services de démarrage et, magique cela a refonctionné --> concusion je me suis mis en chasse de l'objet intempestif.
Apres avoir surfer un bon bout de temps, j'en arrive a poster le rapport de l'execution de hijackthis en esperant que quelqu'un puisse m'expliquer que faire. (notamment l'attitude a adopter envers "1.exe" qui est d'ailleurs invisible dans l'explorer).

Merci d'avance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:10:19, on 28/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9IE.EXE
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Hijackthis\HijackThis.exe
C:\Documents and Settings\1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9IE.EXE /P31 "EPSON Stylus Photo RX700 Series" /O6 "USB001" /M "Stylus Photo RX700"
O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [1] C:\Documents and Settings\1\1.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
A voir également:

10 réponses

Réponse 1 / 10
Narco!4 Messages postés 2446 Statut Contributeur 467
 
Bonjour,

télécharge GenProc http://www.genproc.com/GenProc.exe

double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
2
Réponse 2 / 10
Ret
 
Pourquoi kaspersky le deteste?
0
Réponse 3 / 10
Narco!4 Messages postés 2446 Statut Contributeur 467
 
accepte
0
Réponse 4 / 10
Ret
 
Voici le rapport :

Rapport GenProc 2.652 [2] - 28/11/2009 à 14:47:21
@ Windows XP Service Pack 3 - Mode normal
@ Google Chrome 3.0.195.33 [Navigateur par défaut]

GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :

Fais scanner le(s) fichier(s) suivant(s) sur ce site https://www.virustotal.com/gui/ :

C:\WINDOWS\CDE RX700FGD.ini

et poste le(s) rapport(s) obtenu(s) dans ta prochaine réponse.

~~~~ INFORMATION COMPLEMENTAIRE ~~~~

Rapport de ZHPDiag v1.24.34 par Nicolas Coolman
Run by 1 at 28/11/2009 14:48:46
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v8.0.6001.18702

Boot mode: Normal (Normal boot)
Total RAM: 3063 MB (73% free)
System drive C: has 890 GB (95%) free of 932 GB

---\\
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\services.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe

---\\
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp

---\\
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

---\\
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll

---\\
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

---\\
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

---\\
O4 - HKLM\..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9IE.EXE /P31 EPSON Stylus Photo RX700 Series /O6 USB001 /M Stylus Photo RX700
O4 - HKLM\..\Run: [TurboV] C:\Program Files\ASUS\TurboV\TurboV.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [1] C:\Documents and Settings\1\1.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - Global Startup: Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

---\\
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm

---\\
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kbrd.ico
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\logo.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\
O10 - WLSP:\000000000001\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\Program Files\Bonjour\mdnsNSP.dll

---\\
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...

---\\
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll

---\\
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll

---\\
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

---\\
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll

---\\
O23 - Service: ASUS System Control Service (AsSysCtrlService) - C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
O23 - Service: Kaspersky Internet Security (AVP) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" -r
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: Process Monitor (LVPrcSrv) - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Performance Driver Service (NVIDIA Performance Driver Service) - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe

---\\
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1482476501-1801674531-1003Core.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1482476501-1801674531-1003UA.job

---\\
O41 - Driver: AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys
O41 - Driver: AsIO (AsIO) - C:\WINDOWS\system32\drivers\AsIO.sys
O41 - Driver: Pilote de CD-ROM (Cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: Pilote de filtre de gravure CD (Imapi) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: Pilote de processeur Intel (intelppm) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Pilote de la classe Clavier (Kbdclass) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys
O41 - Driver: Pilote de la classe Souris (Mouclass) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (no object) (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys
O41 - Driver: Interface de gestion Microsoft Windows pour ACPI (WmiAcpi) - C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

---\\
O42 - Logiciel: 7-Zip 4.65
O42 - Logiciel: Adobe Bridge 1.0
O42 - Logiciel: Adobe Common File Installer
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Help Center 1.0
O42 - Logiciel: Adobe Photoshop CS2
O42 - Logiciel: Adobe Reader 8.1.1
O42 - Logiciel: Adobe Stock Photos 1.0
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Blender (remove only)
O42 - Logiciel: Bonjour
O42 - Logiciel: CDDRV_Installer
O42 - Logiciel: CleanUp!
O42 - Logiciel: Counter-Strike
O42 - Logiciel: DVD Solution
O42 - Logiciel: EPSON Attach To Email
O42 - Logiciel: EPSON Copy Utility 3
O42 - Logiciel: EPSON Easy Photo Print
O42 - Logiciel: EPSON Event Manager
O42 - Logiciel: EPSON File Manager
O42 - Logiciel: EPSON Image Clip Palette
O42 - Logiciel: EPSON Logiciel imprimante
O42 - Logiciel: EPSON PRINT Image Framer Tool
O42 - Logiciel: EPSON Print CD
O42 - Logiciel: EPSON Scan Assistant
O42 - Logiciel: EPSON Web-To-Page
O42 - Logiciel: ESPRX700 Guide d'utilisation
O42 - Logiciel: Express Gate Updater
O42 - Logiciel: GPGNet
O42 - Logiciel: GUILD WARS
O42 - Logiciel: Garena
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5)
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: Kaspersky Internet Security 2010
O42 - Logiciel: KhalInstallWrapper
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Left 4 Dead 2 Demo
O42 - Logiciel: LimeWire 5.3.6
O42 - Logiciel: Logitech Registration
