Security tool et compagnie
m&s
Messages postés
36
Statut
Membre
-
dédétraqué Messages postés 4522 Statut Contributeur sécurité -
dédétraqué Messages postés 4522 Statut Contributeur sécurité -
Bonjour, bonsoir,
Je me permet de vous solliciter car je suis un peu perdu faute de connaissances en la matière. J'ai été infecté avec le fameux security tool qui a complètement bloqué mon ordinateur. Passant de forum en forum, j'ai réussi a m'en débarrasser (après avoir utilisé différentes approches) enfin je pense...
Le faite est que maintenant mon pc bloque (sur le bureau) au moins 10 min à chaque démarrage. De plus les zones de quarantaine de Avast et MalwareByte's reste pleines de fichier (genre windows32/drivers...). Du coup je ne sais plus si mon pc est vraiment sain, car hormis ce problème au démarrage il semble fonctionner normalement ???
J'espère avoir étais clair. Merci de l'intérêt que vous porterez à ma demande.
Bye
Je me permet de vous solliciter car je suis un peu perdu faute de connaissances en la matière. J'ai été infecté avec le fameux security tool qui a complètement bloqué mon ordinateur. Passant de forum en forum, j'ai réussi a m'en débarrasser (après avoir utilisé différentes approches) enfin je pense...
Le faite est que maintenant mon pc bloque (sur le bureau) au moins 10 min à chaque démarrage. De plus les zones de quarantaine de Avast et MalwareByte's reste pleines de fichier (genre windows32/drivers...). Du coup je ne sais plus si mon pc est vraiment sain, car hormis ce problème au démarrage il semble fonctionner normalement ???
J'espère avoir étais clair. Merci de l'intérêt que vous porterez à ma demande.
Bye
A voir également:
- Security tool et compagnie
- Hp usb disk storage format tool - Télécharger - Stockage
- Ds3 tool - Télécharger - Émulation
- Microsoft security essentials - Télécharger - Antivirus & Antimalwares
- Media creation tool - Télécharger - Systèmes d'exploitation
- Windows usb/dvd download tool - Télécharger - Systèmes d'exploitation
47 réponses
Salut,
merci pour tes réponses mais j'ai encore ce problème de latence pendant 10 minutes au démarrage et la zone de quarantaine de Malware Byte's toujours remplie...
merci et a bientôt
merci pour tes réponses mais j'ai encore ce problème de latence pendant 10 minutes au démarrage et la zone de quarantaine de Malware Byte's toujours remplie...
merci et a bientôt
Salut m&s
Pour vider la quarantaine de MalwareByte's Anti-Malware :
Double-clique sur le raccourci de MalwareByte's Anti-Malware présent sur ton Bureau afin de le lancer, puis clique sur "Quarantaine", clique sur "Supprimer", puis ferme MalwareByte's Anti-Malware.
Refais un scan avec RSIT et poste le contenu du rapport log.txt à la fin de l'analyse
Le rapport est dans le dossier ici C:\rsit
@++ :)
Pour vider la quarantaine de MalwareByte's Anti-Malware :
Double-clique sur le raccourci de MalwareByte's Anti-Malware présent sur ton Bureau afin de le lancer, puis clique sur "Quarantaine", clique sur "Supprimer", puis ferme MalwareByte's Anti-Malware.
Refais un scan avec RSIT et poste le contenu du rapport log.txt à la fin de l'analyse
Le rapport est dans le dossier ici C:\rsit
@++ :)
merci et désolée pour l'attente mais il m'étais impossible de poster le rapport:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Gregory at 2010-04-06 21:30:20
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 8 GB (10%) free of 78 GB
Total RAM: 2047 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:22, on 06/04/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\BTTray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Gregory\Bureau\Virus\RSIT.exe
C:\Program Files\trend micro\Gregory.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - https://about.proquest.com/products-services/ebooks/ebooks-main.html
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Service Google Update (gupdate1c9e30da6ef7c04) (gupdate1c9e30da6ef7c04) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Gregory at 2010-04-06 21:30:20
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 8 GB (10%) free of 78 GB
Total RAM: 2047 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:22, on 06/04/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\BTTray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Gregory\Bureau\Virus\RSIT.exe
C:\Program Files\trend micro\Gregory.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - https://about.proquest.com/products-services/ebooks/ebooks-main.html
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Service Google Update (gupdate1c9e30da6ef7c04) (gupdate1c9e30da6ef7c04) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
Salut m&s
Télécharge combofix.exe (de sUBs) sur le bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/
Important Désactive ton Antivirus, antispyware et Pare feu avant le scan avec Combofix :
https://forum.pcastuces.com/default.asp
https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/
==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n'est pas fini. <==
Double clique sur combofix.exe, clique sur OUI et valide par Entrée
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure
@++ :)
Télécharge combofix.exe (de sUBs) sur le bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/
Important Désactive ton Antivirus, antispyware et Pare feu avant le scan avec Combofix :
https://forum.pcastuces.com/default.asp
https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/
==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n'est pas fini. <==
Double clique sur combofix.exe, clique sur OUI et valide par Entrée
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure
@++ :)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
merci merci, voici le nouveau rapport:
ComboFix 10-04-12.01 - Gregory 12/04/2010 19:56:26.2.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.2047.1663 [GMT 2:00]
Lancé depuis: c:\documents and settings\Gregory\Bureau\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-03-12 au 2010-04-12 ))))))))))))))))))))))))))))))))))))
.
2010-03-22 00:22 . 2010-03-09 11:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-22 00:22 . 2010-03-09 11:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-22 00:21 . 2010-03-09 11:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-22 00:21 . 2010-03-09 11:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-22 00:21 . 2010-03-09 11:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-22 00:21 . 2010-03-09 11:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-22 00:21 . 2010-03-09 11:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-03-22 00:21 . 2010-03-09 11:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-22 00:21 . 2010-03-09 11:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-18 17:22 . 2010-03-18 17:22 -------- d-----w- c:\program files\ESET
2010-03-15 23:54 . 2010-03-15 23:55 -------- d-----w- C:\Kill'em
2010-03-15 13:03 . 2010-03-16 00:02 -------- d-----w- c:\program files\List_Kill'em
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-12 17:38 . 2009-06-05 11:23 -------- d-----w- c:\program files\Mozilla Firefox 3.5 Beta 4
2010-04-11 20:05 . 2008-11-08 14:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-04-06 21:09 . 2008-06-16 07:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-04-06 19:30 . 2010-03-11 23:29 -------- d-----w- c:\program files\trend micro
2010-03-28 11:41 . 2001-09-28 10:00 64492 ----a-w- c:\windows\system32\perfc00C.dat
2010-03-28 11:41 . 2001-09-28 10:00 447772 ----a-w- c:\windows\system32\perfh00C.dat
2010-03-11 23:34 . 2010-02-15 16:32 -------- d-----w- c:\program files\Codemasters
2010-03-11 23:33 . 2007-02-07 12:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-11 23:33 . 2008-08-20 15:46 -------- d-----w- c:\program files\Ubisoft
2010-03-11 12:34 . 2004-08-19 14:09 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:34 . 2004-08-19 14:09 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:34 . 2004-08-19 14:09 17408 ----a-w- c:\windows\system32\corpol.dll
2010-02-25 15:10 . 2010-02-25 15:10 -------- d-----w- c:\program files\MSECache
2010-02-25 14:47 . 2010-02-25 14:47 -------- d-----w- c:\program files\Microsoft Games
2010-02-23 07:53 . 2010-01-23 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-23 07:47 . 2008-09-03 16:06 -------- d-----w- c:\program files\Java
2010-02-23 07:46 . 2010-02-23 07:46 152576 ----a-w- c:\documents and settings\Gregory\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-02-23 07:46 . 2009-12-23 10:52 79488 ----a-w- c:\documents and settings\Gregory\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-02-15 16:34 . 2010-02-15 16:34 -------- d-----w- c:\program files\Fichiers communs\DirectX
2010-02-15 14:11 . 2010-02-15 14:11 -------- d-----w- c:\documents and settings\Gregory\Application Data\Leadertech
2010-02-15 14:00 . 2009-10-18 17:19 -------- d-----w- c:\program files\Capcom
2010-02-15 13:54 . 2009-10-18 17:28 -------- d-----w- c:\program files\AGEIA Technologies
2010-02-12 10:03 . 2010-03-10 17:53 293376 ------w- c:\windows\system32\browserchoice.exe
2010-01-24 20:58 . 2009-06-05 11:11 5115823 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-22 13:47 . 2010-01-22 13:47 152576 ----a-w- c:\documents and settings\Gregory\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-03-12_12.37.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-12 17:55 . 2010-04-12 17:55 16384 c:\windows\Temp\Perflib_Perfdata_170.dat
- 2009-11-29 22:55 . 2008-07-08 13:03 18296 c:\windows\system32\spmsg.dll
+ 2009-11-29 22:55 . 2009-05-26 11:40 18296 c:\windows\system32\spmsg.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 44544 c:\windows\system32\pngfilt.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 44544 c:\windows\system32\pngfilt.dll
- 2001-09-28 10:00 . 2009-12-25 16:43 53608 c:\windows\system32\perfc009.dat
+ 2001-09-28 10:00 . 2010-03-28 11:41 53608 c:\windows\system32\perfc009.dat
- 2006-11-07 20:03 . 2010-01-05 09:56 52224 c:\windows\system32\msfeedsbs.dll
+ 2006-11-07 20:03 . 2010-03-11 12:34 52224 c:\windows\system32\msfeedsbs.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 27648 c:\windows\system32\jsproxy.dll
+ 2006-11-07 02:26 . 2010-03-10 13:19 13824 c:\windows\system32\ieudinit.exe
- 2006-11-07 02:26 . 2009-12-31 15:33 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-19 14:09 . 2010-03-11 12:34 44544 c:\windows\system32\iernonce.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 44544 c:\windows\system32\iernonce.dll
- 2004-08-19 14:09 . 2009-12-31 15:33 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-19 14:09 . 2010-03-10 13:19 70656 c:\windows\system32\ie4uinit.exe
+ 2006-10-17 10:58 . 2010-03-11 12:34 63488 c:\windows\system32\icardie.dll
- 2006-10-17 10:58 . 2010-01-05 09:56 63488 c:\windows\system32\icardie.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2007-05-09 13:56 . 2010-03-11 12:34 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-05-09 13:56 . 2010-01-05 09:56 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-05-09 13:56 . 2010-03-10 13:19 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2007-05-09 13:56 . 2009-12-31 15:33 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2004-08-19 14:09 . 2010-03-11 12:34 44544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 78336 c:\windows\system32\dllcache\ieencode.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-19 14:09 . 2010-03-10 13:19 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-19 14:09 . 2009-12-31 15:33 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-20 09:59 . 2010-01-05 09:56 63488 c:\windows\system32\dllcache\icardie.dll
+ 2007-08-20 09:59 . 2010-03-11 12:34 63488 c:\windows\system32\dllcache\icardie.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 17408 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 17408 c:\windows\system32\dllcache\corpol.dll
+ 2010-03-18 17:25 . 2010-03-18 17:25 22528 c:\windows\Installer\17331b.msi
+ 2010-04-09 23:40 . 2010-01-05 09:56 44544 c:\windows\ie7updates\KB980182-IE7\pngfilt.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 52224 c:\windows\ie7updates\KB980182-IE7\msfeedsbs.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 27648 c:\windows\ie7updates\KB980182-IE7\jsproxy.dll
+ 2010-04-09 23:40 . 2009-12-31 15:33 13824 c:\windows\ie7updates\KB980182-IE7\ieudinit.exe
+ 2010-04-09 23:40 . 2010-01-05 09:56 44544 c:\windows\ie7updates\KB980182-IE7\iernonce.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 78336 c:\windows\ie7updates\KB980182-IE7\ieencode.dll
+ 2010-04-09 23:40 . 2009-12-31 15:33 70656 c:\windows\ie7updates\KB980182-IE7\ie4uinit.exe
+ 2010-04-09 23:40 . 2010-01-05 09:56 63488 c:\windows\ie7updates\KB980182-IE7\icardie.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 17408 c:\windows\ie7updates\KB980182-IE7\corpol.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 233472 c:\windows\system32\webcheck.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 233472 c:\windows\system32\webcheck.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 105984 c:\windows\system32\url.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 105984 c:\windows\system32\url.dll
+ 2001-09-28 10:00 . 2010-03-28 11:41 383254 c:\windows\system32\perfh009.dat
- 2001-09-28 10:00 . 2009-12-25 16:43 383254 c:\windows\system32\perfh009.dat
- 2004-08-19 14:09 . 2010-01-05 09:56 102912 c:\windows\system32\occache.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 102912 c:\windows\system32\occache.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 671232 c:\windows\system32\mstime.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 671232 c:\windows\system32\mstime.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 193024 c:\windows\system32\msrating.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 193024 c:\windows\system32\msrating.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 477696 c:\windows\system32\mshtmled.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 477696 c:\windows\system32\mshtmled.dll
- 2006-11-07 20:03 . 2010-01-05 09:56 459264 c:\windows\system32\msfeeds.dll
+ 2006-11-07 20:03 . 2010-03-11 12:34 459264 c:\windows\system32\msfeeds.dll
+ 2006-10-17 10:57 . 2010-03-11 12:34 268288 c:\windows\system32\iertutil.dll
- 2006-10-17 10:57 . 2010-01-05 09:56 268288 c:\windows\system32\iertutil.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 192512 c:\windows\system32\iepeers.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 192512 c:\windows\system32\iepeers.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 385024 c:\windows\system32\iedkcs32.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 385024 c:\windows\system32\iedkcs32.dll
- 2006-10-17 10:27 . 2010-01-05 09:56 380928 c:\windows\system32\ieapfltr.dll
+ 2006-10-17 10:27 . 2010-03-11 12:34 380928 c:\windows\system32\ieapfltr.dll
- 2001-09-28 10:00 . 2009-12-18 13:04 161792 c:\windows\system32\ieakui.dll
+ 2001-09-28 10:00 . 2010-02-23 05:18 161792 c:\windows\system32\ieakui.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 230400 c:\windows\system32\ieaksie.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 153088 c:\windows\system32\ieakeng.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 133120 c:\windows\system32\extmgr.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 133120 c:\windows\system32\extmgr.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 214528 c:\windows\system32\dxtrans.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 347136 c:\windows\system32\dxtmsft.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 832512 c:\windows\system32\dllcache\wininet.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 832512 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 233472 c:\windows\system32\dllcache\webcheck.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 102912 c:\windows\system32\dllcache\occache.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 102912 c:\windows\system32\dllcache\occache.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 671232 c:\windows\system32\dllcache\mstime.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 671232 c:\windows\system32\dllcache\mstime.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 193024 c:\windows\system32\dllcache\msrating.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2007-05-09 13:56 . 2010-01-05 09:56 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-05-09 13:56 . 2010-03-11 12:34 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-02-07 12:04 . 2010-02-23 05:20 634648 c:\windows\system32\dllcache\iexplore.exe
- 2007-02-07 12:04 . 2009-12-18 13:05 634648 c:\windows\system32\dllcache\iexplore.exe
- 2007-05-09 13:56 . 2010-01-05 09:56 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2007-05-09 13:56 . 2010-03-11 12:34 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 192512 c:\windows\system32\dllcache\iepeers.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 192512 c:\windows\system32\dllcache\iepeers.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-05-09 13:56 . 2010-03-11 12:34 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2007-05-09 13:56 . 2010-01-05 09:56 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2001-09-28 10:00 . 2010-02-23 05:18 161792 c:\windows\system32\dllcache\ieakui.dll
- 2001-09-28 10:00 . 2009-12-18 13:04 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 133120 c:\windows\system32\dllcache\extmgr.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 124928 c:\windows\system32\dllcache\advpack.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 124928 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 124928 c:\windows\system32\advpack.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 124928 c:\windows\system32\advpack.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 832512 c:\windows\ie7updates\KB980182-IE7\wininet.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 233472 c:\windows\ie7updates\KB980182-IE7\webcheck.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 105984 c:\windows\ie7updates\KB980182-IE7\url.dll
+ 2010-04-09 23:40 . 2009-05-26 11:40 406392 c:\windows\ie7updates\KB980182-IE7\spuninst\updspapi.dll
+ 2010-04-09 23:40 . 2009-05-26 11:40 234872 c:\windows\ie7updates\KB980182-IE7\spuninst\spuninst.exe
+ 2010-04-09 23:40 . 2010-01-05 09:56 102912 c:\windows\ie7updates\KB980182-IE7\occache.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 671232 c:\windows\ie7updates\KB980182-IE7\mstime.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 193024 c:\windows\ie7updates\KB980182-IE7\msrating.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 477696 c:\windows\ie7updates\KB980182-IE7\mshtmled.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 459264 c:\windows\ie7updates\KB980182-IE7\msfeeds.dll
+ 2010-04-09 23:40 . 2009-12-18 13:05 634648 c:\windows\ie7updates\KB980182-IE7\iexplore.exe
+ 2010-04-09 23:40 . 2010-01-05 09:56 268288 c:\windows\ie7updates\KB980182-IE7\iertutil.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 192512 c:\windows\ie7updates\KB980182-IE7\iepeers.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 385024 c:\windows\ie7updates\KB980182-IE7\iedkcs32.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 380928 c:\windows\ie7updates\KB980182-IE7\ieapfltr.dll
+ 2010-04-09 23:40 . 2009-12-18 13:04 161792 c:\windows\ie7updates\KB980182-IE7\ieakui.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 230400 c:\windows\ie7updates\KB980182-IE7\ieaksie.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 153088 c:\windows\ie7updates\KB980182-IE7\ieakeng.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 133120 c:\windows\ie7updates\KB980182-IE7\extmgr.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 214528 c:\windows\ie7updates\KB980182-IE7\dxtrans.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 347136 c:\windows\ie7updates\KB980182-IE7\dxtmsft.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 124928 c:\windows\ie7updates\KB980182-IE7\advpack.dll
+ 2005-03-01 13:08 . 2009-01-05 14:44 741376 c:\windows\BDOSCAN8\ipsupd.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 1168384 c:\windows\system32\urlmon.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 1168384 c:\windows\system32\urlmon.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 3599872 c:\windows\system32\mshtml.dll
+ 2006-11-07 20:03 . 2010-03-11 12:34 6067200 c:\windows\system32\ieframe.dll
- 2006-11-07 20:03 . 2010-01-05 09:56 6067200 c:\windows\system32\ieframe.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 3599872 c:\windows\system32\dllcache\mshtml.dll
- 2007-05-09 13:56 . 2010-01-05 09:56 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2007-05-09 13:56 . 2010-03-11 12:34 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 1168384 c:\windows\ie7updates\KB980182-IE7\urlmon.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 3599360 c:\windows\ie7updates\KB980182-IE7\mshtml.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 6067200 c:\windows\ie7updates\KB980182-IE7\ieframe.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-16 167368]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-08 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-18 843776]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-06-02 385024]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2003-04-07 631364]
"Logitech Utility"="Logi_MwX.Exe" [2002-11-08 19968]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 110592]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"TomTomHOME.exe"="c:\program files\TomTom HOME\TomTomHOME.exe" [2006-12-12 3577512]
"NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]
c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
ASUS WiFi-AP Solo.lnk - c:\program files\ASUS WiFi-AP Solo\RtWLan.exe [2007-2-7 987136]
BTTray.lnk - c:\program files\Sitecom\Logiciel Bluetooth\BTTray.exe [2004-10-1 565309]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Gregory^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk]
path=c:\documents and settings\Gregory\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk
backup=c:\windows\pss\OpenOffice.org 2.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-08-03 10:51 202024 ----a-w- c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2007-05-17 21:45 279912 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2003-11-19 15:48 32881 ----a-w- c:\program files\Java\j2re1.4.2_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-11-08 14:23 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Documents and Settings\\Gregory\\Bureau\\freezer.exe"=
"e:\\Mes documents\\Téléchargements\\freezer v1.4\\freezer.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\adslTV\\adsltv.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\adslTV\\vlc.exe"=
"c:\\Program Files\\Empire Interactive\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22/03/2010 02:22 162640]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22/03/2010 02:22 19024]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [07/02/2007 15:21 176128]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [06/10/2007 10:24 685816]
S2 gupdate1c9e30da6ef7c04;Service Google Update (gupdate1c9e30da6ef7c04);c:\program files\Google\Update\GoogleUpdate.exe [02/06/2009 01:06 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'
2010-04-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-08 18:32]
2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-01 23:06]
2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-01 23:06]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Envoyer à &Bluetooth - c:\program files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Gregory\Application Data\Mozilla\Firefox\Profiles\ecyj72sj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-12 19:59
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-329068152-1801674531-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d8,f2,fe,25,01,e6,91,3b,11,0c,83,f2,a8,c7,f9,24,ca,c4,f6,50,aa,1a,f5,
25,69,bc,48,87,9a,05,e6,47,b5,b4,c7,36,9b,59,68,cb,21,92,25,d5,1e,e0,6d,3d,\
"??"=hex:f5,c6,26,42,29,ed,a6,20,b0,3b,5a,6a,e3,af,14,36
[HKEY_USERS\S-1-5-21-329068152-1801674531-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:66,e6,8a,bb,cb,fb,06,2a,ef,26,03,e9,43,6c,23,d5,b5,c6,77,48,15,
e7,4b,1e,5b,8c,4b,e7,d7,38,2a,07,f9,24,1c,bf,3f,df,60,c4,19,b5,7a,56,d1,e6,\
"rkeysecu"=hex:86,a0,d1,f4,d7,00,fd,c9,88,90,99,4c,3d,fd,f2,a6
.
Heure de fin: 2010-04-12 20:00:47
ComboFix-quarantined-files.txt 2010-04-12 18:00
ComboFix2.txt 2010-03-12 12:39
Avant-CF: 7 933 620 224 octets libres
Après-CF: 7 898 312 704 octets libres
- - End Of File - - 50D38883622D1088B50393A48D5BA2CC
ComboFix 10-04-12.01 - Gregory 12/04/2010 19:56:26.2.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.2047.1663 [GMT 2:00]
Lancé depuis: c:\documents and settings\Gregory\Bureau\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-03-12 au 2010-04-12 ))))))))))))))))))))))))))))))))))))
.
2010-03-22 00:22 . 2010-03-09 11:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-22 00:22 . 2010-03-09 11:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-22 00:21 . 2010-03-09 11:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-22 00:21 . 2010-03-09 11:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-22 00:21 . 2010-03-09 11:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-22 00:21 . 2010-03-09 11:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-22 00:21 . 2010-03-09 11:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-03-22 00:21 . 2010-03-09 11:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-22 00:21 . 2010-03-09 11:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-18 17:22 . 2010-03-18 17:22 -------- d-----w- c:\program files\ESET
2010-03-15 23:54 . 2010-03-15 23:55 -------- d-----w- C:\Kill'em
2010-03-15 13:03 . 2010-03-16 00:02 -------- d-----w- c:\program files\List_Kill'em
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-12 17:38 . 2009-06-05 11:23 -------- d-----w- c:\program files\Mozilla Firefox 3.5 Beta 4
2010-04-11 20:05 . 2008-11-08 14:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-04-06 21:09 . 2008-06-16 07:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-04-06 19:30 . 2010-03-11 23:29 -------- d-----w- c:\program files\trend micro
2010-03-28 11:41 . 2001-09-28 10:00 64492 ----a-w- c:\windows\system32\perfc00C.dat
2010-03-28 11:41 . 2001-09-28 10:00 447772 ----a-w- c:\windows\system32\perfh00C.dat
2010-03-11 23:34 . 2010-02-15 16:32 -------- d-----w- c:\program files\Codemasters
2010-03-11 23:33 . 2007-02-07 12:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-11 23:33 . 2008-08-20 15:46 -------- d-----w- c:\program files\Ubisoft
2010-03-11 12:34 . 2004-08-19 14:09 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:34 . 2004-08-19 14:09 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:34 . 2004-08-19 14:09 17408 ----a-w- c:\windows\system32\corpol.dll
2010-02-25 15:10 . 2010-02-25 15:10 -------- d-----w- c:\program files\MSECache
2010-02-25 14:47 . 2010-02-25 14:47 -------- d-----w- c:\program files\Microsoft Games
2010-02-23 07:53 . 2010-01-23 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-23 07:47 . 2008-09-03 16:06 -------- d-----w- c:\program files\Java
2010-02-23 07:46 . 2010-02-23 07:46 152576 ----a-w- c:\documents and settings\Gregory\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-02-23 07:46 . 2009-12-23 10:52 79488 ----a-w- c:\documents and settings\Gregory\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-02-15 16:34 . 2010-02-15 16:34 -------- d-----w- c:\program files\Fichiers communs\DirectX
2010-02-15 14:11 . 2010-02-15 14:11 -------- d-----w- c:\documents and settings\Gregory\Application Data\Leadertech
2010-02-15 14:00 . 2009-10-18 17:19 -------- d-----w- c:\program files\Capcom
2010-02-15 13:54 . 2009-10-18 17:28 -------- d-----w- c:\program files\AGEIA Technologies
2010-02-12 10:03 . 2010-03-10 17:53 293376 ------w- c:\windows\system32\browserchoice.exe
2010-01-24 20:58 . 2009-06-05 11:11 5115823 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-22 13:47 . 2010-01-22 13:47 152576 ----a-w- c:\documents and settings\Gregory\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-03-12_12.37.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-12 17:55 . 2010-04-12 17:55 16384 c:\windows\Temp\Perflib_Perfdata_170.dat
- 2009-11-29 22:55 . 2008-07-08 13:03 18296 c:\windows\system32\spmsg.dll
+ 2009-11-29 22:55 . 2009-05-26 11:40 18296 c:\windows\system32\spmsg.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 44544 c:\windows\system32\pngfilt.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 44544 c:\windows\system32\pngfilt.dll
- 2001-09-28 10:00 . 2009-12-25 16:43 53608 c:\windows\system32\perfc009.dat
+ 2001-09-28 10:00 . 2010-03-28 11:41 53608 c:\windows\system32\perfc009.dat
- 2006-11-07 20:03 . 2010-01-05 09:56 52224 c:\windows\system32\msfeedsbs.dll
+ 2006-11-07 20:03 . 2010-03-11 12:34 52224 c:\windows\system32\msfeedsbs.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 27648 c:\windows\system32\jsproxy.dll
+ 2006-11-07 02:26 . 2010-03-10 13:19 13824 c:\windows\system32\ieudinit.exe
- 2006-11-07 02:26 . 2009-12-31 15:33 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-19 14:09 . 2010-03-11 12:34 44544 c:\windows\system32\iernonce.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 44544 c:\windows\system32\iernonce.dll
- 2004-08-19 14:09 . 2009-12-31 15:33 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-19 14:09 . 2010-03-10 13:19 70656 c:\windows\system32\ie4uinit.exe
+ 2006-10-17 10:58 . 2010-03-11 12:34 63488 c:\windows\system32\icardie.dll
- 2006-10-17 10:58 . 2010-01-05 09:56 63488 c:\windows\system32\icardie.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2007-05-09 13:56 . 2010-03-11 12:34 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-05-09 13:56 . 2010-01-05 09:56 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-05-09 13:56 . 2010-03-10 13:19 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2007-05-09 13:56 . 2009-12-31 15:33 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2004-08-19 14:09 . 2010-03-11 12:34 44544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 78336 c:\windows\system32\dllcache\ieencode.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-19 14:09 . 2010-03-10 13:19 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-19 14:09 . 2009-12-31 15:33 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-20 09:59 . 2010-01-05 09:56 63488 c:\windows\system32\dllcache\icardie.dll
+ 2007-08-20 09:59 . 2010-03-11 12:34 63488 c:\windows\system32\dllcache\icardie.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 17408 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 17408 c:\windows\system32\dllcache\corpol.dll
+ 2010-03-18 17:25 . 2010-03-18 17:25 22528 c:\windows\Installer\17331b.msi
+ 2010-04-09 23:40 . 2010-01-05 09:56 44544 c:\windows\ie7updates\KB980182-IE7\pngfilt.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 52224 c:\windows\ie7updates\KB980182-IE7\msfeedsbs.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 27648 c:\windows\ie7updates\KB980182-IE7\jsproxy.dll
+ 2010-04-09 23:40 . 2009-12-31 15:33 13824 c:\windows\ie7updates\KB980182-IE7\ieudinit.exe
+ 2010-04-09 23:40 . 2010-01-05 09:56 44544 c:\windows\ie7updates\KB980182-IE7\iernonce.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 78336 c:\windows\ie7updates\KB980182-IE7\ieencode.dll
+ 2010-04-09 23:40 . 2009-12-31 15:33 70656 c:\windows\ie7updates\KB980182-IE7\ie4uinit.exe
+ 2010-04-09 23:40 . 2010-01-05 09:56 63488 c:\windows\ie7updates\KB980182-IE7\icardie.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 17408 c:\windows\ie7updates\KB980182-IE7\corpol.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 233472 c:\windows\system32\webcheck.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 233472 c:\windows\system32\webcheck.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 105984 c:\windows\system32\url.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 105984 c:\windows\system32\url.dll
+ 2001-09-28 10:00 . 2010-03-28 11:41 383254 c:\windows\system32\perfh009.dat
- 2001-09-28 10:00 . 2009-12-25 16:43 383254 c:\windows\system32\perfh009.dat
- 2004-08-19 14:09 . 2010-01-05 09:56 102912 c:\windows\system32\occache.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 102912 c:\windows\system32\occache.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 671232 c:\windows\system32\mstime.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 671232 c:\windows\system32\mstime.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 193024 c:\windows\system32\msrating.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 193024 c:\windows\system32\msrating.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 477696 c:\windows\system32\mshtmled.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 477696 c:\windows\system32\mshtmled.dll
- 2006-11-07 20:03 . 2010-01-05 09:56 459264 c:\windows\system32\msfeeds.dll
+ 2006-11-07 20:03 . 2010-03-11 12:34 459264 c:\windows\system32\msfeeds.dll
+ 2006-10-17 10:57 . 2010-03-11 12:34 268288 c:\windows\system32\iertutil.dll
- 2006-10-17 10:57 . 2010-01-05 09:56 268288 c:\windows\system32\iertutil.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 192512 c:\windows\system32\iepeers.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 192512 c:\windows\system32\iepeers.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 385024 c:\windows\system32\iedkcs32.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 385024 c:\windows\system32\iedkcs32.dll
- 2006-10-17 10:27 . 2010-01-05 09:56 380928 c:\windows\system32\ieapfltr.dll
+ 2006-10-17 10:27 . 2010-03-11 12:34 380928 c:\windows\system32\ieapfltr.dll
- 2001-09-28 10:00 . 2009-12-18 13:04 161792 c:\windows\system32\ieakui.dll
+ 2001-09-28 10:00 . 2010-02-23 05:18 161792 c:\windows\system32\ieakui.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 230400 c:\windows\system32\ieaksie.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 153088 c:\windows\system32\ieakeng.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 133120 c:\windows\system32\extmgr.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 133120 c:\windows\system32\extmgr.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 214528 c:\windows\system32\dxtrans.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 347136 c:\windows\system32\dxtmsft.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 832512 c:\windows\system32\dllcache\wininet.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 832512 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 233472 c:\windows\system32\dllcache\webcheck.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 102912 c:\windows\system32\dllcache\occache.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 102912 c:\windows\system32\dllcache\occache.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 671232 c:\windows\system32\dllcache\mstime.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 671232 c:\windows\system32\dllcache\mstime.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 193024 c:\windows\system32\dllcache\msrating.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2007-05-09 13:56 . 2010-01-05 09:56 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-05-09 13:56 . 2010-03-11 12:34 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-02-07 12:04 . 2010-02-23 05:20 634648 c:\windows\system32\dllcache\iexplore.exe
- 2007-02-07 12:04 . 2009-12-18 13:05 634648 c:\windows\system32\dllcache\iexplore.exe
- 2007-05-09 13:56 . 2010-01-05 09:56 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2007-05-09 13:56 . 2010-03-11 12:34 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 192512 c:\windows\system32\dllcache\iepeers.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 192512 c:\windows\system32\dllcache\iepeers.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-05-09 13:56 . 2010-03-11 12:34 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2007-05-09 13:56 . 2010-01-05 09:56 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2001-09-28 10:00 . 2010-02-23 05:18 161792 c:\windows\system32\dllcache\ieakui.dll
- 2001-09-28 10:00 . 2009-12-18 13:04 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 133120 c:\windows\system32\dllcache\extmgr.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 124928 c:\windows\system32\dllcache\advpack.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 124928 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 124928 c:\windows\system32\advpack.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 124928 c:\windows\system32\advpack.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 832512 c:\windows\ie7updates\KB980182-IE7\wininet.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 233472 c:\windows\ie7updates\KB980182-IE7\webcheck.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 105984 c:\windows\ie7updates\KB980182-IE7\url.dll
+ 2010-04-09 23:40 . 2009-05-26 11:40 406392 c:\windows\ie7updates\KB980182-IE7\spuninst\updspapi.dll
+ 2010-04-09 23:40 . 2009-05-26 11:40 234872 c:\windows\ie7updates\KB980182-IE7\spuninst\spuninst.exe
+ 2010-04-09 23:40 . 2010-01-05 09:56 102912 c:\windows\ie7updates\KB980182-IE7\occache.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 671232 c:\windows\ie7updates\KB980182-IE7\mstime.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 193024 c:\windows\ie7updates\KB980182-IE7\msrating.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 477696 c:\windows\ie7updates\KB980182-IE7\mshtmled.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 459264 c:\windows\ie7updates\KB980182-IE7\msfeeds.dll
+ 2010-04-09 23:40 . 2009-12-18 13:05 634648 c:\windows\ie7updates\KB980182-IE7\iexplore.exe
+ 2010-04-09 23:40 . 2010-01-05 09:56 268288 c:\windows\ie7updates\KB980182-IE7\iertutil.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 192512 c:\windows\ie7updates\KB980182-IE7\iepeers.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 385024 c:\windows\ie7updates\KB980182-IE7\iedkcs32.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 380928 c:\windows\ie7updates\KB980182-IE7\ieapfltr.dll
+ 2010-04-09 23:40 . 2009-12-18 13:04 161792 c:\windows\ie7updates\KB980182-IE7\ieakui.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 230400 c:\windows\ie7updates\KB980182-IE7\ieaksie.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 153088 c:\windows\ie7updates\KB980182-IE7\ieakeng.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 133120 c:\windows\ie7updates\KB980182-IE7\extmgr.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 214528 c:\windows\ie7updates\KB980182-IE7\dxtrans.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 347136 c:\windows\ie7updates\KB980182-IE7\dxtmsft.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 124928 c:\windows\ie7updates\KB980182-IE7\advpack.dll
+ 2005-03-01 13:08 . 2009-01-05 14:44 741376 c:\windows\BDOSCAN8\ipsupd.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 1168384 c:\windows\system32\urlmon.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 1168384 c:\windows\system32\urlmon.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 3599872 c:\windows\system32\mshtml.dll
+ 2006-11-07 20:03 . 2010-03-11 12:34 6067200 c:\windows\system32\ieframe.dll
- 2006-11-07 20:03 . 2010-01-05 09:56 6067200 c:\windows\system32\ieframe.dll
- 2004-08-19 14:09 . 2010-01-05 09:56 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-19 14:09 . 2010-03-11 12:34 3599872 c:\windows\system32\dllcache\mshtml.dll
- 2007-05-09 13:56 . 2010-01-05 09:56 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2007-05-09 13:56 . 2010-03-11 12:34 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 1168384 c:\windows\ie7updates\KB980182-IE7\urlmon.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 3599360 c:\windows\ie7updates\KB980182-IE7\mshtml.dll
+ 2010-04-09 23:40 . 2010-01-05 09:56 6067200 c:\windows\ie7updates\KB980182-IE7\ieframe.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-16 167368]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-08 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-18 843776]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-06-02 385024]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2003-04-07 631364]
"Logitech Utility"="Logi_MwX.Exe" [2002-11-08 19968]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 110592]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"TomTomHOME.exe"="c:\program files\TomTom HOME\TomTomHOME.exe" [2006-12-12 3577512]
"NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]
c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
ASUS WiFi-AP Solo.lnk - c:\program files\ASUS WiFi-AP Solo\RtWLan.exe [2007-2-7 987136]
BTTray.lnk - c:\program files\Sitecom\Logiciel Bluetooth\BTTray.exe [2004-10-1 565309]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Gregory^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk]
path=c:\documents and settings\Gregory\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk
backup=c:\windows\pss\OpenOffice.org 2.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-08-03 10:51 202024 ----a-w- c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2007-05-17 21:45 279912 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2003-11-19 15:48 32881 ----a-w- c:\program files\Java\j2re1.4.2_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-11-08 14:23 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Documents and Settings\\Gregory\\Bureau\\freezer.exe"=
"e:\\Mes documents\\Téléchargements\\freezer v1.4\\freezer.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\adslTV\\adsltv.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\adslTV\\vlc.exe"=
"c:\\Program Files\\Empire Interactive\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22/03/2010 02:22 162640]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22/03/2010 02:22 19024]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [07/02/2007 15:21 176128]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [06/10/2007 10:24 685816]
S2 gupdate1c9e30da6ef7c04;Service Google Update (gupdate1c9e30da6ef7c04);c:\program files\Google\Update\GoogleUpdate.exe [02/06/2009 01:06 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'
2010-04-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-08 18:32]
2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-01 23:06]
2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-01 23:06]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Envoyer à &Bluetooth - c:\program files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Gregory\Application Data\Mozilla\Firefox\Profiles\ecyj72sj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-12 19:59
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-329068152-1801674531-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d8,f2,fe,25,01,e6,91,3b,11,0c,83,f2,a8,c7,f9,24,ca,c4,f6,50,aa,1a,f5,
25,69,bc,48,87,9a,05,e6,47,b5,b4,c7,36,9b,59,68,cb,21,92,25,d5,1e,e0,6d,3d,\
"??"=hex:f5,c6,26,42,29,ed,a6,20,b0,3b,5a,6a,e3,af,14,36
[HKEY_USERS\S-1-5-21-329068152-1801674531-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:66,e6,8a,bb,cb,fb,06,2a,ef,26,03,e9,43,6c,23,d5,b5,c6,77,48,15,
e7,4b,1e,5b,8c,4b,e7,d7,38,2a,07,f9,24,1c,bf,3f,df,60,c4,19,b5,7a,56,d1,e6,\
"rkeysecu"=hex:86,a0,d1,f4,d7,00,fd,c9,88,90,99,4c,3d,fd,f2,a6
.
Heure de fin: 2010-04-12 20:00:47
ComboFix-quarantined-files.txt 2010-04-12 18:00
ComboFix2.txt 2010-03-12 12:39
Avant-CF: 7 933 620 224 octets libres
Après-CF: 7 898 312 704 octets libres
- - End Of File - - 50D38883622D1088B50393A48D5BA2CC
je sais pas si ca viens de ma connexion ou l'affluence sur le site mais il m'est difficile de poster les rapports.
Bonne soirée.
A+
Bonne soirée.
A+