A voir également:
- Le pc se fige
- Reinitialiser pc - Guide
- Pc lent - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Double ecran pc - Guide
- Forcer demarrage pc - Guide
3 réponses
Bonjour,
télécharge GenProc http://www.genproc.com/GenProc.exe
double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
télécharge GenProc http://www.genproc.com/GenProc.exe
double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
que dois je faire maintenant merci Rapport GenProc 2.655 [1] - 03/12/2009 à 13:30:11
@ Windows VISTA Service Pack 1 - HP-Pavilion - Mode normal
@ Internet Explorer 7.0.6001.18000 [Navigateur par défaut]
GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :
Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
~~~~ INFORMATION COMPLEMENTAIRE ~~~~
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-03 13:30:35
Windows 6.0.6001 Service Pack 1
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0011f60abf5c]
"001b33f60fe7"=hex:ca,66,c4,65,bc,c6,76,5d,f9,b0,e1,dd,4e,05,cd,4e
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0011f60abf5c]
"001b33f60fe7"=hex:ca,66,c4,65,bc,c6,76,5d,f9,b0,e1,dd,4e,05,cd,4e
scanning hidden registry entries ...
scan completed successfully
hidden services: 0
Rapport de ZHPDiag v1.24.35 par Nicolas Coolman
Run by Hp at 03/12/2009 13:33:31
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows Vista (TM) Home Premium (6.0.6001) Service Pack 1
MSIE: Internet Explorer v7.0.6001.18000
Boot mode: Normal (Normal boot)
Total RAM: 1014 MB (27% free)
System drive C: has 16 GB (31%) free of 50 GB
---\\
C:\Program Files\Windows Defender\MSASCui.exe
c:\hp\support\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Windows\system32\igfxtray.exe
C:\Windows\system32\hkcmd.exe
C:\Windows\system32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Windows\SMINST\launcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lsass.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\SearchIndexer.exe
---\\
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe
---\\
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
---\\
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;localhost
---\\
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program Files\SGPSA\mtwb3sh.dll
---\\
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.1\EasyGifAnimator_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
---\\
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.1\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
---\\
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - Global Startup: LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Outil de notification Live Search.lnk - C:\Users\Hp\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
---\\
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
---\\
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
---\\
O10 - WLSP:\000000000001\Winsock LSP File - C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File - C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File - C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File - C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File - C:\Program Files\Bonjour\mdnsNSP.dll
---\\
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
---\\
O20 - Winlogon Notify: igfxcui - C:\Windows\System32\igfxdev.dll
---\\
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll
---\\
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
---\\
O23 - Service: Ad-Aware 2007 Service (aawservice) - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! Antivirus) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
O23 - Service: Google Software Updater (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
---\\
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
---\\
O41 - Driver: Ancilliary Function Driver for Winsock (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de la classe Clavier (kbdclass) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote de la classe Souris (mouclass) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NETBT (netbt) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: NSI proxy service (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: Remote Access Auto Connection Driver (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: Redirected Buffering Sub Sysytem (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: RDPCDD (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: RDP Encoder Mirror Driver (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - C:\WINDOWS\system32\DRIVERS\smb.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
---\\
O42 - Logiciel: 7-Zip 4.42
O42 - Logiciel: Ad-Aware 2007
O42 - Logiciel: Ad-Remover By C_XX
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 7.0.8 - Français
O42 - Logiciel: Adobe Shockwave Player
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: AviSynth 2.5