O42 - Logiciel: Logitech SetPoint
O42 - Logiciel: Logitech Webcam Software
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: MSXML 4.0 SP2 (KB973688)
O42 - Logiciel: Marvell Miniport Driver
O42 - Logiciel: Mass Effect
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Multimedia Launcher
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: NVIDIA Performance Drivers
O42 - Logiciel: NVIDIA nView Desktop Manager
O42 - Logiciel: Nero OEM
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PIF DESIGNER
O42 - Logiciel: PowerDVD
O42 - Logiciel: Python 2.6.2
O42 - Logiciel: QuickTime
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software
O42 - Logiciel: SAMSUNG Mobile USB Modem Software
O42 - Logiciel: Samsung PC Studio
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: Segoe UI
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: SoundMAX
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: Steam
O42 - Logiciel: Supreme Commander
O42 - Logiciel: TmNationsForever
O42 - Logiciel: Tunatic
O42 - Logiciel: TurboV
O42 - Logiciel: UDPixel.exe
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
O42 - Logiciel: VLC media player 1.0.2
O42 - Logiciel: Vodafone 804SS USB driver Software
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130)
O42 - Logiciel: Windows Internet Explorer 8
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: iTunes
O42 - Logiciel: marvell 61xx

---\\
O44 - LFC:Last File Created 04/11/2009 - 21:39:04 ---A- C:\WINDOWS\KB975467.log
O44 - LFC:Last File Created 04/11/2009 - 21:39:13 ---A- C:\WINDOWS\KB954154.log
O44 - LFC:Last File Created 04/11/2009 - 21:39:18 ---A- C:\WINDOWS\msxml4-KB954430-enu.LOG
O44 - LFC:Last File Created 04/11/2009 - 21:39:22 ---A- C:\WINDOWS\KB973525.log
O44 - LFC:Last File Created 04/11/2009 - 21:39:26 ---A- C:\WINDOWS\KB971961-IE8.log
O44 - LFC:Last File Created 04/11/2009 - 21:39:32 ---A- C:\WINDOWS\KB971486.log
O44 - LFC:Last File Created 04/11/2009 - 21:39:36 ---A- C:\WINDOWS\KB952069.log
O44 - LFC:Last File Created 04/11/2009 - 21:39:52 ---A- C:\WINDOWS\KB939683.log
O44 - LFC:Last File Created 04/11/2009 - 21:40:00 ---A- C:\WINDOWS\setupapi.log.0.old
O44 - LFC:Last File Created 04/11/2009 - 21:40:04 ---A- C:\WINDOWS\KB929399.log
O44 - LFC:Last File Created 04/11/2009 - 21:40:19 ---A- C:\WINDOWS\KB973540.log
O44 - LFC:Last File Created 04/11/2009 - 21:40:29 ---A- C:\WINDOWS\System32\lvcoinst.log
O44 - LFC:Last File Created 04/11/2009 - 21:40:31 ---A- C:\WINDOWS\KB941569.log
O44 - LFC:Last File Created 04/11/2009 - 21:40:35 ---A- C:\WINDOWS\KB974571.log
O44 - LFC:Last File Created 04/11/2009 - 21:40:38 ---A- C:\WINDOWS\KB975025.log
O44 - LFC:Last File Created 04/11/2009 - 21:40:41 ---A- C:\WINDOWS\KB956844.log
O44 - LFC:Last File Created 04/11/2009 - 21:40:49 ---A- C:\WINDOWS\KB974112.log
O44 - LFC:Last File Created 04/11/2009 - 21:40:52 ---A- C:\WINDOWS\KB954155.log
O44 - LFC:Last File Created 04/11/2009 - 21:40:58 ---A- C:\WINDOWS\KB961503.log
O44 - LFC:Last File Created 04/11/2009 - 21:41:01 ---A- C:\WINDOWS\KB968816.log
O44 - LFC:Last File Created 04/11/2009 - 21:41:06 ---A- C:\WINDOWS\KB969059.log
O44 - LFC:Last File Created 04/11/2009 - 21:42:04 ---A- C:\WINDOWS\KB958869.log
O44 - LFC:Last File Created 04/11/2009 - 21:42:23 ---A- C:\WINDOWS\KB974455-IE8.log
O44 - LFC:Last File Created 05/11/2009 - 18:36:21 ---A- C:\WINDOWS\System32\MRT.exe
O44 - LFC:Last File Created 05/11/2009 - 21:00:32 ---A- C:\WINDOWS\KB976749-IE8.log
O44 - LFC:Last File Created 06/11/2009 - 17:13:50 ---A- C:\WINDOWS\spupdsvc.log
O44 - LFC:Last File Created 06/11/2009 - 21:00:46 ---A- C:\WINDOWS\KB961118.log
O44 - LFC:Last File Created 07/11/2009 - 12:12:01 ---A- C:\WINDOWS\System32\PerfStringBackup.INI
O44 - LFC:Last File Created 07/11/2009 - 12:12:02 ---A- C:\WINDOWS\System32\perfc009.dat
O44 - LFC:Last File Created 07/11/2009 - 12:12:02 ---A- C:\WINDOWS\System32\perfc00C.dat
O44 - LFC:Last File Created 07/11/2009 - 12:12:02 ---A- C:\WINDOWS\System32\perfh009.dat
O44 - LFC:Last File Created 07/11/2009 - 12:12:02 ---A- C:\WINDOWS\System32\perfh00C.dat
O44 - LFC:Last File Created 07/11/2009 - 12:12:12 ---A- C:\WINDOWS\System32\jupdate-1.6.0_17-b04.log
O44 - LFC:Last File Created 07/11/2009 - 19:06:45 ---A- C:\WINDOWS\CDE RX700FGD.ini
O44 - LFC:Last File Created 07/11/2009 - 19:07:07 ---A- C:\WINDOWS\EPSMTL32.TXT
O44 - LFC:Last File Created 07/11/2009 - 19:08:01 ---A- C:\WINDOWS\EPSTPLOG.TXT
O44 - LFC:Last File Created 07/11/2009 - 19:14:59 ---A- C:\WINDOWS\DEBUGSM.INI
O44 - LFC:Last File Created 10/11/2009 - 23:08:24 ---A- C:\WINDOWS\System32\QuickTime.qts
O44 - LFC:Last File Created 10/11/2009 - 23:08:24 ---A- C:\WINDOWS\System32\QuickTimeVR.qtx
O44 - LFC:Last File Created 11/11/2009 - 00:14:12 ---A- C:\WINDOWS\KB969947.log
O44 - LFC:Last File Created 15/11/2009 - 14:14:58 ---A- C:\WINDOWS\DirectX.log
O44 - LFC:Last File Created 15/11/2009 - 19:00:04 ---A- C:\WINDOWS\wmsetup.log
O44 - LFC:Last File Created 18/11/2009 - 21:39:40 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 24/11/2009 - 22:12:53 ---A- C:\WINDOWS\msxml4-KB973688-enu.LOG
O44 - LFC:Last File Created 24/11/2009 - 22:13:08 ---A- C:\WINDOWS\updspapi.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:23 ---A- C:\WINDOWS\KB973687.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:23 ---A- C:\WINDOWS\imsins.BAK
O44 - LFC:Last File Created 24/11/2009 - 22:13:29 ---A- C:\WINDOWS\msmqinst.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:36 ---A- C:\WINDOWS\FaxSetup.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:36 ---A- C:\WINDOWS\msgsocm.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:38 ---A- C:\WINDOWS\MedCtrOC.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:38 ---A- C:\WINDOWS\System32\TZLog.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:38 ---A- C:\WINDOWS\netfxocm.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:38 ---A- C:\WINDOWS\ocgen.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:39 ---A- C:\WINDOWS\KB976098-v2.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:39 ---A- C:\WINDOWS\comsetup.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:39 ---A- C:\WINDOWS\iis6.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:39 ---A- C:\WINDOWS\imsins.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:39 ---A- C:\WINDOWS\ntdtcsetup.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:39 ---A- C:\WINDOWS\ocmsn.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:39 ---A- C:\WINDOWS\tabletoc.log
