Problème de virus
Résolu
Utilisateur anonyme
-
totobetourne Messages postés 5677 Statut Membre -
totobetourne Messages postés 5677 Statut Membre -
Bonjour,
hier soir mon pc a bug et ma mi 1 page bleue j ais redémarrer et peut après la même chose aider moi jsuis novice merci
hier soir mon pc a bug et ma mi 1 page bleue j ais redémarrer et peut après la même chose aider moi jsuis novice merci
A voir également:
- Problème de virus
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
23 réponses
Bonsoir,
Il est où le rapport Kaspersky qu ej e te demandais ici : http://www.commentcamarche.net/forum/affich 7388603 probleme de virus#46
?
A+
Il est où le rapport Kaspersky qu ej e te demandais ici : http://www.commentcamarche.net/forum/affich 7388603 probleme de virus#46
?
A+
Bonsoir,
bravo.
> Fais un scan en ligne avec Kaspersky : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
N.B. : Le scan ne marche que sous Internet Explorer.
- Commence par connecter tout ton matériel de stockage à ton PC (clés USB, DD amovible...) si possible. Allume les si necessaire.
- Sous Démonstration en ligne, on t'explique la marche à suivre, et pour lancer le scan il faut sélectionner < Exécuter l'analyse en ligne >.
- On va te demander de télécharger un contrôle active x, accepte .
- Dans le menu < Choisissez la cible de l'analyse >, sélectionne < Poste de travail >. Le scan va commencer.
- Poste le rapport qui sera généré.
S'il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme décrit sur ce lien : http://www.inoculer.com/activex.php3
Rappel : le scan est à faire sous Internet Explorer
Tuto ici si problème : http://www.vista-xp.fr/forum/topic109.html
A+
bravo.
> Fais un scan en ligne avec Kaspersky : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
N.B. : Le scan ne marche que sous Internet Explorer.
- Commence par connecter tout ton matériel de stockage à ton PC (clés USB, DD amovible...) si possible. Allume les si necessaire.
- Sous Démonstration en ligne, on t'explique la marche à suivre, et pour lancer le scan il faut sélectionner < Exécuter l'analyse en ligne >.
- On va te demander de télécharger un contrôle active x, accepte .
- Dans le menu < Choisissez la cible de l'analyse >, sélectionne < Poste de travail >. Le scan va commencer.
- Poste le rapport qui sera généré.
S'il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme décrit sur ce lien : http://www.inoculer.com/activex.php3
Rappel : le scan est à faire sous Internet Explorer
Tuto ici si problème : http://www.vista-xp.fr/forum/topic109.html
A+
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:29:42, on 28/07/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Hotkey Utility\tray.exe
C:\Program Files\Power Manager\PM.exe
C:\Program Files\Light Sensor Utility\Sensor.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/portail/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe
O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [Silent Mode] C:\Program Files\Light Sensor Utility\Sensor.exe
O4 - HKLM\..\Run: [recinfo706] c:\RecInfo\RecInfo.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Scan saved at 17:29:42, on 28/07/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Hotkey Utility\tray.exe
C:\Program Files\Power Manager\PM.exe
C:\Program Files\Light Sensor Utility\Sensor.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/portail/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe
O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [Silent Mode] C:\Program Files\Light Sensor Utility\Sensor.exe
O4 - HKLM\..\Run: [recinfo706] c:\RecInfo\RecInfo.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
colle le rapport d'un scan en ligne.cela se fait avec internet explorer et il faut acepter un active x pour que le scan puisse s effectuer.
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
Scan saved at 01:11:57, on 27/07/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Hotkey Utility\tray.exe
C:\Program Files\Power Manager\PM.exe
C:\Program Files\Light Sensor Utility\Sensor.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/portail/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe
O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [Silent Mode] C:\Program Files\Light Sensor Utility\Sensor.exe
O4 - HKLM\..\Run: [recinfo706] c:\RecInfo\RecInfo.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (no file)
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1245 [GMT 2:00]
Endroit: C:\Users\pierre\Downloads\ComboFix.exe
* Création d'un nouveau point de restauration
.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-26 to 2008-07-26 ))))))))))))))))))))))))))))))))))))
.