O42 - Logiciel: Bonjour
O42 - Logiciel: DIZZY
O42 - Logiciel: EA Download Manager
O42 - Logiciel: Easy Gif Animator Extension
O42 - Logiciel: Extension de Windows Live Toolbar (Windows Live Toolbar)
O42 - Logiciel: Fast Browser Search (My Web Tattoo)
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: HP Customer Experience Enhancements
O42 - Logiciel: HP Easy Setup - Core
O42 - Logiciel: HP Easy Setup - Frontend
O42 - Logiciel: HP Picasso Media Center Add-In
O42 - Logiciel: HP Update
O42 - Logiciel: Inkscape 0.45.1
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: Intel(R) Matrix Storage Manager
O42 - Logiciel: Intel(R) Network Connections Drivers
O42 - Logiciel: Java(TM) 6 Update 12
O42 - Logiciel: Java(TM) 6 Update 2
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: K-Lite Codec Pack 3.9.0 Standard
O42 - Logiciel: Les Sims™ 3
O42 - Logiciel: LimeWire 5.3.6
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: MSXML 4.0 SP2 (KB941833)
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Menus intelligents (Windows Live Toolbar)
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2003
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft WSE 3.0 Runtime
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Nero 8
O42 - Logiciel: OcxSetup
O42 - Logiciel: OpenOffice.org 2.3
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: Outils de diagnostic du matériel
O42 - Logiciel: Python 2.4.3
O42 - Logiciel: QuickTime
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: Roxio Creator Audio
O42 - Logiciel: Roxio Creator Basic v9
O42 - Logiciel: Roxio Creator Copy
O42 - Logiciel: Roxio Creator Data
O42 - Logiciel: Roxio Creator EasyArchive
O42 - Logiciel: Roxio Creator Tools
O42 - Logiciel: Roxio Express Labeler 3
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: Solution de clavier multimédia amélioré
O42 - Logiciel: Surligneur (Windows Live Toolbar)
O42 - Logiciel: VCRedistSetup
O42 - Logiciel: VideoLAN VLC media player 0.8.6c
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Favorites pour Windows Live Toolbar
O42 - Logiciel: Windows Live FolderShare
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Movie Maker
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: avast! Antivirus
O42 - Logiciel: iTunes
O42 - Logiciel: neroxml
---\\
O44 - LFC:Last File Created 02/12/2009 - 10:55:02 ---A- C:\Ad-Report-CLEAN[1].log
O44 - LFC:Last File Created 03/12/2009 - 11:11:03 -S-A- C:\Windows\bootstat.dat
O44 - LFC:Last File Created 03/12/2009 - 11:15:10 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:Last File Created 04/11/2009 - 16:35:51 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:Last File Created 04/11/2009 - 16:36:03 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:Last File Created 04/11/2009 - 16:36:03 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:Last File Created 04/11/2009 - 17:32:38 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:Last File Created 04/11/2009 - 17:32:39 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:Last File Created 06/11/2009 - 19:16:05 ---A- C:\Windows\DirectX.log
O44 - LFC:Last File Created 08/11/2009 - 22:12:42 ---A- C:\Windows\DUMP29cd.tmp
O44 - LFC:Last File Created 12/11/2009 - 14:06:23 ---A- C:\Windows\WININIT.INI
O44 - LFC:Last File Created 12/11/2009 - 14:08:18 ---A- C:\Windows\System32\Installer.log
O44 - LFC:Last File Created 15/11/2009 - 19:56:41 ---A- C:\Windows\ntbtlog.txt
O44 - LFC:Last File Created 24/11/2009 - 11:16:14 ---A- C:\Windows\PFRO.log
O44 - LFC:Last File Created 24/11/2009 - 11:35:02 ---A- C:\updatedatfix.log
O44 - LFC:Last File Created 26/11/2009 - 10:46:57 ---A- C:\Windows\setupact.log
O44 - LFC:Last File Created 26/11/2009 - 10:46:57 ---A- C:\Windows\setuperr.log
O44 - LFC:Last File Created 30/11/2009 - 12:36:33 ---A- C:\Ad-Report-SCAN[1].log
O44 - LFC:Last File Created 30/11/2009 - 16:38:56 ---A- C:\Ad-Report-SCAN[2].log
---\\
O51 - MPSK:{53a3871d-18f9-11dd-b36f-806e6f6e6963}\Shell\AutoRun\command - G:\Autorun.exe
---\\
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: GenProc
End of the scan: 303 lines
----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------
~~ Fin à 13:34:07 ~~
@ Windows VISTA Service Pack 1 - HP-Pavilion - Mode normal
@ Internet Explorer 7.0.6001.18000 [Navigateur par défaut]
GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :
Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
~~~~ INFORMATION COMPLEMENTAIRE ~~~~
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-03 13:30:35
Windows 6.0.6001 Service Pack 1
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0011f60abf5c]
"001b33f60fe7"=hex:ca,66,c4,65,bc,c6,76,5d,f9,b0,e1,dd,4e,05,cd,4e
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0011f60abf5c]
"001b33f60fe7"=hex:ca,66,c4,65,bc,c6,76,5d,f9,b0,e1,dd,4e,05,cd,4e
scanning hidden registry entries ...
scan completed successfully
hidden services: 0
Rapport de ZHPDiag v1.24.35 par Nicolas Coolman
Run by Hp at 03/12/2009 13:33:31
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows Vista (TM) Home Premium (6.0.6001) Service Pack 1
MSIE: Internet Explorer v7.0.6001.18000
Boot mode: Normal (Normal boot)
Total RAM: 1014 MB (27% free)
System drive C: has 16 GB (31%) free of 50 GB
---\\
C:\Program Files\Windows Defender\MSASCui.exe
c:\hp\support\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Windows\system32\igfxtray.exe
C:\Windows\system32\hkcmd.exe
C:\Windows\system32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Windows\SMINST\launcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lsass.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\SearchIndexer.exe
---\\
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe
---\\
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
---\\
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;localhost
---\\
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program Files\SGPSA\mtwb3sh.dll
---\\
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.1\EasyGifAnimator_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
---\\
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.1\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
---\\
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - Global Startup: LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Outil de notification Live Search.lnk - C:\Users\Hp\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
---\\
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
---\\
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
---\\
O10 - WLSP:\000000000001\Winsock LSP File - C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File - C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File - C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File - C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File - C:\Program Files\Bonjour\mdnsNSP.dll
---\\
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
---\\
O20 - Winlogon Notify: igfxcui - C:\Windows\System32\igfxdev.dll
---\\
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll
---\\
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
---\\
O23 - Service: Ad-Aware 2007 Service (aawservice) - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! Antivirus) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
O23 - Service: Google Software Updater (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
---\\
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
---\\
O41 - Driver: Ancilliary Function Driver for Winsock (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de la classe Clavier (kbdclass) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote de la classe Souris (mouclass) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NETBT (netbt) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: NSI proxy service (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: Remote Access Auto Connection Driver (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: Redirected Buffering Sub Sysytem (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: RDPCDD (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: RDP Encoder Mirror Driver (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - C:\WINDOWS\system32\DRIVERS\smb.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
---\\
O42 - Logiciel: 7-Zip 4.42
O42 - Logiciel: Ad-Aware 2007
O42 - Logiciel: Ad-Remover By C_XX
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 7.0.8 - Français
O42 - Logiciel: Adobe Shockwave Player
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: AviSynth 2.5
O42 - Logiciel: Bonjour
O42 - Logiciel: DIZZY
O42 - Logiciel: EA Download Manager
O42 - Logiciel: Easy Gif Animator Extension
O42 - Logiciel: Extension de Windows Live Toolbar (Windows Live Toolbar)
O42 - Logiciel: Fast Browser Search (My Web Tattoo)
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: HP Customer Experience Enhancements
O42 - Logiciel: HP Easy Setup - Core
O42 - Logiciel: HP Easy Setup - Frontend
O42 - Logiciel: HP Picasso Media Center Add-In
O42 - Logiciel: HP Update
O42 - Logiciel: Inkscape 0.45.1
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: Intel(R) Matrix Storage Manager
O42 - Logiciel: Intel(R) Network Connections Drivers
O42 - Logiciel: Java(TM) 6 Update 12
O42 - Logiciel: Java(TM) 6 Update 2
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: K-Lite Codec Pack 3.9.0 Standard
O42 - Logiciel: Les Sims™ 3
O42 - Logiciel: LimeWire 5.3.6
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: MSXML 4.0 SP2 (KB941833)
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Menus intelligents (Windows Live Toolbar)
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2003
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft WSE 3.0 Runtime
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Nero 8
O42 - Logiciel: OcxSetup
O42 - Logiciel: OpenOffice.org 2.3
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: Outils de diagnostic du matériel
O42 - Logiciel: Python 2.4.3
O42 - Logiciel: QuickTime
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: Roxio Creator Audio
O42 - Logiciel: Roxio Creator Basic v9
O42 - Logiciel: Roxio Creator Copy
O42 - Logiciel: Roxio Creator Data
O42 - Logiciel: Roxio Creator EasyArchive
O42 - Logiciel: Roxio Creator Tools
O42 - Logiciel: Roxio Express Labeler 3
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: Solution de clavier multimédia amélioré
O42 - Logiciel: Surligneur (Windows Live Toolbar)
O42 - Logiciel: VCRedistSetup
O42 - Logiciel: VideoLAN VLC media player 0.8.6c
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Favorites pour Windows Live Toolbar
O42 - Logiciel: Windows Live FolderShare
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Movie Maker
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: avast! Antivirus
O42 - Logiciel: iTunes
O42 - Logiciel: neroxml
---\\
O44 - LFC:Last File Created 02/12/2009 - 10:55:02 ---A- C:\Ad-Report-CLEAN[1].log
O44 - LFC:Last File Created 03/12/2009 - 11:11:03 -S-A- C:\Windows\bootstat.dat
O44 - LFC:Last File Created 03/12/2009 - 11:15:10 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:Last File Created 04/11/2009 - 16:35:51 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:Last File Created 04/11/2009 - 16:36:03 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:Last File Created 04/11/2009 - 16:36:03 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:Last File Created 04/11/2009 - 17:32:38 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:Last File Created 04/11/2009 - 17:32:39 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:Last File Created 06/11/2009 - 19:16:05 ---A- C:\Windows\DirectX.log
O44 - LFC:Last File Created 08/11/2009 - 22:12:42 ---A- C:\Windows\DUMP29cd.tmp
O44 - LFC:Last File Created 12/11/2009 - 14:06:23 ---A- C:\Windows\WININIT.INI
O44 - LFC:Last File Created 12/11/2009 - 14:08:18 ---A- C:\Windows\System32\Installer.log
O44 - LFC:Last File Created 15/11/2009 - 19:56:41 ---A- C:\Windows\ntbtlog.txt
O44 - LFC:Last File Created 24/11/2009 - 11:16:14 ---A- C:\Windows\PFRO.log
O44 - LFC:Last File Created 24/11/2009 - 11:35:02 ---A- C:\updatedatfix.log
O44 - LFC:Last File Created 26/11/2009 - 10:46:57 ---A- C:\Windows\setupact.log
O44 - LFC:Last File Created 26/11/2009 - 10:46:57 ---A- C:\Windows\setuperr.log
O44 - LFC:Last File Created 30/11/2009 - 12:36:33 ---A- C:\Ad-Report-SCAN[1].log
O44 - LFC:Last File Created 30/11/2009 - 16:38:56 ---A- C:\Ad-Report-SCAN[2].log
---\\
O51 - MPSK:{53a3871d-18f9-11dd-b36f-806e6f6e6963}\Shell\AutoRun\command - G:\Autorun.exe
---\\
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: GenProc
End of the scan: 303 lines
----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------
~~ Fin à 13:34:07 ~~
[*] Télécharge combofix (sUBs) http://download.bleepingcomputer.com/sUBs/ComboFix.exe sur ton Bureau
[*] Double clique combofix.exe et suis les instructions.
[*] Installe la console de récupération si proposé et continue.
[*] Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
[*] Double clique combofix.exe et suis les instructions.
[*] Installe la console de récupération si proposé et continue.
[*] Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
ComboFix 09-12-06.A1 - Hp 07/12/2009 11:30.1.1 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.1015.402 [GMT 1:00]
Lancé depuis: c:\users\Hp\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1169 [VPS 091206-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1169 [VPS 091206-1] *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-2008502711-283026248-2233356386-500
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\users\Hp\GenProc.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-07 au 2009-12-07 ))))))))))))))))))))))))))))))))))))
.
2009-12-07 10:46 . 2009-12-07 10:51 4096 d-----w- c:\users\Hp\AppData\Local\temp
2009-12-07 10:46 . 2009-12-07 10:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-03 14:10 . 2009-12-03 14:10 -------- d-----w- c:\program files\CCleaner
2009-12-03 12:30 . 2009-12-03 12:30 4096 dc----w- C:\GenProc
2009-11-30 10:54 . 2009-11-30 11:45 1305703 ----a-w- c:\users\Hp\AD-R.exe
2009-11-30 10:49 . 2009-12-02 09:55 -------- d-----w- c:\program files\Ad-Remover
2009-11-29 17:19 . 2009-11-29 17:19 -------- d-----w- c:\users\Hp\AppData\Local\Apps
2009-11-24 10:34 . 2009-11-25 12:32 4096 d-----w- c:\users\Hp\AppData\Roaming\HpUpdate
2009-11-24 10:34 . 2009-11-24 10:34 -------- d-----w- c:\windows\Hewlett-Packard
2009-11-24 09:29 . 2009-11-24 09:29 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb32C4.tmp.exe
2009-11-13 05:11 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-11-13 05:11 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-11-13 05:11 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-11-13 05:11 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-11-13 05:11 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-11-13 05:11 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-11-13 05:11 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-11-13 05:11 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-11-13 05:11 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-07 10:51 . 2008-05-09 15:22 8192 d-----w- c:\users\Hp\AppData\Roaming\LimeWire
2009-12-07 10:51 . 2008-05-07 13:05 -------- d-----w- c:\users\Hp\AppData\Roaming\OpenOffice.org2
2009-12-07 10:47 . 2008-05-13 17:06 12 ----a-w- c:\windows\bthservsdp.dat
2009-12-07 10:20 . 2009-05-07 19:32 4096 d-----w- c:\programdata\Google Updater
2009-12-03 10:19 . 2008-05-07 13:06 1 ----a-w- c:\users\Hp\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2009-12-02 09:41 . 2009-08-30 18:33 12288 ----a-w- c:\users\Public\mtwb.dat
2009-11-26 10:39 . 2006-12-05 08:13 -------- d-----w- c:\program files\HP
2009-11-23 17:40 . 2006-12-05 08:24 12288 d-----w- c:\program files\Common Files\Symantec Shared
2009-11-22 19:34 . 2008-06-02 17:39 -------- d-----w- c:\program files\Norton Security Scan
2009-11-15 18:51 . 2008-04-28 06:12 5892 ----a-w- c:\users\Hp\AppData\Local\d3d9caps.dat
2009-11-12 13:06 . 2006-12-05 08:07 4096 d--h--w- c:\program files\InstallShield Installation Information
2009-11-12 13:06 . 2008-05-16 19:48 -------- d-----w- c:\program files\Logitech
2009-11-08 21:12 . 2008-04-28 05:56 198211180 ----a-w- c:\windows\DUMP29cd.tmp
2009-11-06 18:20 . 2009-11-06 18:20 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-06 18:20 . 2008-05-09 15:04 4096 d-----w- c:\program files\Windows Live
2009-11-06 18:19 . 2008-05-09 15:12 8192 d-----w- c:\program files\Windows Live Toolbar
2009-11-06 18:18 . 2009-11-06 18:18 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-11-06 18:11 . 2009-11-06 18:11 -------- d-----w- c:\program files\Microsoft
2009-11-06 18:10 . 2009-11-06 18:10 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-11-06 18:00 . 2009-11-06 17:59 1164624 ----a-w- c:\users\Hp\wlsetup-custom.exe
2009-11-06 13:21 . 2009-11-06 13:21 -------- d-----w- c:\program files\Common Files\Windows Live
2009-11-04 16:32 . 2006-12-05 16:48 654486 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-04 16:32 . 2006-12-05 16:48 118474 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-02 19:42 . 2009-10-03 00:18 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 12:41 . 2008-05-10 14:54 4096 d-----w- c:\program files\MSN Games
2009-10-28 15:29 . 2009-08-16 17:20 8192 d-----w- c:\users\Hp\AppData\Roaming\Python-Eggs
2009-10-28 15:19 . 2008-05-09 15:22 28672 d-----w- c:\program files\LimeWire
2009-10-02 17:05 . 2008-12-11 11:51 688 ----a-w- c:\users\Hp\AppData\Roaming\wklnhst.dat
2009-10-02 08:37 . 2009-10-28 15:29 61952 ----a-w- c:\users\Hp\AppData\Roaming\Python-Eggs\elisa_plugin_ffmpeg-0.1.101-py2.5.egg-tmp\elisa\plugins\ffmpeg\gstreamer\libgstrmtpsrc.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 2153472]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 79224]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-25 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-25 133656]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-10 148888]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2008-06-02 178712]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-24 44136]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
c:\users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-9-30 503808]
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216]
Outil de notification Live Search.lnk - c:\users\Hp\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe [2008-7-22 143360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [06/05/2008 15:55 75856]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [06/05/2008 15:55 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [06/05/2008 15:55 50768]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\System32\drivers\netr73.sys [26/02/2008 08:17 493568]
S3 AVEOFilterDriver;AVEO Camera filter driver;c:\windows\System32\drivers\aveofilter.sys [15/04/2008 23:55 120448]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local;localhost
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-Easy Gif Animator Extension - c:\windows\EasyGifAnimator_Toolbar_Uninstaller_4973.exe _?=c:\program files\Easy Gif Animator Extension
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-07 11:49
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-3562070894-133776502-2678926322-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:11,dc,a7,ac,8e,1e,77,75,87,16,0a,74,58,2b,29,9f,01,5e,47,75,02,3f,d7,
43,7a,2a,a2,ae,f7,06,3c,40,02,bf,04,e3,6f,57,11,6d,dd,19,be,32,86,72,4c,3f,\
"??"=hex:32,20,11,00,1f,6d,30,d0,66,b4,45,10,6a,9f,e6,4e
[HKEY_USERS\S-1-5-21-3562070894-133776502-2678926322-1000\Software\SecuROM\License information*]
"datasecu"=hex:fa,94,10,7a,22,c7,a3,0b,4a,67,c9,9e,cf,7f,79,52,cc,18,91,92,79,
5d,3d,6e,07,53,64,08,41,36,e7,88,26,10,f7,c1,fa,db,42,95,34,d1,e3,e7,f2,92,\
"rkeysecu"=hex:c0,af,50,cf,20,f5,8b,38,d2,52,59,5e,f0,89,42,39
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'Explorer.exe'(3828)
c:\program files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\RtHDVCpl.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\users\Hp\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Heure de fin: 2009-12-07 12:02 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-07 11:01
Avant-CF: 15 781 888 000 octets libres
Après-CF: 15 483 674 624 octets libres
- - End Of File - - 0B69B4B05C83B279052858C865370A4C
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.1015.402 [GMT 1:00]
Lancé depuis: c:\users\Hp\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1169 [VPS 091206-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1169 [VPS 091206-1] *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-2008502711-283026248-2233356386-500
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\users\Hp\GenProc.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-07 au 2009-12-07 ))))))))))))))))))))))))))))))))))))
.
2009-12-07 10:46 . 2009-12-07 10:51 4096 d-----w- c:\users\Hp\AppData\Local\temp
2009-12-07 10:46 . 2009-12-07 10:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-03 14:10 . 2009-12-03 14:10 -------- d-----w- c:\program files\CCleaner
2009-12-03 12:30 . 2009-12-03 12:30 4096 dc----w- C:\GenProc
2009-11-30 10:54 . 2009-11-30 11:45 1305703 ----a-w- c:\users\Hp\AD-R.exe
2009-11-30 10:49 . 2009-12-02 09:55 -------- d-----w- c:\program files\Ad-Remover
2009-11-29 17:19 . 2009-11-29 17:19 -------- d-----w- c:\users\Hp\AppData\Local\Apps
2009-11-24 10:34 . 2009-11-25 12:32 4096 d-----w- c:\users\Hp\AppData\Roaming\HpUpdate
2009-11-24 10:34 . 2009-11-24 10:34 -------- d-----w- c:\windows\Hewlett-Packard
2009-11-24 09:29 . 2009-11-24 09:29 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb32C4.tmp.exe
2009-11-13 05:11 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-11-13 05:11 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-11-13 05:11 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-11-13 05:11 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-11-13 05:11 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-11-13 05:11 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-11-13 05:11 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-11-13 05:11 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-11-13 05:11 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-07 10:51 . 2008-05-09 15:22 8192 d-----w- c:\users\Hp\AppData\Roaming\LimeWire
2009-12-07 10:51 . 2008-05-07 13:05 -------- d-----w- c:\users\Hp\AppData\Roaming\OpenOffice.org2
2009-12-07 10:47 . 2008-05-13 17:06 12 ----a-w- c:\windows\bthservsdp.dat
2009-12-07 10:20 . 2009-05-07 19:32 4096 d-----w- c:\programdata\Google Updater
2009-12-03 10:19 . 2008-05-07 13:06 1 ----a-w- c:\users\Hp\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2009-12-02 09:41 . 2009-08-30 18:33 12288 ----a-w- c:\users\Public\mtwb.dat
2009-11-26 10:39 . 2006-12-05 08:13 -------- d-----w- c:\program files\HP
2009-11-23 17:40 . 2006-12-05 08:24 12288 d-----w- c:\program files\Common Files\Symantec Shared
2009-11-22 19:34 . 2008-06-02 17:39 -------- d-----w- c:\program files\Norton Security Scan
2009-11-15 18:51 . 2008-04-28 06:12 5892 ----a-w- c:\users\Hp\AppData\Local\d3d9caps.dat
2009-11-12 13:06 . 2006-12-05 08:07 4096 d--h--w- c:\program files\InstallShield Installation Information
2009-11-12 13:06 . 2008-05-16 19:48 -------- d-----w- c:\program files\Logitech
2009-11-08 21:12 . 2008-04-28 05:56 198211180 ----a-w- c:\windows\DUMP29cd.tmp
2009-11-06 18:20 . 2009-11-06 18:20 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-06 18:20 . 2008-05-09 15:04 4096 d-----w- c:\program files\Windows Live
2009-11-06 18:19 . 2008-05-09 15:12 8192 d-----w- c:\program files\Windows Live Toolbar
2009-11-06 18:18 . 2009-11-06 18:18 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-11-06 18:11 . 2009-11-06 18:11 -------- d-----w- c:\program files\Microsoft
2009-11-06 18:10 . 2009-11-06 18:10 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-11-06 18:00 . 2009-11-06 17:59 1164624 ----a-w- c:\users\Hp\wlsetup-custom.exe
2009-11-06 13:21 . 2009-11-06 13:21 -------- d-----w- c:\program files\Common Files\Windows Live
2009-11-04 16:32 . 2006-12-05 16:48 654486 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-04 16:32 . 2006-12-05 16:48 118474 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-02 19:42 . 2009-10-03 00:18 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 12:41 . 2008-05-10 14:54 4096 d-----w- c:\program files\MSN Games
2009-10-28 15:29 . 2009-08-16 17:20 8192 d-----w- c:\users\Hp\AppData\Roaming\Python-Eggs
2009-10-28 15:19 . 2008-05-09 15:22 28672 d-----w- c:\program files\LimeWire
2009-10-02 17:05 . 2008-12-11 11:51 688 ----a-w- c:\users\Hp\AppData\Roaming\wklnhst.dat
2009-10-02 08:37 . 2009-10-28 15:29 61952 ----a-w- c:\users\Hp\AppData\Roaming\Python-Eggs\elisa_plugin_ffmpeg-0.1.101-py2.5.egg-tmp\elisa\plugins\ffmpeg\gstreamer\libgstrmtpsrc.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 2153472]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 79224]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-25 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-25 133656]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-10 148888]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2008-06-02 178712]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-24 44136]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
c:\users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-9-30 503808]
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216]
Outil de notification Live Search.lnk - c:\users\Hp\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe [2008-7-22 143360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [06/05/2008 15:55 75856]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [06/05/2008 15:55 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [06/05/2008 15:55 50768]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\System32\drivers\netr73.sys [26/02/2008 08:17 493568]
S3 AVEOFilterDriver;AVEO Camera filter driver;c:\windows\System32\drivers\aveofilter.sys [15/04/2008 23:55 120448]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local;localhost
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-Easy Gif Animator Extension - c:\windows\EasyGifAnimator_Toolbar_Uninstaller_4973.exe _?=c:\program files\Easy Gif Animator Extension
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-07 11:49
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-3562070894-133776502-2678926322-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:11,dc,a7,ac,8e,1e,77,75,87,16,0a,74,58,2b,29,9f,01,5e,47,75,02,3f,d7,
43,7a,2a,a2,ae,f7,06,3c,40,02,bf,04,e3,6f,57,11,6d,dd,19,be,32,86,72,4c,3f,\
"??"=hex:32,20,11,00,1f,6d,30,d0,66,b4,45,10,6a,9f,e6,4e
[HKEY_USERS\S-1-5-21-3562070894-133776502-2678926322-1000\Software\SecuROM\License information*]
"datasecu"=hex:fa,94,10,7a,22,c7,a3,0b,4a,67,c9,9e,cf,7f,79,52,cc,18,91,92,79,
5d,3d,6e,07,53,64,08,41,36,e7,88,26,10,f7,c1,fa,db,42,95,34,d1,e3,e7,f2,92,\
"rkeysecu"=hex:c0,af,50,cf,20,f5,8b,38,d2,52,59,5e,f0,89,42,39
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'Explorer.exe'(3828)
c:\program files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\RtHDVCpl.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\users\Hp\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Heure de fin: 2009-12-07 12:02 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-07 11:01
Avant-CF: 15 781 888 000 octets libres
Après-CF: 15 483 674 624 octets libres
- - End Of File - - 0B69B4B05C83B279052858C865370A4C