O44 - LFC:Last File Created 24/11/2009 - 22:13:39 ---A- C:\WINDOWS\tsoc.log
O44 - LFC:Last File Created 24/11/2009 - 22:14:01 ---A- C:\WINDOWS\setupapi.log
O44 - LFC:Last File Created 28/11/2009 - 14:07:32 ---A- C:\WINDOWS\system.ini
O44 - LFC:Last File Created 28/11/2009 - 14:07:32 ---A- C:\WINDOWS\win.ini
O44 - LFC:Last File Created 28/11/2009 - 14:07:32 -SH-- C:\boot.ini
O44 - LFC:Last File Created 28/11/2009 - 14:07:41 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 28/11/2009 - 14:09:05 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 28/11/2009 - 14:09:10 ---A- C:\WINDOWS\System32\NvwsApps.xml
O44 - LFC:Last File Created 28/11/2009 - 14:09:24 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 28/11/2009 - 14:09:26 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 28/11/2009 - 14:09:31 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 28/11/2009 - 14:09:36 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 28/11/2009 - 14:10:24 ---A- C:\WINDOWS\WindowsUpdate.log

---\\
O51 - MPSK:{c4df4c04-aab2-11de-a9f4-806d6172696f}\Shell\AutoRun\command - F:\BlueBirds.exe

---\\
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: GenProc

End of the scan: 360 lines

----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------

~~ Fin à 14:48:56 ~~
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
Ret
 
et voila l'analyse demander:

MD5: 40fdf3546b2dd93413c2223169683979
First received: 2009.03.25 01:23:34 UTC
Date 2009.07.13 18:05:48 UTC [>137D]
Résultats 0/41
Permalink: analisis/bcddb9e611ebc7c16e4d0df68ae59eb7bc1d792e269bde8707d665d510bae697-1247508348
0
Réponse 6 / 10
Narco!4 Messages postés 2446 Statut Contributeur 467
 
[*] Télécharge combofix (sUBs) http://download.bleepingcomputer.com/sUBs/ComboFix.exe sur ton Bureau
[*] Double clique combofix.exe et suis les instructions.
[*] Installe la console de récupération si proposé et continue.
[*] Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt
0
Ret
 
La je suis connecter avec un autre support : c'est rester sur la demande de redémarrage ... Je peux ouvrir le gestionnaire , je m'en sert pour redémarrer??
0
Réponse 7 / 10
Narco!4 Messages postés 2446 Statut Contributeur 467
 
oui
0
Réponse 8 / 10
Ret
 
Voici les rapports : (j'ai relancé combofix une deuxième fois car lors de la première exécution il n'avait pas pu télécharger la console de récupération.) :

1er (sans console) :

ComboFix 09-11-27.07 - 1 28/11/2009 15:09.1.8 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3063.2665 [GMT 1:00]
Lancé depuis: c:\documents and settings\1\Mes documents\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-10-28 au 2009-11-28 ))))))))))))))))))))))))))))))))))))
.

2009-11-28 13:36 . 2009-11-28 13:47 -------- d-----w- C:\GenProc
2009-11-28 12:52 . 2009-11-28 13:10 -------- d-----w- C:\Hijackthis
2009-11-28 12:36 . 2009-11-28 12:37 -------- d-----w- c:\program files\CleanUp!
2009-11-28 12:36 . 2009-11-28 12:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-28 12:36 . 2009-11-28 12:40 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-23 21:18 . 2009-11-23 23:38 -------- d-----w- c:\documents and settings\1\Application Data\Apple Computer
2009-11-23 21:18 . 2009-05-18 13:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-11-23 21:18 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-11-23 21:17 . 2009-11-23 21:17 -------- d-----w- c:\program files\iPod
2009-11-23 21:17 . 2009-11-23 21:18 -------- d-----w- c:\program files\iTunes
2009-11-23 21:17 . 2009-11-23 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-23 21:17 . 2009-11-23 21:17 -------- d-----w- c:\program files\Bonjour
2009-11-23 21:15 . 2009-11-23 21:15 -------- d-----w- c:\program files\QuickTime
2009-11-23 21:15 . 2009-11-23 21:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-11-23 21:15 . 2009-11-23 21:15 -------- d-----w- c:\documents and settings\1\Local Settings\Application Data\Apple
2009-11-23 21:15 . 2009-11-23 21:15 -------- d-----w- c:\program files\Apple Software Update
2009-11-23 21:15 . 2009-08-28 18:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-11-23 21:15 . 2009-08-28 18:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-11-23 21:14 . 2009-11-23 23:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-11-23 21:14 . 2009-11-23 21:17 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-11-23 21:13 . 2009-11-23 23:36 -------- d-----w- c:\documents and settings\1\Local Settings\Application Data\Apple Computer
2009-11-20 18:32 . 2009-11-20 18:32 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-20 18:32 . 2009-11-22 19:41 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-11-20 18:31 . 2009-11-23 23:17 -------- d-----w- c:\documents and settings\1\Application Data\DAEMON Tools Lite
2009-11-20 18:31 . 2009-11-20 18:31 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-11-19 19:42 . 2009-11-19 19:42 -------- d-----w- c:\documents and settings\1\Local Settings\Application Data\Identities
2009-11-17 17:54 . 2009-11-17 17:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2009-11-17 17:54 . 2009-11-17 17:54 -------- d-----w- c:\program files\Fichiers communs\Adobe Systems Shared
2009-11-15 13:28 . 2009-11-15 13:28 81920 ----a-w- c:\documents and settings\1\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\acaddin\connecthook.dll
2009-11-15 13:28 . 2009-11-15 13:28 190976 ----a-w- c:\documents and settings\1\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\acaddin\connectsprd.dll
2009-11-15 13:28 . 2009-11-15 13:28 4183224 ----a-w- c:\documents and settings\1\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\acaddin\acaddin.exe
2009-11-15 12:52 . 2009-11-15 12:52 -------- d-----w- c:\program files\7-Zip
2009-11-14 13:41 . 2009-11-19 20:07 -------- d-----w- c:\program files\Garena
2009-11-12 16:07 . 2009-11-12 16:07 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-07 18:14 . 2009-11-23 19:48 -------- d-----w- c:\documents and settings\1\Application Data\EPSON
2009-11-07 18:11 . 2009-11-07 18:11 -------- d-----w- c:\program files\EPSON Print CD
2009-11-07 18:09 . 2009-11-07 18:13 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL
2009-11-07 18:06 . 2009-11-07 18:11 -------- d-----w- c:\program files\EPSON
2009-11-07 18:06 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-11-07 18:06 . 2004-09-30 05:06 79686 ----a-w- c:\windows\system32\E_FLM9IE.DLL