2008-07-22 20:16 . 2008-07-27 00:37 <REP> d-------- C:\Program Files\WinClamAVShield
2008-07-22 20:14 . 2008-07-26 12:16 <REP> d-------- C:\Users\All Users\Spyware Terminator
2008-07-22 20:14 . 2008-07-26 12:16 <REP> d-------- C:\ProgramData\Spyware Terminator
2008-07-22 20:14 . 2008-07-23 14:35 <REP> d-------- C:\Program Files\Spyware Terminator
2008-07-22 20:14 . 2008-07-22 20:14 141,312 --a------ C:\Windows\System32\drivers\sp_rsdrv2.sys
2008-07-22 16:16 . 2008-07-22 16:16 <REP> d-------- C:\Program Files\Sun
2008-07-21 20:50 . 2008-07-21 20:50 <REP> d-------- C:\Program Files\Crawler
2008-07-21 20:49 . 2008-07-26 12:16 <REP> d-------- C:\Users\pierre\AppData\Roaming\Spyware Terminator
2008-07-17 20:28 . 2008-07-17 20:38 96,966 --a------ C:\Windows\System32\drivers\klin.dat
2008-07-17 20:28 . 2008-07-17 20:38 88,774 --a------ C:\Windows\System32\drivers\klick.dat
2008-07-17 20:26 . 2008-07-27 00:37 <REP> d-------- C:\Users\All Users\Kaspersky Lab
2008-07-17 20:26 . 2008-07-27 00:37 <REP> d-------- C:\ProgramData\Kaspersky Lab
2008-07-17 20:26 . 2008-07-17 20:26 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-07-17 20:26 . 2008-07-21 16:53 1,924,640 --ahs---- C:\Windows\System32\drivers\fidbox.dat
2008-07-17 20:26 . 2008-07-21 16:53 262,176 --ahs---- C:\Windows\System32\drivers\fidbox2.dat
2008-07-17 20:26 . 2008-07-21 16:53 17,164 --ahs---- C:\Windows\System32\drivers\fidbox.idx
2008-07-17 20:26 . 2008-07-21 16:53 1,976 --ahs---- C:\Windows\System32\drivers\fidbox2.idx
2008-07-17 20:22 . 2008-07-21 16:31 <REP> d-------- C:\Users\All Users\Kaspersky Lab Setup Files
2008-07-17 20:22 . 2008-07-21 16:31 <REP> d-------- C:\ProgramData\Kaspersky Lab Setup Files
2008-07-16 22:09 . 2008-07-16 22:09 <REP> d-------- C:\Windows\System32\Kaspersky Lab
2008-07-16 21:31 . 2008-07-16 21:51 54,156 --ah----- C:\Windows\QTFont.qfn
2008-07-16 21:31 . 2008-07-16 21:31 1,409 --a------ C:\Windows\QTFont.for
2008-07-16 18:51 . 2008-07-16 18:51 <REP> d-------- C:\Users\All Users\Nero
2008-07-16 18:51 . 2008-07-16 18:51 <REP> d-------- C:\ProgramData\Nero
2008-07-15 21:35 . 2008-07-15 21:35 <REP> d-------- C:\Program Files\VS Revo Group
2008-07-15 15:12 . 2008-07-15 15:12 69 --a------ C:\Windows\NeroDigital.ini
2008-07-13 17:37 . 2008-07-13 06:12 <REP> d-------- C:\SDFix
2008-07-13 15:56 . 2008-07-13 15:56 <REP> d-------- C:\Users\pierre\AppData\Roaming\Malwarebytes
2008-07-13 15:55 . 2008-07-13 15:55 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-07-13 15:55 . 2008-07-13 15:55 <REP> d-------- C:\ProgramData\Malwarebytes
2008-07-13 15:55 . 2008-07-13 15:56 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-13 15:55 . 2008-07-07 17:35 34,296 --a------ C:\Windows\System32\drivers\mbamcatchme.sys
2008-07-13 15:55 . 2008-07-07 17:35 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-07-12 15:32 . 2008-07-13 22:05 <REP> d-------- C:\Users\pierre\photos pro'pulsion
2008-07-09 20:11 . 2008-06-26 02:33 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-07-09 20:11 . 2008-06-26 02:33 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-07-09 20:09 . 2008-06-26 02:33 11,722,752 --a------ C:\Windows\System32\NlsLexicons0001.dll
2008-07-09 15:27 . 2008-07-09 15:26 691,545 --a------ C:\Windows\unins000.exe
2008-07-09 15:27 . 2008-07-09 15:27 2,545 --a------ C:\Windows\unins000.dat
2008-06-27 16:49 . 2008-04-23 07:11 1,244,672 --a------ C:\Windows\System32\mcmde.dll
2008-06-27 16:49 . 2008-04-23 06:27 428,032 --a------ C:\Windows\System32\EncDec.dll
2008-06-27 16:49 . 2008-04-23 06:27 292,352 --a------ C:\Windows\System32\psisdecd.dll
2008-06-27 16:49 . 2008-04-23 06:26 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-06-27 16:49 . 2008-04-23 06:26 80,896 --a------ C:\Windows\System32\MSNP.ax
2008-06-27 16:49 . 2008-04-23 06:26 68,608 --a------ C:\Windows\System32\Mpeg2Data.ax
2008-06-27 16:49 . 2008-04-23 06:26 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-06-26 18:39 . 2008-07-21 21:16 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-06-26 18:39 . 2008-07-21 21:16 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-06-26 18:39 . 2008-07-10 20:40 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-24 19:07 --------- d-----w C:\Program Files\Trend Micro
2008-07-23 16:00 --------- d-----w C:\Program Files\TELE2
2008-07-22 14:15 --------- d-----w C:\Program Files\Java
2008-07-21 18:25 --------- d-----w C:\Program Files\Yahoo!
2008-07-16 16:52 --------- d-----w C:\Program Files\Common Files\Ahead
2008-07-16 14:05 128 ----a-w C:\Users\pierre\AppData\Roaming\wklnhst.dat
2008-07-15 17:52 --------- d-----w C:\Program Files\Windows Mail
2008-07-13 14:14 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-07-12 21:46 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-07-09 18:17 174 --sha-w C:\Program Files\desktop.ini
2008-06-26 00:34 7,964,672 ----a-w C:\Windows\System32\NlsLexicons0024.dll
2008-06-26 00:33 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-06-23 07:44 62,464 ----a-w C:\Windows\system32\drivers\RTSTOR.sys
2008-06-18 15:25 --------- d-----w C:\ProgramData\Avira
2008-06-18 12:52 --------- d-----w C:\Program Files\Apple Software Update
2008-06-09 13:19 27,430 ----a-w C:\Users\pierre\AppData\Roaming\nvModes.dat
2008-06-07 12:29 --------- d-----w C:\Users\pierre\AppData\Roaming\Apple Computer
2008-06-07 12:28 --------- d-----w C:\Program Files\iTunes
2008-06-07 12:27 --------- d-----w C:\ProgramData\Apple Computer
2008-06-07 12:27 --------- d-----w C:\Program Files\iPod
2008-06-07 12:25 --------- d-----w C:\Program Files\Bonjour
2008-06-07 12:24 --------- d-----w C:\Program Files\QuickTime
2008-06-07 12:10 --------- d-----w C:\ProgramData\Apple
2008-06-07 12:10 --------- d-----w C:\Program Files\Common Files\Apple
2008-06-04 18:43 --------- d-----w C:\ProgramData\F-Secure
2008-06-02 13:27 --------- d-----w C:\Program Files\Alwil Software
2008-05-31 21:28 --------- d-----w C:\ProgramData\Lavasoft
2008-05-30 19:17 --------- d-----w C:\Users\pierre\AppData\Roaming\Media Player Classic
2008-05-30 19:06 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-05-30 12:12 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-10 03:30 14,848 ----a-w C:\Windows\System32\wshrm.dll
2008-04-26 08:02 1,327,104 ----a-w C:\Windows\System32\quartz.dll
.
((((((((((((((((((((((((((((( snapshot@2008-07-14_12.30.42.69 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-15 10:14:17 51,200 ----a-w C:\Windows\inf\infpub.dat
+ 2008-07-17 18:27:09 51,200 ----a-w C:\Windows\inf\infpub.dat
- 2008-06-15 10:14:16 86,016 ----a-w C:\Windows\inf\infstor.dat
+ 2008-07-17 18:27:09 86,016 ----a-w C:\Windows\inf\infstor.dat
- 2008-06-15 10:14:16 86,016 ----a-w C:\Windows\inf\infstrng.dat
+ 2008-07-17 18:27:08 86,016 ----a-w C:\Windows\inf\infstrng.dat
- 2007-11-16 09:55:44 25,214 ----a-r C:\Windows\Installer\{81CD6232-10F5-4832-B3DA-1B88B1571036}\ARPPRODUCTICON.exe
+ 2008-07-16 16:52:57 25,214 ----a-r C:\Windows\Installer\{81CD6232-10F5-4832-B3DA-1B88B1571036}\ARPPRODUCTICON.exe
- 2008-07-14 10:08:43 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-07-26 22:36:42 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-07-14 10:08:43 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-07-26 22:36:42 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-07-14 10:11:20 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-07-26 22:39:27 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-07-26 22:39:27 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-07-14 10:11:15 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-07-26 22:39:22 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-07-26 22:39:22 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2007-08-02 12:32:10 5,631,520 ----a-w C:\Windows\system\DriveIcon.dll
+ 2008-05-06 07:41:30 6,416,928 ----a-w C:\Windows\system\DriveIcon.dll
- 2008-07-14 10:29:30 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-07-26 22:37:01 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-07-22 19:47:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008072220080723\index.dat
+ 2008-07-23 13:09:15 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008072320080724\index.dat
- 2008-07-14 10:29:30 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-07-26 22:37:01 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-07-14 10:29:30 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-07-26 22:37:01 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-07-14 10:28:06 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-07-26 23:26:39 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-07-26 23:26:39 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
+ 2006-03-31 10:40:58 2,388,176 ----a-w C:\Windows\System32\d3dx9_30.dll
+ 2008-04-16 12:23:44 112,144 ----a-w C:\Windows\System32\drivers\kl1.sys
+ 2008-01-29 16:29:38 32,784 ----a-w C:\Windows\System32\drivers\klbg.sys
+ 2008-03-13 17:02:46 26,640 ----a-w C:\Windows\System32\drivers\klfltdev.sys
+ 2008-03-26 11:10:16 20,496 ----a-w C:\Windows\System32\drivers\klim6.sys
+ 2008-04-25 16:21:06 26,964 ----a-w C:\Windows\System32\drivers\klopp.dat
+ 2008-03-26 11:10:16 20,496 ----a-w C:\Windows\System32\DriverStore\FileRepository\klim6.inf_61c2e785\klim6.sys
+ 2008-05-06 07:41:30 6,416,928 ----a-w C:\Windows\System32\DriverStore\FileRepository\rtusbstor.inf_04412eae\DriveIcon.dll
+ 2008-06-23 07:44:54 62,464 ----a-w C:\Windows\System32\DriverStore\FileRepository\rtusbstor.inf_04412eae\RTSTOR.sys
- 2004-07-26 15:16:10 1,568,768 ----a-w C:\Windows\System32\imagX7.dll
+ 2004-07-26 14:16:10 1,568,768 ----a-w C:\Windows\System32\imagX7.dll
- 2004-07-26 15:16:10 476,320 ----a-w C:\Windows\System32\imagXpr7.dll
+ 2004-07-26 14:16:10 476,320 ----a-w C:\Windows\System32\imagXpr7.dll
- 2004-07-26 15:16:10 262,144 ----a-w C:\Windows\System32\imagXR7.dll
+ 2004-07-26 14:16:10 262,144 ----a-w C:\Windows\System32\imagXR7.dll
- 2004-07-26 15:16:10 471,040 ----a-w C:\Windows\System32\imagXRA7.dll
+ 2004-07-26 14:16:10 471,040 ----a-w C:\Windows\System32\imagXRA7.dll
- 2008-02-21 23:23:35 135,168 ----a-w C:\Windows\System32\java.exe
+ 2008-06-09 23:21:01 135,168 ----a-w C:\Windows\System32\java.exe
- 2008-02-21 23:23:39 135,168 ----a-w C:\Windows\System32\javaw.exe
+ 2008-06-09 23:21:04 135,168 ----a-w C:\Windows\System32\javaw.exe
- 2008-02-22 00:33:32 139,264 ----a-w C:\Windows\System32\javaws.exe
+ 2008-06-10 00:32:34 139,264 ----a-w C:\Windows\System32\javaws.exe
+ 2005-05-16 17:34:48 213,048 ----a-w C:\Windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2006-03-20 11:17:24 65,536 ----a-w C:\Windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2006-03-20 11:17:20 798,720 ----a-w C:\Windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2008-04-25 16:22:24 206,088 ----a-w C:\Windows\System32\klogon.dll
- 2007-02-26 18:05:18 95,864 ----a-w C:\Windows\System32\NeroCo.dll
+ 2007-02-26 17:05:18 95,864 ----a-w C:\Windows\System32\NeroCo.dll
- 2008-07-09 18:16:01 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat
+ 2008-07-15 18:14:04 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat
+ 2008-07-15 18:14:04 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat_previous
- 2004-07-09 07:43:56 364,544 ----a-w C:\Windows\System32\TwnLib4.dll
+ 2004-07-09 06:43:56 364,544 ----a-w C:\Windows\System32\TwnLib4.dll
- 2008-07-14 10:11:21 11,016 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1485623736-812755021-2284708237-1000_UserData.bin
+ 2008-07-26 22:39:03 11,842 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1485623736-812755021-2284708237-1000_UserData.bin
- 2008-07-14 10:11:20 66,762 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-07-26 22:39:03 67,624 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-07-05 10:05:21 3,008 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat
+ 2008-07-17 19:02:33 3,298 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat
- 2008-07-14 10:11:08 55,434 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-07-26 22:39:01 58,520 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2007-02-26 18:21:06 972,336 ----a-w C:\Windows\UNNeroMediaHome.exe
+ 2007-02-26 17:21:06 972,336 ----a-w C:\Windows\UNNeroMediaHome.exe
- 2007-02-26 18:39:02 972,336 ----a-w C:\Windows\UNNeroShowTime.exe
+ 2007-02-26 17:39:02 972,336 ----a-w C:\Windows\UNNeroShowTime.exe
- 2007-02-26 19:36:50 972,336 ----a-w C:\Windows\UNNeroVision.exe
+ 2007-02-26 18:36:50 972,336 ----a-w C:\Windows\UNNeroVision.exe
- 2007-02-26 18:34:18 972,336 ----a-w C:\Windows\UNRecode.exe
+ 2007-02-26 17:34:18 972,336 ----a-w C:\Windows\UNRecode.exe
- 2008-07-09 18:08:44 31,238,634 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-07-15 18:13:19 31,265,751 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-06-09 22:40:17 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16699_none_f0498ecc6e94a1be\OESpamFilter.dat
+ 2008-06-09 22:37:40 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.20855_none_f0fa6c058795698f\OESpamFilter.dat
+ 2008-06-11 00:28:21 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18088_none_f2399d146bb3fd67\OESpamFilter.dat
+ 2008-06-09 22:36:23 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22200_none_f311b8d58497f018\OESpamFilter.dat
+ 2008-07-15 18:13:18 1,233,920 ----a-w C:\Windows\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9818.0_none_b7e811947b297f6d\msxml4.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-04-20 13:36 1232896]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-04-22 12:52 171448]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-19 01:31 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-19 01:31 8466432]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-19 01:31 81920]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2007-05-25 12:17 159744]
"FIC HotKey"="C:\Program Files\Hotkey Utility\tray.exe" [2007-07-13 15:38 561152]
"PowerManager"="C:\Program Files\Power Manager\PM.exe" [2007-05-16 12:42 29696]
"Silent Mode"="C:\Program Files\Light Sensor Utility\Sensor.exe" [2007-06-27 10:56 253952]
"recinfo706"="c:\RecInfo\RecInfo.exe" [2007-10-23 14:52 2764800]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 20:46 153136]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-07-22 20:14 1783808]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-10 16:01 4431872 C:\Windows\RtHDVCpl.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
C:\Users\pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{EE849512-1750-4752-9658-D3527CDB19FD}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{BE11DD08-AA1A-4251-A90A-E1C4F7E46B48}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{0AAE5F62-EA3E-4D98-B20D-446DC72354DD}"= C:\Program Files\CyberLink\PowerDV\PowerDV.exe:CyberLink PowerDV
"{C4EE3803-388B-4383-A9D5-504EE186984C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{D461A291-063B-4921-A530-D82B647EB0B1}C:\\program files\\intervideo\\dvd8\\windvd.exe"= UDP:C:\program files\intervideo\dvd8\windvd.exe:WinDVD
"UDP Query User{D969DD8C-0724-41CD-97EA-D375810DADF7}C:\\program files\\intervideo\\dvd8\\windvd.exe"= TCP:C:\program files\intervideo\dvd8\windvd.exe:WinDVD
"{0DE9BC89-AF96-4E6F-A0E3-C15E830C05A9}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{C0A3CAF8-F3B0-4856-B5E9-E786BDBF4F34}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{C187D75C-A4FC-408D-BD75-D312351F4223}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{5B6291F5-3107-4EA7-BCF2-6884DDD5603F}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{510300B1-DBB9-409B-AD9D-D3D56857D81B}C:\\users\\pierre\\appdata\\local\\temp\\wzse0.tmp\\symnrt.exe"= UDP:C:\users\pierre\appdata\local\temp\wzse0.tmp\symnrt.exe:symnrt.exe
"UDP Query User{D4192A9F-A54A-49B7-9B98-5EF93B430151}C:\\users\\pierre\\appdata\\local\\temp\\wzse0.tmp\\symnrt.exe"= TCP:C:\users\pierre\appdata\local\temp\wzse0.tmp\symnrt.exe:symnrt.exe
"TCP Query User{68053F71-8F92-476D-9B49-13F7727199CB}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= UDP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"UDP Query User{59E1D1A5-0842-470C-9EC7-B557EC9909A2}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= TCP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"TCP Query User{EDF2D800-DCA6-4DA4-8DF0-26D35DAAF4EF}C:\\users\\pierre\\appdata\\local\\temp\\nero web\\setupxu.exe"= UDP:C:\users\pierre\appdata\local\temp\nero web\setupxu.exe:setupxu.exe
"UDP Query User{E0128A82-24C5-4336-B5C6-7A0AE7F566B1}C:\\users\\pierre\\appdata\\local\\temp\\nero web\\setupxu.exe"= TCP:C:\users\pierre\appdata\local\temp\nero web\setupxu.exe:setupxu.exe
"TCP Query User{E9C97373-7CFD-4919-8A74-F8A24E4D24F2}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\french\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\french\setup.exe:Programme d'installation de Kaspersky Internet Security 2009
"UDP Query User{74F08B60-DCC2-4BE9-8257-D214403DD9BE}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\french\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\french\setup.exe:Programme d'installation de Kaspersky Internet Security 2009
"TCP Query User{85DD36EC-8E70-479D-9F79-9C32E7FFDD08}C:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 2009\\french\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\french\setup.exe:Programme d'installation de Kaspersky Anti-Virus 2009
"UDP Query User{14340551-CA54-417D-92CA-42F621FBC1B5}C:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 2009\\french\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\french\setup.exe:Programme d'installation de Kaspersky Anti-Virus 2009
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [2008-01-29 18:29]
R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2008-03-26 13:10]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-07-22 20:14]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler;C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-12-08 11:52]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [2008-03-13 19:02]
R3 RTSTOR;Realtek USB 2.0 Card Reader;C:\Windows\system32\drivers\RTSTOR.SYS [2008-06-23 09:44]
S4 nvrd32;NVIDIA nForce RAID Driver;C:\Windows\system32\drivers\nvrd32.sys [2007-07-02 17:37]
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
2008-07-26 C:\Windows\Tasks\User_Feed_Synchronization-{88E50F82-E0EA-4A84-BD14-221F83FDD350}.job - C:\Windows\system32\msfeedssync.exe [2006-11-02 11:45]
2008-04-20 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - s2C:\Program Files\Windows Live Toolbar\MSNTBUP.EXEpierre09< []
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.tele2.fr/portail/
R1 -: HKCU-Internet Settings,ProxyOverride = *.local
O8 -: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 -: Crawler Search - tbr:iemenu
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O18 -: Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-27 01:28:41
Windows 6.0.6000 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
C:\Windows\TEMP\TMP0000005669AB628FC2D70D1D
Scan terminé avec succès
Les fichiers cachés: 1
**************************************************************************
.
Temps d'accomplissement: 2008-07-27 1:29:35
ComboFix-quarantined-files.txt 2008-07-26 23:29:21
Pre-Run: 65,432,522,752 octets libres
Post-Run: 65,521,803,264 octets libres
295 --- E O F --- 2008-07-25 13:30:56
cés ça le rapport combix dis moi ce que je dois faire maintenant je le ferais demain après-midi a +
Scan saved at 18:27:54, on 28/07/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Hotkey Utility\tray.exe
C:\Program Files\Power Manager\PM.exe
C:\Program Files\Light Sensor Utility\Sensor.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/portail/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe
O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [Silent Mode] C:\Program Files\Light Sensor Utility\Sensor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe