Mon pc tourne au ralenti suite à des virus

diams39 Messages postés 25 Statut Membre -  
 archet9 -
Bonjour,

j'ai chopé plein de virus, qui ralentissent trop le pc.
Je veux éxécuter Hi Jack This mais j'ai vu qu'il ne fallait pas l'utiliser à la légère.
Quelqu'un peut m'aider à s'en servir, car je souhaite savoir si je peux remédier aux problèmes rencontrés sur le pc.

Merci par avance

9 réponses

  1. archet9
     
    Salut,

    Plusieurs soucis....

    * Télécharge USBFIX sur ton bureau (Merci à El Desaparecido/C_XX)

    https://www.ionos.fr/?affiliate_id=77097

    /!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

    - Double-clique sur l'icône Usbfix située sur ton Bureau.
    - Sur la page, clique sur le bouton :

    suppression

    /!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectées sans les ouvrir

    - puis clique sur OK
    - Laisse travailler l'outil.
    - Poste le rapport qui apparaît à la fin.
    le rapport se trouve sur C:\ UsbFix.txt

    ---------------------------------------------

    * Télécharge de AD-Remover sur ton Bureau. (Merci à C_XX)
    http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

    Miroir:

    https://www.androidworld.fr/

    /!\ Ferme toutes applications en cours /!\

    /!\ Désactive provisoirement et seulement le temps de l'utilisation de AD-Remover, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

    - Double-clique sur l'icône Ad-remover située sur ton Bureau.
    - Sur la page, clique sur le bouton « Nettoyer »
    - Confirme lancement du scan
    - Laisse travailler l'outil.
    - Poste le rapport qui apparaît à la fin.

    (Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

    ------------------------------------------------

    Fais un scan avec cet antispyware :
    Malwarebytes + tutoriel

    Tu l'installes; mets le a jour...(onglet mise a jour)
    Click maintenant sur l'onglet recherche et coche la case :
    "Executer un examen rapide".
    Puis click sur "rechercher".
    Laisses le scanner le pc...
    A la fin du scan, clique sur Afficher les résultats
    Si des elements on ete trouvés :
    > click sur supprimer la selection.
    si il t'es demandé de redemarrer > click sur "oui".
    A la fin un rapport va s'ouvrir;
    sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
    Copies et colles le rapport stp.

    1
    1. diams39 Messages postés 25 Statut Membre
       
      Merci pour la procédure.
      Désolé si je mets du temps, mais je suis obligée de faire en fonction de la lenteur du pc.

      Voici le rapport de USB fix :

      Mis à jour le 29/07/10 par El Desaparecido / C_XX
      Lancé à 21:54:20 | 03/07/2010
      Site Web: http://pagesperso-orange.fr/NosTools/index.html
      Contact: FindyKill.Contact@gmail.com

      CPU: Intel(R) Pentium(R) 4 CPU 3.06GHz
      CPU 2: Intel(R) Pentium(R) 4 CPU 3.06GHz
      Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
      Internet Explorer 6.0.2900.5512

      Pare-feu Windows: Activé
      Antivirus: F-Secure Anti-Virus Client Security 6.01 6.01 [(!) Disabled | Updated]
      Firewall: F-Secure Anti-Virus Client Security 6.01 6.01 [Enabled]
      RAM -> 767 Mo
      C:\ (%systemdrive%) -> Disque fixe # 233 Go (195 Go libre(s) - 84%) [ACER] # NTFS
      D:\ -> CD-ROM

      ################## | Éléments infectieux |

      Supprimé! C:\Autorun.inf

      ################## | Registre |


      ################## | Mountpoints2 |

      Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\I
      Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{10c466b6-f6ff-11de-9e52-001921507ee2}
      Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{1e319e72-f605-11de-9e50-001921507ee2}
      Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{42ba5c0e-dd29-11db-95be-806d6172696f}
      Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{8e38eae4-84f1-11dd-9ada-001921507ee2}
      Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ae460ccc-dd2c-11db-95c0-001921507ee2}
      Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{b8e966a6-bb25-11de-9de4-001921507ee2}
      Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{d775ab5c-c9a3-11dc-95ed-001921507ee2}

      ################## | Listing |

      [12/01/2008 - 01:17:35 | D ] C:\404b5454260ec2a07f
      [08/11/2009 - 01:49:25 | D ] C:\8d709468d608080d7fc11d016b71
      [28/03/2007 - 14:52:54 | D ] C:\Acer
      [08/09/2006 - 13:30:24 | A | 50] C:\AUTOEXEC.BAT
      [28/03/2007 - 14:42:54 | RASH | 209] C:\boot.ini
      [10/08/2004 - 22:00:00 | RASH | 4952] C:\Bootfont.bin
      [28/03/2007 - 22:53:01 | AD ] C:\CMPNENTS
      [16/07/2010 - 22:28:13 | SHD ] C:\Config.Msi
      [08/09/2006 - 12:56:46 | A | 0] C:\CONFIG.SYS
      [15/12/2009 - 14:10:14 | A | 0] C:\conmgr.log
      [25/02/2008 - 20:39:04 | D ] C:\Documents and Settings
      [28/03/2007 - 22:58:40 | AD ] C:\dotnetfx
      [07/11/2009 - 14:41:29 | D ] C:\Downloads
      [28/03/2007 - 22:59:24 | D ] C:\drv
      [03/07/2010 - 18:24:12 | A | 184] C:\drwtsn32.log
      [28/03/2007 - 15:13:43 | ASH | 115343872] C:\eDS_PSD_drive.vmdf
      [28/03/2007 - 23:34:45 | AD ] C:\GUIDE
      [16/08/2006 - 00:00:52 | ASH | 804638720] C:\hiberfil.sys
      [28/03/2007 - 23:06:02 | AD ] C:\i386
      [08/09/2006 - 12:56:46 | RASH | 0] C:\IO.SYS
      [16/08/2006 - 01:02:09 | A | 6138] C:\lxcr.log
      [16/08/2006 - 01:01:27 | A | 214] C:\lxcrscan.log
      [16/07/2010 - 22:17:56 | RASH | 3758] C:\MS32DLL.DLL.0BS
      [08/09/2006 - 12:56:46 | RASH | 0] C:\MSDOS.SYS
      [10/08/2004 - 22:00:00 | RASH | 47564] C:\NTDETECT.COM
      [26/10/2008 - 21:02:51 | RASH | 252240] C:\ntldr
      [16/08/2006 - 00:00:48 | ASH | 1207959552] C:\pagefile.sys
      [08/09/2006 - 22:35:20 | RASH | 80] C:\Preload.aaa
      [16/07/2010 - 20:53:57 | RD ] C:\Program Files
      [03/07/2010 - 21:56:54 | SHD ] C:\RECYCLER
      [08/09/2006 - 13:14:04 | A | 499] C:\RHDSetup.log
      [16/04/2008 - 22:14:09 | AH | 268] C:\sqmdata00.sqm
      [16/08/2006 - 01:22:09 | AH | 268] C:\sqmdata01.sqm
      [13/11/2008 - 16:01:07 | AH | 268] C:\sqmdata02.sqm
      [16/08/2006 - 01:08:17 | AH | 268] C:\sqmdata03.sqm
      [16/08/2006 - 01:02:16 | AH | 232] C:\sqmdata04.sqm
      [04/04/2009 - 19:16:48 | AH | 268] C:\sqmdata05.sqm
      [16/04/2008 - 22:14:09 | AH | 244] C:\sqmnoopt00.sqm
      [16/08/2006 - 01:22:09 | AH | 244] C:\sqmnoopt01.sqm
      [13/11/2008 - 16:01:07 | AH | 244] C:\sqmnoopt02.sqm
      [16/08/2006 - 01:08:17 | AH | 244] C:\sqmnoopt03.sqm
      [16/08/2006 - 01:02:16 | AH | 244] C:\sqmnoopt04.sqm
      [04/04/2009 - 19:16:48 | AH | 244] C:\sqmnoopt05.sqm
      [28/03/2007 - 23:11:06 | D ] C:\SYSINFO
      [28/03/2007 - 14:42:57 | SHD ] C:\System Volume Information
      [09/08/2008 - 19:10:19 | D ] C:\Team17
      [03/07/2010 - 21:56:54 | D ] C:\UsbFix
      [03/07/2010 - 21:56:54 | A | 4024] C:\UsbFix.txt
      [28/03/2007 - 23:11:12 | AD ] C:\VALUEADD
      [03/07/2010 - 20:04:44 | AD ] C:\WINDOWS

      ################## | Vaccin |

      C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

      Je procède à Ad remover et fait suivre le rapport....
      0
  2. diams39 Messages postés 25 Statut Membre
     
    Je vous poste le rapport hi jack this pour voir les éventuels problèmes :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:47:33, on 03/07/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\system32\SysMonitor.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
    C:\Program Files\Lexmark 2400 Series\ezprint.exe
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\WINDOWS\system32\UMonit.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRserv.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\lxcrcoms.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\F-Secure\Common\FNRB32.EXE
    C:\Program Files\F-Secure\Common\FIH32.EXE
    C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\Program Files\F-Secure\FSGUI\fsguidll.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Documents and Settings\Panama\Mes documents\Téléchargements\HiJackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2567681
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by Godzilla
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
    R3 - URLSearchHook: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
    O2 - BHO: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [UMonit] C:\WINDOWS\system32\UMonit.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
    O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
    O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: LXCRCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCRserv.exe
    O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    0
  3. archet9
     
    Vu...

    la suite....a+
    0
    1. diams39 Messages postés 25 Statut Membre
       
      Voici le rapport d'Ad remover :

      ======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

      Mis à jour par C_XX le 26/07/10 à 12:00
      Contact: AdRemover.contact[AT]gmail.com
      Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

      C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:02:03 le 03/07/2010, Mode normal

      Microsoft Windows XP Professionnel Service Pack 3 (X86)
      Panama@ACER-DC6C4D74B4 ( )

      ============== ACTION(S) ==============


      0,Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
      0,Fichier supprimé: C:\Documents and Settings\Panama\Application Data\Mozilla\FireFox\Profiles\2d8s6ltm.default\searchplugins\ask.xml
      0,Fichier supprimé: C:\DOCUME~1\Panama\LOCALS~1\Temp\AskInstallChecker.exe
      0,Dossier supprimé: C:\Program Files\AskSearch
      0,Dossier supprimé: C:\Documents and Settings\Panama\Local Settings\Application Data\Conduit
      0,Dossier supprimé: C:\Program Files\Conduit

      (!) -- Fichiers temporaires supprimés.


      -- Fichier ouvert: C:\Documents and Settings\Panama\Application Data\Mozilla\FireFox\Profiles\2d8s6ltm.default\Prefs.js --
      Ligne supprimée: user_pref("CT2567681.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_...
      Ligne supprimée: user_pref("CT2567681.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT256...
      Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://toolbar.ask.com/toolbarv/askRedir...
      Ligne supprimée: user_pref("browser.search.defaultthis.engineName", "Messenger Plus Live France Customized Web Search...
      Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&Sea...
      Ligne supprimée: user_pref("browser.search.selectedEngine", "Messenger Plus Live France Customized Web Search");
      Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2567681&SearchSource=13");
      Ligne supprimée: user_pref("extensions.snipit.askTbInstalled", true);
      Ligne supprimée: user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&...
      Ligne supprimée: user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");
      -- Fichier Fermé --


      0,Clé supprimée: HKLM\Software\Classes\Toolbar.CT2567681
      0,Clé supprimée: HKLM\Software\Conduit
      0,Clé supprimée: HKCU\Software\Conduit
      3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
      3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}

      0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{C94E154B-1459-4A47-966B-4B843BEFC7DB}


      ============== SCAN ADDITIONNEL ==============

      ** Mozilla Firefox Version [3.6.4 (fr)] **

      -- C:\Documents and Settings\Panama\Application Data\Mozilla\FireFox\Profiles\2d8s6ltm.default\Prefs.js --
      browser.download.lastDir, E:\\DCIM\\100NIKON
      browser.search.defaultenginename, Ask
      browser.startup.homepage_override.mstone, rv:1.9.2.4

      ========================================

      ** Internet Explorer Version [6.0.2900.5512] **

      [HKCU\Software\Microsoft\Internet Explorer\Main]
      Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
      Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Do404Search: 0x01000000
      Enable Browser Extensions: yes
      Local Page: C:\WINDOWS\system32\blank.htm
      Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
      Show_ToolBar: yes
      Start Page: hxxp://fr.msn.com/
      Use Search Asst: no

      [HKLM\Software\Microsoft\Internet Explorer\Main]
      Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
      Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Delete_Temp_Files_On_Exit: yes
      Local Page: C:\WINDOWS\system32\blank.htm
      Search bar: hxxp://search.msn.com/spbasic.htm
      Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Start Page: hxxp://fr.msn.com/

      [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
      Tabs: res://ieframe.dll/tabswelcome.htm
      Blank: res://mshtml.dll/blank.htm

      ========================================

      C:\Program Files\Ad-Remover\Quarantine: 8 Fichier(s)
      C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

      C:\Ad-Report-CLEAN[1].txt - 03/07/2010 (4366 Octet(s))

      Fin à: 22:08:05, 03/07/2010

      ============== E.O.F ==============
      0
  4. archet9
     
    okay....
    0
    1. diams39 Messages postés 25 Statut Membre
       
      J'ai pas eu le temps de sauvegarder le rapport de Malwarebytes, de façon à ce que je le retrouve.
      Y'a t-il un moyen de le retrouver ou pas???
      0
    2. diams39 Messages postés 25 Statut Membre
       
      ca y est je l'ai retrouvé :

      Malwarebytes' Anti-Malware 1.46
      www.malwarebytes.org

      Version de la base de données: 4371

      Windows 5.1.2600 Service Pack 3
      Internet Explorer 6.0.2900.5512

      03/07/2010 23:06:14
      mbam-log-2010-07-03 (23-06-14).txt

      Type d'examen: Examen rapide
      Elément(s) analysé(s): 141300
      Temps écoulé: 6 minute(s), 45 seconde(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 0
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 0
      Fichier(s) infecté(s): 1

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      (Aucun élément nuisible détecté)

      Fichier(s) infecté(s):
      C:\Documents and Settings\All Users\Application Data\sysReserve.ini (Malware.Trace) -> Quarantined and deleted successfully.
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. archet9
     
    Ok

    Comment va le pc?

    Relances hijack et colle le rapport stp.

    a+
    0
    1. diams39 Messages postés 25 Statut Membre
       
      Salut,

      Désolé mais pas de changement sur le pc, toujours au ralenti.
      Après avoir fait toutes les manip hier soir, mon antivirus a détecté un nouveau trojan que j'ai pu supprimer.

      Voici le nouveau rapport hi jack this :

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 00:45:44, on 16/08/2006
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\ehome\ehtray.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\WINDOWS\system32\SysMonitor.exe
      C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
      C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
      C:\Program Files\Lexmark 2400 Series\ezprint.exe
      C:\Program Files\F-Secure\Common\FSM32.EXE
      C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam\Quickcam.exe
      C:\WINDOWS\system32\UMonit.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\SuperCopier2\SuperCopier2.exe
      C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
      C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
      C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
      C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
      C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
      C:\Program Files\F-Secure\Common\FSMA32.EXE
      C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
      C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
      C:\Program Files\F-Secure\Common\FSMB32.EXE
      c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Program Files\F-Secure\Common\FCH32.EXE
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRserv.exe
      C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
      C:\Program Files\F-Secure\Common\FAMEH32.EXE
      C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
      C:\WINDOWS\ehome\mcrdsvc.exe
      C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
      C:\WINDOWS\system32\lxcrcoms.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Program Files\F-Secure\Common\FNRB32.EXE
      C:\Program Files\F-Secure\Common\FIH32.EXE
      C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
      C:\WINDOWS\system32\dllhost.exe
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\eHome\ehmsas.exe
      C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
      C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
      C:\Program Files\F-Secure\FSGUI\fsguidll.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Mozilla Firefox\plugin-container.exe
      C:\WINDOWS\system32\msiexec.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\Program Files\Java\jre6\bin\javaw.exe
      C:\WINDOWS\system32\wbem\wmiapsrv.exe
      C:\Documents and Settings\Panama\Mes documents\Téléchargements\HiJackThis.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      R3 - URLSearchHook: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
      O2 - BHO: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
      O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
      O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O3 - Toolbar: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMes1.dll
      O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
      O4 - HKLM\..\Run: [LaunchApp] Alaunch
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
      O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
      O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
      O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
      O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
      O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
      O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
      O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
      O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
      O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
      O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
      O4 - HKLM\..\Run: [UMonit] C:\WINDOWS\system32\UMonit.exe
      O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
      O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: Acer Empowering Technology.lnk = ?
      O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
      O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
      O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.75\AMVConverter\grab.html
      O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.75\MediaManager\grab.html
      O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
      O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
      O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
      O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
      O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
      O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
      O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
      O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
      O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: LXCRCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCRserv.exe
      O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
      O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
      0
  7. archet9
     
    Mets Internet Explorer à jour:

    IE6 ==> IE8

    --------

    ---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    /!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

    ---> Double-clique sur Combofix.exe

    ---> Installe la console de récupération si l'outil te le propose.

    /!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

    En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

    Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

    /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

    Note : Le rapport se trouve également là : C:\ComboFix.txt
    ........
    0
    1. diams39 Messages postés 25 Statut Membre
       
      ok je vais la manip.
      J'ai l'antivirus qui a détecté un nouveau trojan :

      Trojan:VBS/Agent.DJYH

      Est ce que je supprime direct ou pas??
      0
  8. archet9
     
    Oui, c'est sans doute lié a tes supports amovibles..
    0
    1. diams39 Messages postés 25 Statut Membre
       
      je n'arrive pas à envoyer le rapport du combofix ici, a chaque fois que je le valide, ca ne me prend rien en compte
      0
  9. diams39 Messages postés 25 Statut Membre
     
    Internet Explorer mis à jour

    Voici le rapport du combofix (1ere partie)

    ComboFix 10-07-30.04 - Panama 16/08/2006 2:58.1.2 - x86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.767.440 [GMT 2:00]
    Lancé depuis: c:\documents and settings\Panama\Mes documents\Téléchargements\ComboFix.exe
    AV: F-Secure Anti-Virus Client Security 6.01 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
    FW: F-Secure Anti-Virus Client Security 6.01 *enabled* {D4747503-0346-49EB-9262-997542F79BF4}
    .
    Les fichiers ci-dessous ont été désactivés pendant l'exécution:
    c:\program files\SuperCopier2\SC2Hook.dll

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\docume~1\Panama\LOCALS~1\Temp\IadHide5.dll
    c:\documents and settings\Panama\Local Settings\Temp\IadHide5.dll
    c:\windows\system\winspool.drv

    Une copie infectée de c:\windows\system32\msgsvc.dll a été trouvée et désinfectée
    Copie restaurée à partir de - c:\windows\ServicePackFiles\i386\msgsvc.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2006-07-16 au 2006-08-16 ))))))))))))))))))))))))))))))))))))
    .

    2010-07-16 18:53 . 2010-07-16 18:53 -------- d-----w- c:\program files\iPod
    2010-07-16 18:53 . 2010-07-16 18:55 -------- d-----w- c:\program files\iTunes
    2010-07-16 18:53 . 2010-07-16 18:55 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    2010-07-16 18:44 . 2010-07-16 18:45 -------- d-----w- c:\program files\QuickTime
    2010-07-16 18:36 . 2010-07-16 18:36 -------- d-----w- c:\program files\Bonjour
    2010-07-16 18:30 . 2010-07-16 18:30 -------- d-----w- c:\program files\Safari
    2010-07-16 18:21 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
    2010-07-03 20:23 . 2010-07-03 20:23 -------- d-----w- c:\documents and settings\Panama\Application Data\Malwarebytes
    2010-07-03 20:23 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-07-03 20:23 . 2010-07-03 20:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2010-07-03 20:23 . 2010-07-03 20:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-07-03 20:23 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-07-03 20:02 . 2010-07-03 20:07 -------- d-----w- c:\program files\Ad-Remover
    2010-07-03 19:56 . 2010-07-03 19:56 2594 ----a-w- C:\UsbFix_Upload_Me_ACER-DC6C4D74B4.zip
    2010-07-03 19:53 . 2010-07-03 19:56 -------- d-----w- C:\UsbFix
    2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
    2010-05-18 14:35 . 2010-05-18 14:35 197920 ----a-w- c:\windows\system32\dnssdX.dll
    2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
    2010-04-29 11:33 . 2010-07-03 19:57 -------- d-----w- c:\documents and settings\Panama\Local Settings\Application Data\Messenger_Plus_Live_France
    2010-04-29 11:33 . 2010-07-03 19:57 -------- d-----w- c:\program files\Messenger_Plus_Live_France
    2010-04-20 05:30 . 2010-04-20 05:30 285696 -c----w- c:\windows\system32\dllcache\atmfd.dll
    2010-03-30 22:16 . 2010-03-30 22:16 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2010-03-30 22:10 . 2010-03-30 22:10 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2010-03-10 04:41 . 2010-04-16 16:07 1025536 -c----w- c:\windows\system32\dllcache\browseui.dll
    2010-03-05 14:38 . 2010-03-05 14:38 65536 -c----w- c:\windows\system32\dllcache\asycfilt.dll
    2010-02-26 05:42 . 2009-03-08 02:31 183808 -c--a-w- c:\windows\system32\dllcache\iepeers.dll
    2010-02-12 04:34 . 2010-02-12 04:34 100864 -c----w- c:\windows\system32\dllcache\6to4svc.dll
    2010-01-13 16:46 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
    2010-01-13 14:01 . 2010-01-13 14:01 87040 -c----w- c:\windows\system32\dllcache\cabview.dll
    2010-01-01 20:21 . 2010-01-01 20:21 -------- d-----w- c:\documents and settings\All Users\Application Data\TomTom
    2010-01-01 20:20 . 2010-01-01 20:20 -------- d-----w- c:\documents and settings\Panama\Local Settings\Application Data\TomTom
    2010-01-01 20:20 . 2010-01-01 20:20 -------- d-----w- c:\documents and settings\Panama\Application Data\TomTom
    2010-01-01 20:20 . 2010-01-01 20:20 -------- d-----w- c:\program files\TomTom International B.V
    2010-01-01 20:19 . 2010-01-01 20:19 -------- d-----w- c:\program files\TomTom HOME 2
    2009-12-24 07:00 . 2009-12-24 07:00 177664 -c----w- c:\windows\system32\dllcache\wintrust.dll
    2009-12-17 07:41 . 2009-12-17 07:41 347648 -c----w- c:\windows\system32\dllcache\mspaint.exe
    2009-12-14 07:09 . 2009-12-14 07:09 33280 -c----w- c:\windows\system32\dllcache\csrsrv.dll
    2009-12-08 09:24 . 2009-12-08 09:24 474624 -c----w- c:\windows\system32\dllcache\shlwapi.dll
    2009-11-27 17:13 . 2009-11-27 17:13 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
    2009-11-27 16:08 . 2009-11-27 16:08 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
    2009-11-27 16:08 . 2009-11-27 16:08 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
    2009-11-07 23:49 . 2009-11-07 23:49 -------- d-----w- c:\windows\system32\XPSViewer
    2009-11-07 23:49 . 2009-11-07 23:49 -------- d-----w- c:\program files\MSBuild
    2009-11-07 23:49 . 2009-11-07 23:49 -------- d-----w- c:\program files\Reference Assemblies
    2009-11-07 23:49 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2009-11-07 23:48 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2009-11-07 23:48 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
    2009-11-07 23:48 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2009-11-07 23:48 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2009-11-07 23:48 . 2009-11-07 23:49 -------- d-----w- C:\8d709468d608080d7fc11d016b71
    2009-11-07 23:48 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2009-11-07 23:48 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2009-11-07 23:48 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2009-11-07 23:48 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2009-11-06 23:07 . 2009-11-06 23:07 49488 ----a-w- c:\windows\system32\netfxperf.dll
    2009-11-06 23:07 . 2009-11-06 23:07 297808 ----a-w- c:\windows\system32\mscoree.dll
    2009-11-06 23:06 . 2009-11-06 23:06 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2009-11-06 11:40 . 2006-08-16 01:08 -------- d-----w- c:\documents and settings\Panama\Tracing
    2009-11-06 11:37 . 2006-08-16 00:45 -------- d-----w- c:\program files\Microsoft Silverlight
    2009-11-06 11:37 . 2009-08-05 21:48 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
    2009-11-06 11:32 . 2009-11-06 11:32 -------- d-----w- c:\program files\Microsoft Sync Framework
    2009-11-06 11:29 . 2009-11-06 11:29 -------- d-----w- c:\program files\Microsoft
    2009-11-06 11:29 . 2009-11-06 11:29 -------- d-----w- c:\program files\Windows Live SkyDrive
    2009-10-21 05:39 . 2009-10-21 05:39 75776 -c----w- c:\windows\system32\dllcache\strmfilt.dll
    2009-10-21 05:39 . 2009-10-21 05:39 25088 -c----w- c:\windows\system32\dllcache\httpapi.dll
    2009-10-20 16:20 . 2009-10-20 16:20 265728 -c----w- c:\windows\system32\dllcache\http.sys
    2009-10-13 10:33 . 2009-10-13 10:33 271360 -c----w- c:\windows\system32\dllcache\oakley.dll
    2009-10-12 13:39 . 2009-10-12 13:39 79872 -c----w- c:\windows\system32\dllcache\raschap.dll
    2009-10-12 13:39 . 2009-10-12 13:39 150528 -c----w- c:\windows\system32\dllcache\rastls.dll
    2009-09-21 17:01 . 2007-06-18 09:40 200704 ----a-w- c:\windows\system32\UMonit.exe
    2009-09-21 17:01 . 2007-05-09 12:34 176128 ----a-w- c:\windows\system32\ustor.dll
    2009-09-21 17:01 . 2007-03-21 17:03 139264 ----a-w- c:\windows\system32\GeneIcon.dll
    2009-09-21 17:01 . 2006-05-18 15:58 309760 ----a-w- c:\windows\system32\DIFxAPI.dll
    2009-09-21 16:53 . 2009-09-21 17:29 19572 ----a-w- c:\windows\system32\drivers\FNETDEVI.SYS
    2009-09-21 16:53 . 2009-09-21 17:29 -------- d-----w- c:\program files\FAT32 Format
    2009-09-10 14:45 . 2009-09-10 14:45 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
    2009-09-09 15:09 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
    2009-09-04 21:04 . 2009-09-04 21:04 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
    2009-08-13 10:10 . 2010-01-29 15:00 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
    2009-08-05 09:00 . 2009-08-05 09:00 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
    2009-07-26 15:44 . 2009-07-26 15:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
    2009-07-20 23:05 . 2009-07-20 23:05 1348432 ----a-w- c:\windows\system32\msxml4.dll
    2009-07-17 19:03 . 2009-07-17 19:03 58880 -c----w- c:\windows\system32\dllcache\atl.dll
    2009-07-17 16:16 . 2009-07-17 16:16 1440768 -c----w- c:\windows\system32\dllcache\query.dll
    2009-07-10 12:01 . 2009-07-10 12:01 307560 ----a-w- c:\windows\WLXPGSS.SCR
    2009-06-25 08:26 . 2009-09-11 14:18 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
    2009-06-25 08:26 . 2009-06-25 08:26 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
    2009-06-25 08:26 . 2009-06-25 08:26 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
    2009-06-24 11:18 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
    2009-06-18 15:30 . 2001-08-23 15:47 5632 ----a-w- c:\windows\system32\ptpusb.dll
    2009-06-18 15:30 . 2008-04-14 01:33 159232 ----a-w- c:\windows\system32\ptpusd.dll
    2009-06-17 10:38 . 2009-12-01 16:52 -------- d-----w- c:\documents and settings\Panama\Application Data\Apple Computer
    2009-06-17 10:37 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2009-06-17 10:37 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
    2009-06-17 10:37 . 2009-06-17 10:37 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-06-17 10:35 . 2009-06-17 10:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
    2009-06-17 10:35 . 2009-06-17 10:35 -------- d-----w- c:\documents and settings\Panama\Local Settings\Application Data\Apple
    2009-06-17 10:35 . 2009-06-17 10:35 -------- d-----w- c:\program files\Apple Software Update
    2009-06-17 10:35 . 2010-04-19 18:47 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll
    2009-06-17 10:35 . 2010-04-19 18:47 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
    2009-06-17 10:34 . 2010-07-16 18:53 -------- d-----w- c:\program files\Fichiers communs\Apple
    2009-06-17 10:34 . 2009-06-17 10:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
    2009-06-17 10:33 . 2009-06-17 10:38 -------- d-----w- c:\documents and settings\Panama\Local Settings\Application Data\Apple Computer
    2009-06-16 14:40 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
    2009-06-16 14:40 . 2009-10-15 16:32 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
    2009-06-15 10:44 . 2009-06-15 10:44 78848 -c----w- c:\windows\system32\dllcache\telnet.exe
    2009-06-15 10:44 . 2009-06-15 10:44 82944 -c----w- c:\windows\system32\dllcache\tlntsess.exe
    2009-06-10 14:14 . 2009-11-27 16:08 85504 -c----w- c:\windows\system32\dllcache\avifil32.dll
    2009-06-10 06:15 . 2009-06-10 06:15 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll
    2009-05-07 15:33 . 2009-05-07 15:33 348672 -c----w- c:\windows\system32\dllcache\localspl.dll
    2009-04-29 11:11 . 2009-11-07 12:41 -------- d-----w- C:\Downloads
    2009-04-29 11:09 . 2009-11-18 16:40 -------- d-----w- c:\program files\BitComet
    2009-04-15 14:53 . 2009-04-15 14:53 585216 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
    2009-04-15 10:09 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
    2009-04-15 10:09 . 2009-03-06 14:20 286720 -c----w- c:\windows\system32\dllcache\pdh.dll
    2009-04-15 10:09 . 2009-02-09 11:23 111104 -c----w- c:\windows\system32\dllcache\services.exe
    2009-04-15 10:09 . 2009-02-09 10:53 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
    2009-04-15 10:09 . 2009-06-25 08:26 736768 -c----w- c:\windows\system32\dllcache\lsasrv.dll
    2009-04-15 10:09 . 2009-02-09 10:53 685568 -c----w- c:\windows\system32\dllcache\advapi32.dll
    2009-04-15 10:09 . 2009-02-09 10:53 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
    2009-04-15 10:09 . 2009-02-09 10:53 739840 -c----w- c:\windows\system32\dllcache\ntdll.dll
    2009-04-15 10:09 . 2009-02-09 10:53 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
    2009-04-15 10:09 . 2009-08-25 09:18 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll
    2009-04-15 10:08 . 2008-04-21 21:15 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
    2009-03-21 14:07 . 2009-03-21 14:07 1054720 -c----w- c:\windows\system32\dllcache\kernel32.dll

    .
    0
    1. diams39 Messages postés 25 Statut Membre
       
      2 ème partie du rapport :

      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2010-07-16 18:32 . 2010-07-16 18:32 72504 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
      2010-07-16 18:26 . 2010-07-16 18:26 71992 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
      2010-07-03 16:19 . 2006-09-08 11:17 85744 ----a-w- c:\windows\system32\perfc00C.dat
      2010-07-03 16:19 . 2006-09-08 11:17 512206 ----a-w- c:\windows\system32\perfh00C.dat
      2010-06-14 14:31 . 2004-08-10 20:00 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
      2010-05-02 08:08 . 2005-10-06 03:08 1851392 ----a-w- c:\windows\system32\win32k.sys
      2010-04-20 05:30 . 2004-08-10 20:00 285696 ----a-w- c:\windows\system32\atmfd.dll
      2010-03-17 08:08 . 2010-04-29 11:33 101376 ----a-w- c:\documents and settings\Panama\Application Data\Mozilla\Firefox\Profiles\2d8s6ltm.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}\components\RadioWMPCore.dll
      2010-03-17 08:08 . 2010-04-29 11:33 52224 ----a-w- c:\documents and settings\Panama\Application Data\Mozilla\Firefox\Profiles\2d8s6ltm.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}\components\FFExternalAlert.dll
      2010-03-05 14:38 . 2004-08-10 20:00 65536 ----a-w- c:\windows\system32\asycfilt.dll
      2010-02-24 13:11 . 2005-01-19 04:26 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
      2010-02-16 19:06 . 2005-09-29 18:28 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
      2010-02-16 19:06 . 2005-09-29 18:28 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2010-02-12 10:03 . 2006-08-15 23:04 293376 ------w- c:\windows\system32\browserchoice.exe
      2010-02-12 04:34 . 2004-08-10 20:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
      2010-02-11 12:02 . 2004-08-10 20:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
      2010-02-05 18:26 . 2005-08-30 04:16 1297920 ----a-w- c:\windows\system32\quartz.dll
      2010-01-29 15:00 . 2006-03-17 09:11 691712 ----a-w- c:\windows\system32\inetcomm.dll
      2010-01-13 14:01 . 2004-08-10 20:00 87040 ----a-w- c:\windows\system32\cabview.dll
      2009-12-31 16:50 . 2005-05-10 00:17 353792 ----a-w- c:\windows\system32\drivers\srv.sys
      2009-12-24 07:00 . 2004-08-10 20:00 177664 ----a-w- c:\windows\system32\wintrust.dll
      2009-12-17 07:41 . 2004-08-10 20:00 347648 ----a-w- c:\windows\system32\mspaint.exe
      2009-12-14 07:09 . 2004-08-10 20:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
      2009-11-27 17:13 . 2004-08-10 20:00 17920 ----a-w- c:\windows\system32\msyuv.dll
      2009-11-27 16:08 . 2004-08-10 20:00 8704 ----a-w- c:\windows\system32\tsbyuv.dll
      2009-11-27 16:08 . 2004-08-10 20:00 85504 ----a-w- c:\windows\system32\avifil32.dll
      2009-11-27 16:08 . 2004-08-10 20:00 48128 ----a-w- c:\windows\system32\iyuv_32.dll
      2009-11-27 16:08 . 2004-08-10 20:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
      2009-11-27 16:08 . 2004-08-10 20:00 11264 ----a-w- c:\windows\system32\msrle32.dll
      2009-11-21 15:58 . 2004-08-10 20:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
      2009-10-21 05:39 . 2004-08-10 20:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
      2009-10-21 05:39 . 2004-08-10 20:00 25088 ----a-w- c:\windows\system32\httpapi.dll
      2009-10-20 16:20 . 2004-08-10 20:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
      2009-10-15 16:32 . 2005-10-17 21:21 81920 ----a-w- c:\windows\system32\fontsub.dll
      2009-10-15 16:32 . 2005-10-17 21:21 119808 ----a-w- c:\windows\system32\t2embed.dll
      2009-10-13 10:33 . 2004-08-10 20:00 271360 ----a-w- c:\windows\system32\oakley.dll
      2009-10-12 13:39 . 2004-08-10 20:00 79872 ----a-w- c:\windows\system32\raschap.dll
      2009-10-12 13:39 . 2004-08-10 20:00 150528 ----a-w- c:\windows\system32\rastls.dll
      2009-09-21 17:01 . 2006-09-08 11:31 -------- d--h--w- c:\program files\InstallShield Installation Information
      2009-09-11 14:18 . 2004-08-10 20:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
      2009-09-04 21:04 . 2004-08-10 20:00 58880 ----a-w- c:\windows\system32\msasn1.dll
      2009-08-26 08:01 . 2004-08-10 20:00 247326 ----a-w- c:\windows\system32\strmdll.dll
      2009-08-25 09:18 . 2004-08-10 20:00 354816 ----a-w- c:\windows\system32\winhttp.dll
      2009-08-06 17:24 . 2004-08-10 20:00 327896 ----a-w- c:\windows\system32\wucltui.dll
      2009-08-06 17:24 . 2004-08-10 20:00 209632 ----a-w- c:\windows\system32\wuweb.dll
      2009-08-06 17:24 . 2004-08-10 20:00 35552 ----a-w- c:\windows\system32\wups.dll
      2009-08-06 17:24 . 2004-08-10 20:00 53472 ----a-w- c:\windows\system32\wuauclt.exe
      2009-08-06 17:24 . 2004-08-10 20:00 96480 ----a-w- c:\windows\system32\cdm.dll
      2009-08-06 17:23 . 2004-08-10 20:00 575704 ----a-w- c:\windows\system32\wuapi.dll
      2009-08-06 17:23 . 2004-08-10 20:00 1929952 ----a-w- c:\windows\system32\wuaueng.dll
      2009-08-05 09:00 . 2004-08-10 20:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
      2009-07-31 09:03 . 2008-10-25 09:53 1372672 ----a-w- c:\windows\system32\msxml6.dll
      2009-07-31 04:33 . 2004-08-10 20:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
      2009-07-17 19:03 . 2004-08-10 20:00 58880 ----a-w- c:\windows\system32\atl.dll
      2009-07-17 16:16 . 2004-08-10 20:00 1440768 ----a-w- c:\windows\system32\query.dll
      2009-07-13 21:43 . 2004-08-10 20:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
      2009-06-25 08:26 . 2004-10-28 01:24 736768 ----a-w- c:\windows\system32\lsasrv.dll
      2009-06-25 08:26 . 2004-08-10 20:00 56832 ----a-w- c:\windows\system32\secur32.dll
      2009-06-25 08:26 . 2004-08-10 20:00 54272 ----a-w- c:\windows\system32\wdigest.dll
      2009-06-25 08:26 . 2004-08-10 20:00 147456 ----a-w- c:\windows\system32\schannel.dll
      2009-06-25 08:26 . 2005-06-15 17:50 301568 ----a-w- c:\windows\system32\kerberos.dll
      2009-06-24 11:18 . 2004-08-10 20:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
      2009-06-15 10:44 . 2005-05-11 02:30 78848 ----a-w- c:\windows\system32\telnet.exe
      2009-06-15 10:44 . 2004-08-10 20:00 82944 ----a-w- c:\windows\system32\tlntsess.exe
      2009-06-10 07:21 . 2004-08-10 20:00 2066432 ----a-w- c:\windows\system32\mstscax.dll
      2009-06-10 06:15 . 2004-08-10 20:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
      2009-05-18 11:17 . 2009-05-18 11:17 26600 ----a-w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspiWDM.sys
      2009-05-07 15:33 . 2004-08-10 20:00 348672 ----a-w- c:\windows\system32\localspl.dll
      2009-04-29 11:09 . 2009-04-29 11:09 1048576 ----a-w- c:\documents and settings\Panama\Application Data\Mozilla\Firefox\Profiles\2d8s6ltm.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
      2009-04-15 14:53 . 2004-08-10 20:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
      2009-04-01 21:02 . 2005-08-03 16:29 604160 ----a-w- c:\windows\system32\wmspdmod.dll
      2009-03-08 02:34 . 2006-03-04 04:00 914944 ----a-w- c:\windows\system32\wininet.dll
      2009-03-08 02:34 . 2004-08-10 20:00 43008 ----a-w- c:\windows\system32\licmgr10.dll
      2009-03-08 02:33 . 2004-08-10 20:00 18944 ----a-w- c:\windows\system32\corpol.dll
      2009-03-08 02:33 . 2004-08-10 20:00 420352 ----a-w- c:\windows\system32\vbscript.dll
      2009-03-08 02:32 . 2004-08-10 20:00 72704 ----a-w- c:\windows\system32\admparse.dll
      2009-03-08 02:32 . 2004-08-10 20:00 71680 ----a-w- c:\windows\system32\iesetup.dll
      2009-03-08 02:31 . 2004-08-10 20:00 34816 ----a-w- c:\windows\system32\imgutil.dll
      2009-03-08 02:31 . 2004-08-10 20:00 48128 ----a-w- c:\windows\system32\mshtmler.dll
      2009-03-08 02:31 . 2004-08-10 20:00 45568 ----a-w- c:\windows\system32\mshta.exe
      2009-03-08 02:22 . 2004-08-10 20:00 156160 ----a-w- c:\windows\system32\msls31.dll
      2009-03-06 14:20 . 2004-08-10 20:00 286720 ----a-w- c:\windows\system32\pdh.dll
      2009-02-09 11:23 . 2004-08-10 20:00 111104 ----a-w- c:\windows\system32\services.exe
      2009-02-09 10:53 . 2005-07-26 04:40 401408 ----a-w- c:\windows\system32\rpcss.dll
      2009-02-09 10:53 . 2004-08-10 20:00 739840 ----a-w- c:\windows\system32\ntdll.dll
      2009-02-09 10:53 . 2004-08-10 20:00 685568 ----a-w- c:\windows\system32\advapi32.dll
      2009-02-09 10:53 . 2004-08-10 20:00 473600 ----a-w- c:\windows\system32\wbem\fastprox.dll
      2009-02-09 10:53 . 2004-08-10 20:00 453120 ----a-w- c:\windows\system32\wbem\wmiprvsd.dll
      2009-02-06 10:39 . 2004-08-10 20:00 35328 ----a-w- c:\windows\system32\sc.exe
      2009-02-06 10:10 . 2004-08-10 20:00 227840 ----a-w- c:\windows\system32\wbem\wmiprvse.exe
      2009-02-04 11:56 . 2009-02-04 11:56 75112 ----a-w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
      2009-01-07 16:21 . 2005-06-28 07:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
      2008-10-26 19:11 . 2006-09-08 11:24 86815 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
      2008-10-23 12:36 . 2005-12-29 02:56 286720 ----a-w- c:\windows\system32\gdi32.dll
      2008-09-05 12:46 . 2008-09-05 12:41 19900192 ----a-w- c:\documents and settings\Panama\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_en_US.exe
      2008-08-14 10:04 . 2004-08-10 20:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
      2008-07-27 02:30 . 2008-01-05 16:00 -------- d-----w- c:\program files\DivX
      2008-07-07 20:28 . 2005-07-26 04:39 253952 ----a-w- c:\windows\system32\es.dll
      2008-06-24 16:44 . 2005-06-29 01:49 74240 ----a-w- c:\windows\system32\mscms.dll
      2008-06-24 16:12 . 2006-10-18 20:47 295936 ------w- c:\windows\system32\wmpeffects.dll
      .

      ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
      REGEDIT4

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
      "{59994074-c06d-4a75-9768-49e5a8c21264}"= "c:\program files\Messenger_Plus_Live_France\tbMes1.dll" [2010-07-03 2734688]

      [HKEY_CLASSES_ROOT\clsid\{59994074-c06d-4a75-9768-49e5a8c21264}]

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{59994074-c06d-4a75-9768-49e5a8c21264}]
      2010-07-03 20:00 2734688 ----a-w- c:\program files\Messenger_Plus_Live_France\tbMes1.dll

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      "{59994074-c06d-4a75-9768-49e5a8c21264}"= "c:\program files\Messenger_Plus_Live_France\tbMes1.dll" [2010-07-03 2734688]

      [HKEY_CLASSES_ROOT\clsid\{59994074-c06d-4a75-9768-49e5a8c21264}]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
      "{59994074-C06D-4A75-9768-49E5A8C21264}"= "c:\program files\Messenger_Plus_Live_France\tbMes1.dll" [2010-07-03 2734688]

      [HKEY_CLASSES_ROOT\clsid\{59994074-c06d-4a75-9768-49e5a8c21264}]

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
      "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672]
      "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]
      "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "LaunchApp"="Alaunch" [X]
      "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
      "RTHDCPL"="RTHDCPL.EXE" [2006-06-01 16208384]
      "SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
      "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
      "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
      "IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-10 44032]
      "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
      "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
      "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
      "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]
      "Acer Empowering Technology Monitor"="c:\windows\system32\SysMonitor.exe" [2006-04-18 49152]
      "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088]
      "lxcrmon.exe"="c:\program files\Lexmark 2400 Series\lxcrmon.exe" [2006-01-22 286720]
      "EzPrint"="c:\program files\Lexmark 2400 Series\ezprint.exe" [2006-02-07 98304]
      "FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2006-02-02 290816]
      "LXCRCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2005-12-01 65536]
      "F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2005-10-26 122929]
      "F-Secure TNB"="c:\program files\F-Secure\TNB\TNBUtil.exe" [2004-05-27 684032]
      "LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
      "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
      "UMonit"="c:\windows\system32\UMonit.exe" [2007-06-18 200704]
      "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
      "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

      c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
      Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2007-3-28 45056]
      Acer WLAN 11g USB Dongle.lnk - c:\program files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 745472]
      Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
      F-Secure Automatic Update.lnk - c:\program files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe [2007-4-13 32807]
      Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
      @="Service"

      [HKEY_LOCAL_MACHINE\software\microsoft\security center]
      "AntiVirusOverride"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "c:\\Program Files\\Messenger\\msmsgs.exe"=
      "c:\\Program Files\\F-Secure\\BackWeb\\7681197\\program\\F-Secure Automatic Update.exe"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
      "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
      "c:\\Program Files\\iTunes\\iTunes.exe"=
      "c:\\Program Files\\BitComet\\BitComet.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "7262:TCP"= 7262:TCP:*:Disabled:BitComet 7262 TCP
      "7262:UDP"= 7262:UDP:*:Disabled:BitComet 7262 UDP

      R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [13/04/2007 17:30 70896]
      R1 FNETDEVI;FNETDEVI;c:\windows\system32\drivers\FNETDEVI.SYS [21/09/2009 18:53 19572]
      R2 BackWeb Plug-in - 7681197;F-Secure Automatic Update;c:\progra~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE [13/04/2007 17:30 32807]
      R2 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure\Anti-Virus\win2k\FSfilter.sys [13/04/2007 17:30 48816]
      R2 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\win2k\fsgk.sys [13/04/2007 17:30 48256]
      R2 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure\Anti-Virus\win2k\FSrec.sys [13/04/2007 17:30 16720]
      R2 LXCRCustomerConnect;LXCRCustomerConnect;c:\windows\system32\spool\drivers\w32x86\3\lxcrserv.exe [12/04/2007 22:05 61440]
      R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13/11/2009 13:31 92008]
      0
    2. diams39 Messages postés 25 Statut Membre
       
      3eme partie (je suis désolé mais y'a qu'en coupant le rapport en plusieiurs parties que je peux l'envoyer)

      --- Autres Services/Pilotes en mémoire ---

      *Deregistered* - mchInjDrv
      .
      Contenu du dossier 'Tâches planifiées'

      2009-11-12 c:\windows\Tasks\AppleSoftwareUpdate.job
      - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
      .
      .
      ------- Examen supplémentaire -------
      .
      uStart Page = hxxp://www.01net.com/
      uInternet Connection Wizard,ShellNext = iexplore
      uInternet Settings,ProxyOverride = <local>
      IE: &Block this popup - c:\program files\F-Secure\Anti-Spyware\blockpopups.htm
      IE: Add to AMV Convert Tool... - c:\program files\MP3 Player Utilities 3.75\AMVConverter\grab.html
      IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 3.75\MediaManager\grab.html
      IE: Tout télécharger avec BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
      IE: Télécharger avec BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
      IE: Télécharger toutes les vidéos avec BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
      LSP: c:\program files\F-Secure\FSPS\program\FSLSP.DLL
      FF - ProfilePath - c:\documents and settings\Panama\Application Data\Mozilla\Firefox\Profiles\2d8s6ltm.default\
      FF - component: c:\documents and settings\Panama\Application Data\Mozilla\Firefox\Profiles\2d8s6ltm.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}\components\FFExternalAlert.dll
      FF - component: c:\documents and settings\Panama\Application Data\Mozilla\Firefox\Profiles\2d8s6ltm.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}\components\RadioWMPCore.dll
      FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
      FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
      FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
      FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

      ---- PARAMETRES FIREFOX ----
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 10);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
      .

      **************************************************************************

      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2006-08-16 03:08
      Windows 5.1.2600 Service Pack 3 NTFS

      Recherche de processus cachés ...

      Recherche d'éléments en démarrage automatique cachés ...

      HKLM\Software\Microsoft\Windows\CurrentVersion\Run
      LXCRCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
      UMonit = c:\windows\system32\UMonit.exe?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

      Recherche de fichiers cachés ...

      Scan terminé avec succès
      Fichiers cachés: 0

      **************************************************************************

      [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv]
      "ImagePath"="\??\c:\docume~1\Panama\LOCALS~1\Temp\mc21.tmp"
      .
      --------------------- DLLs chargées dans les processus actifs ---------------------

      - - - - - - - > 'winlogon.exe'(808)
      c:\windows\system32\Ati2evxx.dll

      - - - - - - - > 'lsass.exe'(868)
      c:\program files\F-Secure\FSPS\program\FSLSP.DLL

      - - - - - - - > 'explorer.exe'(5936)
      c:\program files\SuperCopier2\SC2Hook.dll
      c:\windows\system32\MSNCHATHOOK.DLL
      c:\windows\system32\sysenv.dll
      c:\windows\system32\CryptoAPI.dll
      c:\windows\system32\MFC71U.DLL
      c:\windows\system32\ieframe.dll
      c:\windows\system32\eappprxy.dll
      c:\windows\system32\webcheck.dll
      c:\windows\system32\WPDShServiceObj.dll
      c:\windows\system32\PortableDeviceTypes.dll
      c:\windows\system32\PortableDeviceApi.dll
      .
      ------------------------ Autres processus actifs ------------------------
      .
      c:\windows\system32\Ati2evxx.exe
      c:\windows\system32\Ati2evxx.exe
      c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
      c:\acer\Empowering Technology\ePerformance\MemCheck.exe
      c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      c:\program files\Bonjour\mDNSResponder.exe
      c:\windows\eHome\ehRecvr.exe
      c:\windows\eHome\ehSched.exe
      c:\program files\F-Secure\Anti-Virus\fsgk32st.exe
      c:\program files\F-Secure\Anti-Virus\FSGK32.EXE
      c:\program files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
      c:\program files\F-Secure\Common\FSMA32.EXE
      c:\program files\F-Secure\Anti-Virus\fssm32.exe
      c:\program files\F-Secure\Common\FSMB32.EXE
      c:\program files\Java\jre6\bin\jqs.exe
      c:\windows\RTHDCPL.EXE
      c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
      c:\program files\F-Secure\Common\FCH32.EXE
      c:\program files\F-Secure\Common\FAMEH32.EXE
      c:\program files\F-Secure\Anti-Virus\fsqh.exe
      c:\program files\F-Secure\Anti-Virus\fsrw.exe
      c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      c:\windows\ehome\mcrdsvc.exe
      c:\program files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
      c:\program files\F-Secure\Common\FNRB32.EXE
      c:\program files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      c:\program files\F-Secure\Common\FIH32.EXE
      c:\program files\F-Secure\FWES\Program\fsdfwd.exe
      c:\windows\system32\lxcrcoms.exe
      c:\program files\iPod\bin\iPodService.exe
      c:\windows\system32\dllhost.exe
      c:\windows\eHome\ehmsas.exe
      c:\windows\system32\wbem\wmiapsrv.exe
      c:\program files\F-Secure\Anti-Virus\fsav32.exe
      c:\progra~1\F-Secure\ANTI-S~1\fsaw.exe
      c:\program files\F-Secure\FSGUI\fsguidll.exe
      .
      **************************************************************************
      .
      Heure de fin: 2006-08-16 03:16:58 - La machine a redémarré
      ComboFix-quarantined-files.txt 2006-08-16 01:16

      Avant-CF: 209 463 193 600 octets libres
      Après-CF: 209 620 156 416 octets libres

      WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
      [boot loader]
      timeout=2
      default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
      [operating systems]
      c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
      multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

      - - End Of File - - 1817B4E17EBC25508EB2C588B500DF27
      0
  10. archet9
     
    Fais maintenant un scan Bitdefender en ligne:
    http://www.bitdefender.fr/scanner/online/free.html

    a+
    0