2009-11-07 18:06 . 2003-05-21 02:27 64000 ----a-w- c:\windows\system32\E_FBCB9IE.DLL
2009-11-07 18:06 . 2000-06-07 01:01 34304 ----a-w- c:\windows\system32\E_FBCH9IE.DLL
2009-11-07 18:05 . 2008-04-13 10:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-11-07 18:05 . 2008-04-13 10:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-11-07 18:05 . 2008-04-13 10:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-11-07 18:05 . 2008-04-13 10:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-11-07 18:05 . 2003-06-30 23:00 46080 ----a-w- c:\windows\system32\escimgd.dll
2009-11-07 18:05 . 2003-06-30 23:00 29696 ----a-w- c:\windows\system32\escwiad.dll
2009-11-07 18:05 . 2003-06-30 23:00 22528 ----a-w- c:\windows\system32\esccmd.dll
2009-11-07 11:11 . 2009-11-07 11:11 152576 ----a-w- c:\documents and settings\1\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-07 11:11 . 2009-11-07 11:11 79488 ----a-w- c:\documents and settings\1\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-05 23:58 . 2009-11-05 23:58 -------- d-----w- c:\windows\system32\XPSViewer
2009-11-05 23:58 . 2009-11-05 23:58 -------- d-----w- c:\program files\MSBuild
2009-11-05 23:58 . 2009-11-05 23:58 -------- d-----w- c:\program files\Reference Assemblies
2009-11-05 23:57 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-11-05 23:57 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-11-05 23:57 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-11-05 23:57 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-11-05 23:57 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-11-05 23:57 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-11-05 23:57 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-11-05 17:20 . 2009-11-05 17:20 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-11-04 20:49 . 2009-11-04 20:49 -------- d-----w- c:\windows\Sun
2009-11-04 20:40 . 2009-11-04 20:40 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-11-04 20:40 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-11-04 20:39 . 2009-11-04 20:39 -------- d-----w- c:\program files\MSXML 4.0

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-28 18:10 . 2009-10-27 23:20 -------- d-----w- c:\program files\Steam
2009-11-28 13:09 . 2009-09-26 15:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-11-28 10:28 . 2009-11-14 14:11 -------- d-----w- c:\documents and settings\1\Application Data\LimeWire
2009-11-25 23:24 . 2009-09-30 20:58 -------- d-----w- c:\documents and settings\1\Application Data\vlc
2009-11-21 10:08 . 2009-10-07 16:24 -------- d-----w- c:\documents and settings\1\Application Data\Skype
2009-11-21 07:09 . 2009-10-07 16:25 -------- d-----w- c:\documents and settings\1\Application Data\skypePM
2009-11-17 18:32 . 2009-08-27 15:30 12912 ----a-w- c:\documents and settings\1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-17 17:58 . 2009-08-27 15:32 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-11-16 21:08 . 2009-10-15 17:19 -------- d-----w- c:\program files\Logitech
2009-11-09 21:53 . 2009-09-30 21:12 -------- d-----w- c:\documents and settings\1\Application Data\dvdcss
2009-11-07 18:15 . 2009-08-27 15:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-07 18:14 . 2009-08-27 15:13 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-11-07 11:12 . 2009-10-27 23:22 -------- d-----w- c:\program files\Java
2009-11-07 11:12 . 2008-04-14 12:00 80748 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-07 11:12 . 2008-04-14 12:00 500900 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-05 17:19 . 2009-09-26 10:18 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-04 22:39 . 2009-10-28 00:15 -------- d-----w- c:\documents and settings\All Users\Application Data\TrackMania
2009-10-29 14:14 . 2009-10-29 14:14 -------- d-----w- c:\program files\Zone Labs
2009-10-28 22:43 . 2009-10-28 22:43 1961720 ----a-w- c:\documents and settings\1\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-10-28 16:46 . 2009-10-15 17:10 -------- d-----w- c:\program files\Fichiers communs\logishrd
2009-10-27 23:44 . 2009-10-27 23:42 -------- d-----w- c:\documents and settings\1\Application Data\Teeworlds
2009-10-27 23:23 . 2009-10-27 23:21 -------- d-----w- c:\program files\LimeWire
2009-10-27 23:22 . 2009-10-27 23:22 152576 ----a-w- c:\documents and settings\1\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2009-10-24 22:04 . 2009-10-24 21:47 -------- d-----w- c:\program files\Mass Effect
2009-10-24 22:04 . 2009-10-24 17:21 -------- d-----w- c:\program files\Fichiers communs\BioWare
2009-10-24 18:26 . 2009-08-27 15:21 -------- d-----w- c:\program files\NVIDIA Corporation
2009-10-24 18:26 . 2009-10-24 18:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-10-24 18:08 . 2009-10-24 18:08 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-10-24 17:45 . 2009-09-26 10:32 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-10-17 11:41 . 2009-10-17 11:39 -------- d-----w- c:\documents and settings\1\Application Data\U3
2009-10-15 18:08 . 2009-10-15 18:08 -------- d-----w- c:\documents and settings\1\Application Data\Logitech
2009-10-15 18:08 . 2009-10-15 18:08 10134 ----a-r- c:\documents and settings\1\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2009-10-15 18:08 . 2009-10-15 18:08 -------- d-----w- c:\program files\Fichiers communs\LogiShared
2009-10-15 18:06 . 2009-10-15 18:06 10134 ----a-r- c:\documents and settings\1\Application Data\Microsoft\Installer\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ARPPRODUCTICON.exe
2009-10-15 18:06 . 2009-10-15 18:06 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-10-15 18:06 . 2009-10-15 18:06 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-10-15 18:06 . 2009-10-15 18:06 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-10-15 18:06 . 2009-10-15 18:05 -------- d-----w- c:\program files\Fichiers communs\Logitech
2009-10-15 18:05 . 2009-10-15 18:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
2009-10-15 18:05 . 2009-10-15 18:05 10134 ----a-r- c:\documents and settings\1\Application Data\Microsoft\Installer\{56918C0C-0D87-4CA6-92BF-4975A43AC719}\ARPPRODUCTICON.exe
2009-10-15 18:04 . 2009-10-15 17:19 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd
2009-10-15 17:02 . 2009-10-15 17:02 119808 ----a-w- c:\windows\lsb_un20.exe
2009-10-15 17:02 . 2009-10-15 17:02 -------- d-----w- c:\program files\Tunatic
2009-10-15 16:47 . 2009-10-15 16:20 -------- d-----w- c:\program files\UDPixel
2009-10-14 16:56 . 2009-09-26 15:53 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-14 16:56 . 2009-09-26 15:53 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-11 03:17 . 2009-10-27 23:23 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-09 16:33 . 2009-10-09 16:33 -------- d-----w- c:\program files\Samsung
2009-10-07 16:25 . 2009-10-07 16:25 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-07 16:24 . 2009-10-07 16:24 -------- d-----w- c:\program files\Fichiers communs\Skype
2009-10-07 16:24 . 2009-10-07 16:24 -------- d-----r- c:\program files\Skype
2009-10-07 16:24 . 2009-10-07 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-05 22:11 . 2009-10-05 22:11 -------- d--h--r- c:\documents and settings\1\Application Data\SecuROM
2009-09-30 20:42 . 2009-09-30 20:42 -------- d-----w- c:\program files\VideoLAN
2009-09-29 21:22 . 2009-09-29 21:22 -------- d-----w- c:\program files\Windows Media Connect 2
2009-09-29 18:48 . 2009-09-29 18:48 -------- d-----w- c:\documents and settings\1\Application Data\Blender Foundation
2009-09-29 18:47 . 2009-09-29 18:47 -------- d-----w- c:\program files\Blender Foundation
2009-09-29 17:34 . 2009-08-27 14:55 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-26 10:07 . 2009-09-26 10:07 932368 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-09-26 10:07 . 2009-09-26 10:07 678416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-09-26 10:07 . 2009-09-26 10:07 604688 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-09-26 10:07 . 2009-09-26 10:07 522768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-09-26 10:07 . 2009-09-26 10:07 1096208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-09-26 10:07 . 2009-05-24 13:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-09-26 10:07 . 2009-09-26 10:07 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-09-26 10:07 . 2009-09-26 10:07 59920 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2009-09-26 10:07 . 2009-09-26 10:07 264720 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2009-09-26 10:06 . 2009-09-26 10:06 296976 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\5.1\klif.sys
2009-09-26 10:06 . 2009-09-26 10:06 128016 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\kl1.sys
2009-09-26 09:55 . 2009-09-26 09:55 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-09-12 23:31 . 2009-10-24 18:25 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-12 23:31 . 2009-10-24 18:25 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-12 23:31 . 2009-10-24 18:25 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-12 23:31 . 2009-08-27 15:20 485992 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-12 23:31 . 2009-03-17 16:09 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-12 23:31 . 2009-03-17 16:09 7653184 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-12 23:31 . 2009-03-17 16:09 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-12 23:31 . 2009-03-17 16:09 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-12 23:31 . 2009-03-17 16:09 155648 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-12 23:31 . 2009-03-17 16:09 155648 ----a-w- c:\windows\system32\nvcod.dll
2009-09-12 23:31 . 2009-03-17 16:09 10756096 ----a-w- c:\windows\system32\nvoglnt.dll
2009-09-12 17:11 . 2009-09-12 17:11 2505320 ----a-w- c:\windows\system32\nvcpluir.dll
2009-09-12 17:11 . 2009-09-12 17:11 2173544 ----a-w- c:\windows\system32\nvcplui.exe
2009-09-11 14:18 . 2008-04-14 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-09 12:21 . 2009-08-27 15:19 485992 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-09-04 21:04 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 15:44 . 2009-10-07 16:53 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 15:44 . 2009-10-07 16:53 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 15:44 . 2009-10-07 16:53 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-09-04 15:29 . 2009-10-07 16:53 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-09-04 15:29 . 2009-10-07 16:53 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-09-04 15:29 . 2009-10-07 16:53 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-09-04 15:29 . 2009-10-07 16:53 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-09-04 15:29 . 2009-10-07 16:53 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2004-10-01 13:00 . 2009-08-27 15:31 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam\Steam.exe" [2009-10-27 1217808]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo RX700 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9IE.EXE" [2004-11-10 98304]
"TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2008-10-21 4040192]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-14 1040384]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-12 13918208]
"avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-04-11 56080]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-10-15 692224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^1^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
path=c:\documents and settings\1\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^1^Menu Démarrer^Programmes^Démarrage^LimeWire On Startup.lnk]
path=c:\documents and settings\1\Menu Démarrer\Programmes\Démarrage\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPod Service"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
"Adobe LM Service"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"=
"c:\\Program Files\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"=
"c:\\Program Files\\Mass Effect\\Binaries\\MassEffect.exe"=
"c:\\Program Files\\Mass Effect\\MassEffectLauncher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 19:41 33808]
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [23/06/2008 23:21 150568]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/11/2009 19:32 691696]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [19/07/2009 22:55 4446752]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 16:46 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 19:59 19472]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [27/08/2009 16:16 86016]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\1\LOCALS~1\Temp\APY130F.tmp --> c:\docume~1\1\LOCALS~1\Temp\APY130F.tmp [?]
.
Contenu du dossier 'Tâches planifiées'

2009-11-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-11-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1482476501-1801674531-1003Core.job
- c:\documents and settings\1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-26 09:58]

2009-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1482476501-1801674531-1003UA.job
- c:\documents and settings\1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-26 09:58]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-PowerBar - (no file)
AddRemove-Guild Wars - g:\sauvegardes\Program Files\GUILD WARS\Gw.exe
AddRemove-NVIDIA Drivers - c:\windows\system32\nvuninst.exe UninstallGUI
AddRemove-NVIDIA nView Desktop Manager - c:\program files\NVIDIA Corporation\nView\nViewSetup.exe
AddRemove-Steam App 10 - c:\program files\Steam\steam.exe steam://uninstall/10
AddRemove-Steam App 590 - c:\program files\Steam\steam.exe steam://uninstall/590

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-28 19:10
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
PowerBar = ????????????l?@?l?@?D?????:~????????????&?:~l?@?l?@????? ?????????????<~0?:~????&?:~?x:~x????????x:~???????? ???????????s??|x???0???????????Q?jtA?:~?????????????????!??????P???????l?@?l?@?????zw:~????t?@?????l?@?8?@?l?@?3??s????????????????????8?@?_??s8?@?8?@

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\1\LOCALS~1\Temp\APY130F.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1957994488-1482476501-1801674531-1003\Software\SecuROM\License information*]
"datasecu"=hex:c3,4a,6d,01,95,c0,96,3b,4b,18,0c,bb,4b,0b,35,f6,1c,ae,76,15,b5,
b1,a5,8e,0e,14,59,36,d3,fe,4e,11,00,22,7d,6a,e2,7f,b1,bb,b3,f9,89,aa,bc,58,\
"rkeysecu"=hex:4b,23,69,1d,9e,b1,65,71,ff,ae,4b,6d,49,5c,e0,0a
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(2220)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
.
**************************************************************************
.
Heure de fin: 2009-11-28 19:12 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-28 18:12

Avant-CF: 955 681 153 024 octets libres
Après-CF: 956 599 230 464 octets libres

- - End Of File - - 35093AFE090B9996A640F4C5C5C96290

2eme (avec console) :

ComboFix 09-11-28.03 - 1 29/11/2009 10:54.2.8 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3063.2537 [GMT 1:00]
Lancé depuis: c:\documents and settings\1\Mes documents\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-10-28 au 2009-11-29 ))))))))))))))))))))))))))))))))))))
.

2009-11-28 13:36 . 2009-11-28 13:47 -------- d-----w- C:\GenProc
2009-11-28 12:52 . 2009-11-28 13:10 -------- d-----w- C:\Hijackthis
2009-11-28 12:36 . 2009-11-28 12:37 -------- d-----w- c:\program files\CleanUp!
2009-11-28 12:36 . 2009-11-28 12:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-28 12:36 . 2009-11-28 12:40 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-23 21:18 . 2009-11-23 23:38 -------- d-----w- c:\documents and settings\1\Application Data\Apple Computer
2009-11-23 21:18 . 2009-05-18 13:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-11-23 21:18 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-11-23 21:17 . 2009-11-23 21:17 -------- d-----w- c:\program files\iPod
2009-11-23 21:17 . 2009-11-23 21:18 -------- d-----w- c:\program files\iTunes
2009-11-23 21:17 . 2009-11-23 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-23 21:17 . 2009-11-23 21:17 -------- d-----w- c:\program files\Bonjour
2009-11-23 21:15 . 2009-11-23 21:15 -------- d-----w- c:\program files\QuickTime
2009-11-23 21:15 . 2009-11-23 21:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-11-23 21:15 . 2009-11-23 21:15 -------- d-----w- c:\documents and settings\1\Local Settings\Application Data\Apple
2009-11-23 21:15 . 2009-11-23 21:15 -------- d-----w- c:\program files\Apple Software Update
2009-11-23 21:15 . 2009-08-28 18:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-11-23 21:15 . 2009-08-28 18:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-11-23 21:14 . 2009-11-23 23:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-11-23 21:14 . 2009-11-23 21:17 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-11-23 21:13 . 2009-11-23 23:36 -------- d-----w- c:\documents and settings\1\Local Settings\Application Data\Apple Computer
2009-11-20 18:32 . 2009-11-20 18:32 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-20 18:32 . 2009-11-22 19:41 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-11-20 18:31 . 2009-11-23 23:17 -------- d-----w- c:\documents and settings\1\Application Data\DAEMON Tools Lite
2009-11-20 18:31 . 2009-11-20 18:31 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-11-19 19:42 . 2009-11-19 19:42 -------- d-----w- c:\documents and settings\1\Local Settings\Application Data\Identities
2009-11-17 17:54 . 2009-11-17 17:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2009-11-17 17:54 . 2009-11-17 17:54 -------- d-----w- c:\program files\Fichiers communs\Adobe Systems Shared
2009-11-15 13:28 . 2009-11-15 13:28 81920 ----a-w- c:\documents and settings\1\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\acaddin\connecthook.dll
2009-11-15 13:28 . 2009-11-15 13:28 190976 ----a-w- c:\documents and settings\1\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\acaddin\connectsprd.dll
2009-11-15 13:28 . 2009-11-15 13:28 4183224 ----a-w- c:\documents and settings\1\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\acaddin\acaddin.exe
2009-11-15 12:52 . 2009-11-15 12:52 -------- d-----w- c:\program files\7-Zip
2009-11-14 13:41 . 2009-11-19 20:07 -------- d-----w- c:\program files\Garena
2009-11-12 16:07 . 2009-11-12 16:07 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-07 18:14 . 2009-11-23 19:48 -------- d-----w- c:\documents and settings\1\Application Data\EPSON
2009-11-07 18:11 . 2009-11-07 18:11 -------- d-----w- c:\program files\EPSON Print CD
2009-11-07 18:09 . 2009-11-07 18:13 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL
2009-11-07 18:06 . 2009-11-07 18:11 -------- d-----w- c:\program files\EPSON
2009-11-07 18:06 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-11-07 18:06 . 2004-09-30 05:06 79686 ----a-w- c:\windows\system32\E_FLM9IE.DLL
2009-11-07 18:06 . 2003-05-21 02:27 64000 ----a-w- c:\windows\system32\E_FBCB9IE.DLL
2009-11-07 18:06 . 2000-06-07 01:01 34304 ----a-w- c:\windows\system32\E_FBCH9IE.DLL
2009-11-07 18:05 . 2008-04-13 10:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-11-07 18:05 . 2008-04-13 10:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-11-07 18:05 . 2008-04-13 10:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-11-07 18:05 . 2008-04-13 10:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-11-07 18:05 . 2003-06-30 23:00 46080 ----a-w- c:\windows\system32\escimgd.dll
2009-11-07 18:05 . 2003-06-30 23:00 29696 ----a-w- c:\windows\system32\escwiad.dll
2009-11-07 18:05 . 2003-06-30 23:00 22528 ----a-w- c:\windows\system32\esccmd.dll
2009-11-07 11:11 . 2009-11-07 11:11 152576 ----a-w- c:\documents and settings\1\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-07 11:11 . 2009-11-07 11:11 79488 ----a-w- c:\documents and settings\1\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-05 23:58 . 2009-11-05 23:58 -------- d-----w- c:\windows\system32\XPSViewer
2009-11-05 23:58 . 2009-11-05 23:58 -------- d-----w- c:\program files\MSBuild
2009-11-05 23:58 . 2009-11-05 23:58 -------- d-----w- c:\program files\Reference Assemblies
2009-11-05 23:57 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-11-05 23:57 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-11-05 23:57 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-11-05 23:57 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-11-05 23:57 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-11-05 23:57 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-11-05 23:57 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-11-05 17:20 . 2009-11-05 17:20 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-11-04 20:49 . 2009-11-04 20:49 -------- d-----w- c:\windows\Sun
2009-11-04 20:40 . 2009-11-04 20:40 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-11-04 20:40 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-11-04 20:39 . 2009-11-04 20:39 -------- d-----w- c:\program files\MSXML 4.0

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-29 09:50 . 2009-10-27 23:20 -------- d-----w- c:\program files\Steam
2009-11-29 09:49 . 2009-09-26 15:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-11-28 10:28 . 2009-11-14 14:11 -------- d-----w- c:\documents and settings\1\Application Data\LimeWire
2009-11-25 23:24 . 2009-09-30 20:58 -------- d-----w- c:\documents and settings\1\Application Data\vlc
2009-11-21 10:08 . 2009-10-07 16:24 -------- d-----w- c:\documents and settings\1\Application Data\Skype
2009-11-21 07:09 . 2009-10-07 16:25 -------- d-----w- c:\documents and settings\1\Application Data\skypePM
2009-11-17 18:32 . 2009-08-27 15:30 12912 ----a-w- c:\documents and settings\1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-17 17:58 . 2009-08-27 15:32 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-11-16 21:08 . 2009-10-15 17:19 -------- d-----w- c:\program files\Logitech
2009-11-09 21:53 . 2009-09-30 21:12 -------- d-----w- c:\documents and settings\1\Application Data\dvdcss
2009-11-07 18:15 . 2009-08-27 15:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-07 18:14 . 2009-08-27 15:13 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-11-07 11:12 . 2009-10-27 23:22 -------- d-----w- c:\program files\Java
2009-11-07 11:12 . 2008-04-14 12:00 80748 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-07 11:12 . 2008-04-14 12:00 500900 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-05 17:19 . 2009-09-26 10:18 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-04 22:39 . 2009-10-28 00:15 -------- d-----w- c:\documents and settings\All Users\Application Data\TrackMania
2009-10-29 14:14 . 2009-10-29 14:14 -------- d-----w- c:\program files\Zone Labs
2009-10-28 22:43 . 2009-10-28 22:43 1961720 ----a-w- c:\documents and settings\1\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-10-28 16:46 . 2009-10-15 17:10 -------- d-----w- c:\program files\Fichiers communs\logishrd
2009-10-27 23:44 . 2009-10-27 23:42 -------- d-----w- c:\documents and settings\1\Application Data\Teeworlds
2009-10-27 23:23 . 2009-10-27 23:21 -------- d-----w- c:\program files\LimeWire
2009-10-27 23:22 . 2009-10-27 23:22 152576 ----a-w- c:\documents and settings\1\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2009-10-24 22:04 . 2009-10-24 21:47 -------- d-----w- c:\program files\Mass Effect
2009-10-24 22:04 . 2009-10-24 17:21 -------- d-----w- c:\program files\Fichiers communs\BioWare
2009-10-24 18:26 . 2009-08-27 15:21 -------- d-----w- c:\program files\NVIDIA Corporation
2009-10-24 18:26 . 2009-10-24 18:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-10-24 18:08 . 2009-10-24 18:08 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-10-24 17:45 . 2009-09-26 10:32 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-10-17 11:41 . 2009-10-17 11:39 -------- d-----w- c:\documents and settings\1\Application Data\U3
2009-10-15 18:08 . 2009-10-15 18:08 -------- d-----w- c:\documents and settings\1\Application Data\Logitech
2009-10-15 18:08 . 2009-10-15 18:08 10134 ----a-r- c:\documents and settings\1\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2009-10-15 18:08 . 2009-10-15 18:08 -------- d-----w- c:\program files\Fichiers communs\LogiShared
2009-10-15 18:06 . 2009-10-15 18:06 10134 ----a-r- c:\documents and settings\1\Application Data\Microsoft\Installer\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ARPPRODUCTICON.exe
2009-10-15 18:06 . 2009-10-15 18:06 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-10-15 18:06 . 2009-10-15 18:06 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-10-15 18:06 . 2009-10-15 18:06 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-10-15 18:06 . 2009-10-15 18:05 -------- d-----w- c:\program files\Fichiers communs\Logitech
2009-10-15 18:05 . 2009-10-15 18:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
2009-10-15 18:05 . 2009-10-15 18:05 10134 ----a-r- c:\documents and settings\1\Application Data\Microsoft\Installer\{56918C0C-0D87-4CA6-92BF-4975A43AC719}\ARPPRODUCTICON.exe
2009-10-15 18:04 . 2009-10-15 17:19 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd
2009-10-15 17:02 . 2009-10-15 17:02 119808 ----a-w- c:\windows\lsb_un20.exe
2009-10-15 17:02 . 2009-10-15 17:02 -------- d-----w- c:\program files\Tunatic
2009-10-15 16:47 . 2009-10-15 16:20 -------- d-----w- c:\program files\UDPixel
2009-10-14 16:56 . 2009-09-26 15:53 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-14 16:56 . 2009-09-26 15:53 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-11 03:17 . 2009-10-27 23:23 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-09 16:33 . 2009-10-09 16:33 -------- d-----w- c:\program files\Samsung
2009-10-07 16:25 . 2009-10-07 16:25 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-07 16:24 . 2009-10-07 16:24 -------- d-----w- c:\program files\Fichiers communs\Skype
2009-10-07 16:24 . 2009-10-07 16:24 -------- d-----r- c:\program files\Skype
2009-10-07 16:24 . 2009-10-07 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-05 22:11 . 2009-10-05 22:11 -------- d--h--r- c:\documents and settings\1\Application Data\SecuROM
2009-09-30 20:42 . 2009-09-30 20:42 -------- d-----w- c:\program files\VideoLAN
2009-09-29 17:34 . 2009-08-27 14:55 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-26 10:07 . 2009-09-26 10:07 932368 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-09-26 10:07 . 2009-09-26 10:07 678416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-09-26 10:07 . 2009-09-26 10:07 604688 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-09-26 10:07 . 2009-09-26 10:07 522768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-09-26 10:07 . 2009-09-26 10:07 1096208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-09-26 10:07 . 2009-05-24 13:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-09-26 10:07 . 2009-09-26 10:07 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-09-26 10:07 . 2009-09-26 10:07 59920 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2009-09-26 10:07 . 2009-09-26 10:07 264720 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2009-09-26 10:06 . 2009-09-26 10:06 296976 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\5.1\klif.sys
2009-09-26 10:06 . 2009-09-26 10:06 128016 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\kl1.sys
2009-09-26 09:55 . 2009-09-26 09:55 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-09-12 23:31 . 2009-10-24 18:25 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-12 23:31 . 2009-10-24 18:25 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-12 23:31 . 2009-10-24 18:25 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-12 23:31 . 2009-08-27 15:20 485992 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-12 23:31 . 2009-03-17 16:09 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-12 23:31 . 2009-03-17 16:09 7653184 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-12 23:31 . 2009-03-17 16:09 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-12 23:31 . 2009-03-17 16:09 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-12 23:31 . 2009-03-17 16:09 155648 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-12 23:31 . 2009-03-17 16:09 155648 ----a-w- c:\windows\system32\nvcod.dll
2009-09-12 23:31 . 2009-03-17 16:09 10756096 ----a-w- c:\windows\system32\nvoglnt.dll
2009-09-12 17:11 . 2009-09-12 17:11 2505320 ----a-w- c:\windows\system32\nvcpluir.dll
2009-09-12 17:11 . 2009-09-12 17:11 2173544 ----a-w- c:\windows\system32\nvcplui.exe
2009-09-11 14:18 . 2008-04-14 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-09 12:21 . 2009-08-27 15:19 485992 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-09-04 21:04 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 15:44 . 2009-10-07 16:53 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 15:44 . 2009-10-07 16:53 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 15:44 . 2009-10-07 16:53 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-09-04 15:29 . 2009-10-07 16:53 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-09-04 15:29 . 2009-10-07 16:53 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-09-04 15:29 . 2009-10-07 16:53 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-09-04 15:29 . 2009-10-07 16:53 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-09-04 15:29 . 2009-10-07 16:53 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2004-10-01 13:00 . 2009-08-27 15:31 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-11-28_18.09.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-29 09:47 . 2009-11-29 09:47 16384 c:\windows\Temp\Perflib_Perfdata_140.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam\Steam.exe" [2009-10-27 1217808]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo RX700 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9IE.EXE" [2004-11-10 98304]
"TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2008-10-21 4040192]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-14 1040384]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-12 13918208]
"avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-04-11 56080]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-10-15 692224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^1^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
path=c:\documents and settings\1\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^1^Menu Démarrer^Programmes^Démarrage^LimeWire On Startup.lnk]
path=c:\documents and settings\1\Menu Démarrer\Programmes\Démarrage\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPod Service"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
"Adobe LM Service"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"=
"c:\\Program Files\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"=
"c:\\Program Files\\Mass Effect\\Binaries\\MassEffect.exe"=
"c:\\Program Files\\Mass Effect\\MassEffectLauncher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 19:41 33808]
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [23/06/2008 23:21 150568]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [19/07/2009 22:55 4446752]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 16:46 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 19:59 19472]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/11/2009 19:32 691696]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [27/08/2009 16:16 86016]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\1\LOCALS~1\Temp\APY130F.tmp --> c:\docume~1\1\LOCALS~1\Temp\APY130F.tmp [?]
.
Contenu du dossier 'Tâches planifiées'

2009-11-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1482476501-1801674531-1003Core.job
- c:\documents and settings\1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-26 09:58]

2009-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1482476501-1801674531-1003UA.job
- c:\documents and settings\1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-26 09:58]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
IE: Ajouter à l'Anti-bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-29 10:56
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\1\LOCALS~1\Temp\APY130F.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1957994488-1482476501-1801674531-1003\Software\SecuROM\License information*]
"datasecu"=hex:c3,4a,6d,01,95,c0,96,3b,4b,18,0c,bb,4b,0b,35,f6,1c,ae,76,15,b5,
b1,a5,8e,0e,14,59,36,d3,fe,4e,11,00,22,7d,6a,e2,7f,b1,bb,b3,f9,89,aa,bc,58,\
"rkeysecu"=hex:4b,23,69,1d,9e,b1,65,71,ff,ae,4b,6d,49,5c,e0,0a
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(2964)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2009-11-29 10:57
ComboFix-quarantined-files.txt 2009-11-29 09:57
ComboFix2.txt 2009-11-28 18:12

Avant-CF: 956 584 726 528 octets libres
Après-CF: 956 550 672 384 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

- - End Of File - - 964088B37F1FA1F157A7EB885AD37EFE
0
Réponse 9 / 10
Ret
 
PS : le 1.exe semble avoir disparu
0
Réponse 10 / 10
Narco!4 Messages postés 2446 Statut Contributeur 467
 
relance genproc
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses