Cheval de Troie
Résolu/Fermé
Mario Robot
Messages postés
115
Date d'inscription
samedi 7 juillet 2007
Statut
Membre
Dernière intervention
23 mars 2017
-
17 août 2008 à 19:54
Mario Robot Messages postés 115 Date d'inscription samedi 7 juillet 2007 Statut Membre Dernière intervention 23 mars 2017 - 9 févr. 2009 à 01:52
Mario Robot Messages postés 115 Date d'inscription samedi 7 juillet 2007 Statut Membre Dernière intervention 23 mars 2017 - 9 févr. 2009 à 01:52
A voir également:
- Cheval de Troie
- Comment supprimer cheval de troie gratuitement - Télécharger - Antivirus & Antimalwares
- Message cheval de troie mac ✓ - Forum MacOS
- Ordinateur bloqué cheval de troie - Guide
- Cheval de Troie et ordi bloqué!!! - Forum Virus
- Musique classique cheval au galop - Forum Musique / Radio / Clip
24 réponses
Mario Robot
Messages postés
115
Date d'inscription
samedi 7 juillet 2007
Statut
Membre
Dernière intervention
23 mars 2017
6
29 sept. 2008 à 01:57
29 sept. 2008 à 01:57
Salut
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:56:26, on 2008-09-28
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\SONY\VAIO Camera Utility\VCUServe.exe
C:\Program Files\SONY\ISB Utility\ISBMgr.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\iolo\System Mechanic\IoloSGCtrl.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\stacsv.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iolo\System Mechanic\SystemGuardAlerter.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\SONY\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\SONY\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\igfxext.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iolo\System Mechanic\SMSystemAnalyzer.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [WordQ carat flag] C:\Program Files\WordQ2Fr\WordQcrs.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WordQCRS.lnk = C:\Program Files\WordQ2Fr\WordQcrs.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfr-ca.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-43993ebf67e82f1e.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-ca.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5375/mcfscan.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\SONY\Image Converter 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\SONY\Image Converter 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\SONY\Image Converter 3\IcVzMon.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic\IoloSGCtrl.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:56:26, on 2008-09-28
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\SONY\VAIO Camera Utility\VCUServe.exe
C:\Program Files\SONY\ISB Utility\ISBMgr.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\iolo\System Mechanic\IoloSGCtrl.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\stacsv.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iolo\System Mechanic\SystemGuardAlerter.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\SONY\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\SONY\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\igfxext.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iolo\System Mechanic\SMSystemAnalyzer.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [WordQ carat flag] C:\Program Files\WordQ2Fr\WordQcrs.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WordQCRS.lnk = C:\Program Files\WordQ2Fr\WordQcrs.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfr-ca.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-43993ebf67e82f1e.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-ca.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5375/mcfscan.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\SONY\Image Converter 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\SONY\Image Converter 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\SONY\Image Converter 3\IcVzMon.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic\IoloSGCtrl.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\SONY\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Mario Robot
Messages postés
115
Date d'inscription
samedi 7 juillet 2007
Statut
Membre
Dernière intervention
23 mars 2017
6
11 déc. 2008 à 01:35
11 déc. 2008 à 01:35
Scan avec combofix:
ComboFix 08-12-09.03 - Utilisateur 2008-12-10 16:38:38.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1096 [GMT -5:00]
Lancé depuis: c:\users\Utilisateur\Desktop\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\404Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
c:\windows\system32\x64
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-10 au 2008-12-10 ))))))))))))))))))))))))))))))))))))
.
2008-12-10 15:57 . 2008-12-10 15:57 226,534,923 --a------ c:\windows\MEMORY.DMP
2008-12-03 21:41 . 2008-12-03 21:41 <REP> d-------- c:\users\Utilisateur\AppData\Roaming\TERMINAL Studio
2008-12-03 21:40 . 2008-12-03 21:40 <REP> d-------- c:\program files\Free 3D Santa Screensaver
2008-12-03 21:40 . 2007-11-16 14:06 5,410,816 --a------ c:\windows\System32\Free 3D Santa Screensaver.scr
2008-12-03 21:40 . 2006-02-15 16:26 92,216 --a------ c:\windows\System32\bass.dll
2008-12-03 21:40 . 2007-11-16 15:35 3,222 --a------ c:\windows\System32\Free 3D Santa Screensaver.html
2008-12-03 18:31 . 2008-12-03 18:33 <REP> d-------- c:\program files\TrackMania Original
2008-11-25 19:58 . 2008-09-25 06:37 3,666,432 --a------ c:\windows\System32\drivers\NETw5v32.sys
2008-11-25 19:37 . 2008-10-21 00:25 1,645,568 --a------ c:\windows\System32\connect.dll
2008-11-25 19:37 . 2008-08-27 22:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll
2008-11-25 19:37 . 2008-08-27 22:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll
2008-11-25 19:37 . 2008-08-27 22:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll
2008-11-25 19:37 . 2008-10-21 22:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-11-17 18:47 . 2008-11-17 18:47 <REP> d-------- c:\program files\Microsoft Research
2008-11-17 18:43 . 2008-10-16 16:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-17 18:43 . 2008-10-16 15:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-17 18:43 . 2008-10-16 16:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-17 18:43 . 2008-10-16 16:09 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-17 18:42 . 2008-10-16 16:12 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-17 18:42 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-17 18:42 . 2008-10-16 15:55 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-17 18:42 . 2008-10-16 16:08 34,328 --a------ c:\windows\System32\wups.dll
2008-11-17 18:42 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe
2008-11-12 16:29 . 2008-09-09 22:40 1,334,272 --a------ c:\windows\System32\msxml6.dll
2008-11-12 16:29 . 2008-09-05 00:14 1,191,936 --a------ c:\windows\System32\msxml3.dll
2008-11-12 16:29 . 2008-08-26 20:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-10 14:54 . 2008-11-10 14:54 <REP> d-------- c:\program files\Opera
2008-11-10 14:00 . 2008-11-10 14:40 <REP> d-------- c:\users\All Users\NOS
2008-11-10 14:00 . 2008-11-10 14:40 <REP> d-------- c:\programdata\NOS
2008-11-10 14:00 . 2008-11-10 14:00 <REP> d-------- c:\program files\NOS
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-10 21:39 229,458,464 --sha-w c:\windows\system32\drivers\fidbox.dat
2008-12-10 21:00 --------- d-----w c:\programdata\Kaspersky Lab
2008-12-10 02:35 3,070,256 --sha-w c:\windows\system32\drivers\fidbox.idx
2008-12-09 23:44 --------- d-----w c:\programdata\Google Updater
2008-12-06 21:32 --------- d-----w c:\users\Utilisateur\AppData\Roaming\iolo
2008-12-05 22:32 --------- d-----w c:\program files\Glary Utilities
2008-11-30 00:22 --------- d-----w c:\program files\Steam
2008-11-27 00:28 --------- d-----w c:\program files\Common Files\Steam
2008-11-25 04:21 935,776 ----a-w c:\windows\System32\Incinerator.dll
2008-11-21 02:14 --------- d-----w c:\program files\VDOWNLOADER
2008-11-18 16:51 8,192 ----a-w c:\windows\System32\smrgdf.exe
2008-11-12 22:27 --------- d-----w c:\program files\Common Files\Adobe
2008-11-12 21:30 --------- d-----w c:\programdata\Microsoft Help
2008-11-09 21:57 --------- d-----w c:\program files\TI Education
2008-11-09 21:57 --------- d-----w c:\program files\Common Files\TI Shared
2008-11-09 21:50 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-11-07 19:36 --------- d-----w c:\program files\RealFlightG4
2008-11-07 19:35 --------- d-----w c:\program files\Common Files\KnifeEdge
2008-11-06 19:50 920,088 ----a-w c:\windows\System32\igxpun.exe
2008-11-06 00:48 --------- d-----w c:\programdata\2DBoy
2008-11-05 23:46 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-10-31 00:14 673,280 ----a-w c:\windows\is-JIFEI.exe
2008-10-28 13:43 670,232 ----a-w c:\windows\System32\igfxcfg.exe
2008-10-28 13:43 256,536 ----a-w c:\windows\System32\igfxsrvc.exe
2008-10-28 13:43 178,712 ----a-w c:\windows\System32\igfxext.exe
2008-10-28 13:43 178,712 ----a-w c:\windows\System32\hkcmd.exe
2008-10-28 13:43 154,136 ----a-w c:\windows\System32\igfxpers.exe
2008-10-28 13:43 150,040 ----a-w c:\windows\System32\igfxtray.exe
2008-10-28 13:35 147,456 ----a-w c:\windows\System32\igfxCoIn_v1591.dll
2008-10-28 13:29 3,411,968 ----a-w c:\windows\System32\igdumd32.dll
2008-10-28 13:29 2,476,544 ----a-w c:\windows\system32\drivers\igdkmd32.sys
2008-10-28 13:25 536,576 ----a-w c:\windows\System32\igdumdx32.dll
2008-10-28 13:21 2,256,896 ----a-w c:\windows\System32\igd10umd32.dll
2008-10-28 13:14 3,895,296 ----a-w c:\windows\System32\ig4icd32.dll
2008-10-28 13:14 2,359,296 ----a-w c:\windows\System32\ig4dev32.dll
2008-10-28 13:05 69,632 ----a-w c:\windows\System32\oemdspif.dll
2008-10-28 13:05 258,048 ----a-w c:\windows\System32\igfxTMM.dll
2008-10-28 13:05 24,576 ----a-w c:\windows\System32\igfxexps.dll
2008-10-28 13:05 217,088 ----a-w c:\windows\System32\igfxpph.dll
2008-10-28 13:04 52,224 ----a-w c:\windows\System32\igfxsrvc.dll
2008-10-28 13:04 5,672,960 ----a-w c:\windows\System32\igfxress.dll
2008-10-28 13:04 221,184 ----a-w c:\windows\System32\igfxdev.dll
2008-10-28 13:04 135,168 ----a-w c:\windows\System32\igfxdo.dll
2008-10-28 13:04 106,496 ----a-w c:\windows\System32\hccutils.dll
2008-10-27 15:04 70,992 ----a-w c:\windows\System32\XAPOFX1_2.dll
2008-10-27 15:04 514,384 ----a-w c:\windows\System32\XAudio2_3.dll
2008-10-27 15:04 235,856 ----a-w c:\windows\System32\xactengine3_3.dll
2008-10-27 15:04 23,376 ----a-w c:\windows\System32\X3DAudio1_5.dll
2008-10-25 18:19 --------- d-----w c:\programdata\POPWWPROFILES
2008-10-25 18:09 --------- d-----w c:\program files\Google
2008-10-25 18:04 --------- d-----w c:\programdata\Spybot - Search & Destroy
2008-10-24 18:21 --------- d--h--w c:\programdata\yahoo!
2008-10-24 18:08 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-24 18:08 --------- d-----w c:\program files\Ubisoft
2008-10-21 23:04 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-16 20:45 --------- d-----w c:\program files\Windows Mail
2008-10-15 01:21 --------- d-----w c:\program files\Logitech
2008-10-10 09:52 452,440 ----a-w c:\windows\System32\d3dx10_40.dll
2008-10-10 09:52 4,379,984 ----a-w c:\windows\System32\D3DX9_40.dll
2008-10-10 09:52 2,036,576 ----a-w c:\windows\System32\D3DCompiler_40.dll
2008-10-07 13:13 147,456 ----a-w c:\windows\System32\igfxCoIn_v1576.dll
2008-10-02 03:49 827,392 ----a-w c:\windows\System32\wininet.dll
2008-09-30 21:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-24 14:32 28,672 ----a-w c:\windows\System32\iolobtdfg.exe
2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe
2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll
2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll
2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys
2008-09-10 07:41 81,920 ----a-w c:\windows\System32\frapsvid.dll
2008-06-07 03:30 174 --sha-w c:\program files\desktop.ini
2008-06-19 00:16 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-06-19 00:16 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-06-19 00:16 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-08 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-11-13 118784]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-02-07 411768]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-04-02 321656]
"LyraHD2TrayApp"="c:\program files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe" [2005-10-11 290816]
"snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968]
"iolo Startup"="c:\program files\iolo\Common\Lib\ioloLManager.exe" [2008-11-24 314224]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-28 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-28 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-28 154136]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-03-09 08:55 98304 c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll,c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"WordQ carat flag"=c:\program files\WordQ2Fr\WordQcrs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{48284DFB-89B1-4B8B-8D1B-8D1165A22620}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{7736FC8F-B6DE-49FA-9810-6A0C0062E6B7}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{B5887F20-1B5C-47EE-971B-F85169F1E59D}"= Disabled:UDP:c:\program files\SONY\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{11BBCC70-660D-4424-B1F2-45AF01E7EC5C}"= Disabled:TCP:c:\program files\SONY\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{63B27811-7D8C-40D1-ACD0-EA90FB83CF99}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6EA98B39-4192-40BF-8DD4-46F6C65EB591}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8B51146B-79DD-4A32-A9E4-9F6CFF68F481}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{979A6CA2-D39B-4080-9EF8-A1A9E9F88081}c:\\program files\\logitech\\desktop messenger\\8876480\\program\\backweb-8876480.exe"= UDP:c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe:backWeb-8876480
"UDP Query User{EF937BC3-0836-4F63-8766-E9BB2DD0B0FD}c:\\program files\\logitech\\desktop messenger\\8876480\\program\\backweb-8876480.exe"= TCP:c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe:backWeb-8876480
"TCP Query User{6B9309D5-5CE8-4011-B085-F9275E9A3178}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= UDP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs
"UDP Query User{27A1A53D-9693-4324-A19A-DD9BE57E9E56}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= TCP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs
"TCP Query User{939A8B19-DD4E-47CC-8DAC-D4A12B76D7F5}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= UDP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs
"UDP Query User{1BA12FFD-A4F7-4276-845D-1AE3E0750EC6}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= TCP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs
"TCP Query User{EFED29CB-88B0-4378-81F7-299B29884F79}c:\\program files\\logitech\\desktop messenger\\8876480\\program\\backweb-8876480.exe"= UDP:c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe:backWeb-8876480
"UDP Query User{6306EF7A-2EBE-4AF8-8E7E-4C6230885681}c:\\program files\\logitech\\desktop messenger\\8876480\\program\\backweb-8876480.exe"= TCP:c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe:backWeb-8876480
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2006-07-05 63352]
R1 ElRawDisk;ElRawDisk;\??\c:\windows\system32\drivers\elrawdsk.sys [2008-07-08 12800]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2007-10-16 20496]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-09-12 595824]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-09-12 595824]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sVAIO_VEDB [2008-02-26 29183504]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-01-03 11032]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-25 3666432]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2007-04-10 74240]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2007-04-10 43904]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\DRIVERS\SonyImgF.sys [2007-04-10 31104]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-04-23 812544]
S3 FANTOM;LEGO MINDSTORMS NXT Driver;c:\windows\system32\DRIVERS\fantom.sys [2006-03-10 39424]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-11-10 33752]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\SONY\Image Converter 3\ICScsiSV.exe [2008-06-05 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;"c:\program files\SONY\Image Converter 3\IcVzMonLauncher.exe" [2008-06-05 67760]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\SONY\VAIO Media Integrated Server\UCLS.exe [2008-06-05 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"c:\program files\SONY\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" []
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\SONY\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2008-06-05 1089536]
*Newly Created Service* - CATCHME
.
Contenu du dossier 'Tâches planifiées'
2008-12-10 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2008-12-01 09:38]
2008-12-09 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Utilisateur.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.ca/
mWindow Title =
uInternet Settings,ProxyOverride = localhost
IE: Ajouter à Kaspersky Anti-Bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
IE: Crawler Search
IE: E&xporter vers Microsoft Excel
c:\windows\Downloaded Program Files\InstallerControl.dll - O16 -: CabBuilder
hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
c:\windows\Downloaded Program Files\oscan81.ocx_x - c:\windows\bdoscandellang.ini
c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
hxxp://www.zebulon.fr/scan8/oscan8.cab
FireFox -: Profile - c:\users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\aa5mgm6z.default\
FF -: plugin - c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\np_gp.dll
FF -: plugin - c:\users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\aa5mgm6z.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\plugins\np_gp.dll
.
.
------- Associations de fichier -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 16:43:29
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(864)
c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll
c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
c:\windows\system32\WS2_32.dll
- - - - - - - > 'lsass.exe'(644)
c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll
c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll
.
Heure de fin: 2008-12-10 16:45:53
ComboFix-quarantined-files.txt 2008-12-10 21:45:47
Avant-CF: 126 369 570 816 octets libres
Après-CF: 126,330,503,168 octets libres
283 --- E O F --- 2008-12-08 19:56:10
ComboFix 08-12-09.03 - Utilisateur 2008-12-10 16:38:38.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1096 [GMT -5:00]
Lancé depuis: c:\users\Utilisateur\Desktop\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\404Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
c:\windows\system32\x64
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-10 au 2008-12-10 ))))))))))))))))))))))))))))))))))))
.
2008-12-10 15:57 . 2008-12-10 15:57 226,534,923 --a------ c:\windows\MEMORY.DMP
2008-12-03 21:41 . 2008-12-03 21:41 <REP> d-------- c:\users\Utilisateur\AppData\Roaming\TERMINAL Studio
2008-12-03 21:40 . 2008-12-03 21:40 <REP> d-------- c:\program files\Free 3D Santa Screensaver
2008-12-03 21:40 . 2007-11-16 14:06 5,410,816 --a------ c:\windows\System32\Free 3D Santa Screensaver.scr
2008-12-03 21:40 . 2006-02-15 16:26 92,216 --a------ c:\windows\System32\bass.dll
2008-12-03 21:40 . 2007-11-16 15:35 3,222 --a------ c:\windows\System32\Free 3D Santa Screensaver.html
2008-12-03 18:31 . 2008-12-03 18:33 <REP> d-------- c:\program files\TrackMania Original
2008-11-25 19:58 . 2008-09-25 06:37 3,666,432 --a------ c:\windows\System32\drivers\NETw5v32.sys
2008-11-25 19:37 . 2008-10-21 00:25 1,645,568 --a------ c:\windows\System32\connect.dll
2008-11-25 19:37 . 2008-08-27 22:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll
2008-11-25 19:37 . 2008-08-27 22:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll
2008-11-25 19:37 . 2008-08-27 22:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll
2008-11-25 19:37 . 2008-10-21 22:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-11-17 18:47 . 2008-11-17 18:47 <REP> d-------- c:\program files\Microsoft Research
2008-11-17 18:43 . 2008-10-16 16:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-17 18:43 . 2008-10-16 15:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-17 18:43 . 2008-10-16 16:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-17 18:43 . 2008-10-16 16:09 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-17 18:42 . 2008-10-16 16:12 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-17 18:42 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-17 18:42 . 2008-10-16 15:55 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-17 18:42 . 2008-10-16 16:08 34,328 --a------ c:\windows\System32\wups.dll
2008-11-17 18:42 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe
2008-11-12 16:29 . 2008-09-09 22:40 1,334,272 --a------ c:\windows\System32\msxml6.dll
2008-11-12 16:29 . 2008-09-05 00:14 1,191,936 --a------ c:\windows\System32\msxml3.dll
2008-11-12 16:29 . 2008-08-26 20:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-10 14:54 . 2008-11-10 14:54 <REP> d-------- c:\program files\Opera
2008-11-10 14:00 . 2008-11-10 14:40 <REP> d-------- c:\users\All Users\NOS
2008-11-10 14:00 . 2008-11-10 14:40 <REP> d-------- c:\programdata\NOS
2008-11-10 14:00 . 2008-11-10 14:00 <REP> d-------- c:\program files\NOS
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-10 21:39 229,458,464 --sha-w c:\windows\system32\drivers\fidbox.dat
2008-12-10 21:00 --------- d-----w c:\programdata\Kaspersky Lab
2008-12-10 02:35 3,070,256 --sha-w c:\windows\system32\drivers\fidbox.idx
2008-12-09 23:44 --------- d-----w c:\programdata\Google Updater
2008-12-06 21:32 --------- d-----w c:\users\Utilisateur\AppData\Roaming\iolo
2008-12-05 22:32 --------- d-----w c:\program files\Glary Utilities
2008-11-30 00:22 --------- d-----w c:\program files\Steam
2008-11-27 00:28 --------- d-----w c:\program files\Common Files\Steam
2008-11-25 04:21 935,776 ----a-w c:\windows\System32\Incinerator.dll
2008-11-21 02:14 --------- d-----w c:\program files\VDOWNLOADER
2008-11-18 16:51 8,192 ----a-w c:\windows\System32\smrgdf.exe
2008-11-12 22:27 --------- d-----w c:\program files\Common Files\Adobe
2008-11-12 21:30 --------- d-----w c:\programdata\Microsoft Help
2008-11-09 21:57 --------- d-----w c:\program files\TI Education
2008-11-09 21:57 --------- d-----w c:\program files\Common Files\TI Shared
2008-11-09 21:50 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-11-07 19:36 --------- d-----w c:\program files\RealFlightG4
2008-11-07 19:35 --------- d-----w c:\program files\Common Files\KnifeEdge
2008-11-06 19:50 920,088 ----a-w c:\windows\System32\igxpun.exe
2008-11-06 00:48 --------- d-----w c:\programdata\2DBoy
2008-11-05 23:46 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-10-31 00:14 673,280 ----a-w c:\windows\is-JIFEI.exe
2008-10-28 13:43 670,232 ----a-w c:\windows\System32\igfxcfg.exe
2008-10-28 13:43 256,536 ----a-w c:\windows\System32\igfxsrvc.exe
2008-10-28 13:43 178,712 ----a-w c:\windows\System32\igfxext.exe
2008-10-28 13:43 178,712 ----a-w c:\windows\System32\hkcmd.exe
2008-10-28 13:43 154,136 ----a-w c:\windows\System32\igfxpers.exe
2008-10-28 13:43 150,040 ----a-w c:\windows\System32\igfxtray.exe
2008-10-28 13:35 147,456 ----a-w c:\windows\System32\igfxCoIn_v1591.dll
2008-10-28 13:29 3,411,968 ----a-w c:\windows\System32\igdumd32.dll
2008-10-28 13:29 2,476,544 ----a-w c:\windows\system32\drivers\igdkmd32.sys
2008-10-28 13:25 536,576 ----a-w c:\windows\System32\igdumdx32.dll
2008-10-28 13:21 2,256,896 ----a-w c:\windows\System32\igd10umd32.dll
2008-10-28 13:14 3,895,296 ----a-w c:\windows\System32\ig4icd32.dll
2008-10-28 13:14 2,359,296 ----a-w c:\windows\System32\ig4dev32.dll
2008-10-28 13:05 69,632 ----a-w c:\windows\System32\oemdspif.dll
2008-10-28 13:05 258,048 ----a-w c:\windows\System32\igfxTMM.dll
2008-10-28 13:05 24,576 ----a-w c:\windows\System32\igfxexps.dll
2008-10-28 13:05 217,088 ----a-w c:\windows\System32\igfxpph.dll
2008-10-28 13:04 52,224 ----a-w c:\windows\System32\igfxsrvc.dll
2008-10-28 13:04 5,672,960 ----a-w c:\windows\System32\igfxress.dll
2008-10-28 13:04 221,184 ----a-w c:\windows\System32\igfxdev.dll
2008-10-28 13:04 135,168 ----a-w c:\windows\System32\igfxdo.dll
2008-10-28 13:04 106,496 ----a-w c:\windows\System32\hccutils.dll
2008-10-27 15:04 70,992 ----a-w c:\windows\System32\XAPOFX1_2.dll
2008-10-27 15:04 514,384 ----a-w c:\windows\System32\XAudio2_3.dll
2008-10-27 15:04 235,856 ----a-w c:\windows\System32\xactengine3_3.dll
2008-10-27 15:04 23,376 ----a-w c:\windows\System32\X3DAudio1_5.dll
2008-10-25 18:19 --------- d-----w c:\programdata\POPWWPROFILES
2008-10-25 18:09 --------- d-----w c:\program files\Google
2008-10-25 18:04 --------- d-----w c:\programdata\Spybot - Search & Destroy
2008-10-24 18:21 --------- d--h--w c:\programdata\yahoo!
2008-10-24 18:08 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-24 18:08 --------- d-----w c:\program files\Ubisoft
2008-10-21 23:04 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-16 20:45 --------- d-----w c:\program files\Windows Mail
2008-10-15 01:21 --------- d-----w c:\program files\Logitech
2008-10-10 09:52 452,440 ----a-w c:\windows\System32\d3dx10_40.dll
2008-10-10 09:52 4,379,984 ----a-w c:\windows\System32\D3DX9_40.dll
2008-10-10 09:52 2,036,576 ----a-w c:\windows\System32\D3DCompiler_40.dll
2008-10-07 13:13 147,456 ----a-w c:\windows\System32\igfxCoIn_v1576.dll
2008-10-02 03:49 827,392 ----a-w c:\windows\System32\wininet.dll
2008-09-30 21:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-24 14:32 28,672 ----a-w c:\windows\System32\iolobtdfg.exe
2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe
2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll
2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll
2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys
2008-09-10 07:41 81,920 ----a-w c:\windows\System32\frapsvid.dll
2008-06-07 03:30 174 --sha-w c:\program files\desktop.ini
2008-06-19 00:16 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-06-19 00:16 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-06-19 00:16 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-08 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-11-13 118784]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-02-07 411768]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-04-02 321656]
"LyraHD2TrayApp"="c:\program files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe" [2005-10-11 290816]
"snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968]
"iolo Startup"="c:\program files\iolo\Common\Lib\ioloLManager.exe" [2008-11-24 314224]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-28 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-28 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-28 154136]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-03-09 08:55 98304 c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll,c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"WordQ carat flag"=c:\program files\WordQ2Fr\WordQcrs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{48284DFB-89B1-4B8B-8D1B-8D1165A22620}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{7736FC8F-B6DE-49FA-9810-6A0C0062E6B7}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{B5887F20-1B5C-47EE-971B-F85169F1E59D}"= Disabled:UDP:c:\program files\SONY\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{11BBCC70-660D-4424-B1F2-45AF01E7EC5C}"= Disabled:TCP:c:\program files\SONY\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{63B27811-7D8C-40D1-ACD0-EA90FB83CF99}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6EA98B39-4192-40BF-8DD4-46F6C65EB591}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8B51146B-79DD-4A32-A9E4-9F6CFF68F481}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{979A6CA2-D39B-4080-9EF8-A1A9E9F88081}c:\\program files\\logitech\\desktop messenger\\8876480\\program\\backweb-8876480.exe"= UDP:c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe:backWeb-8876480
"UDP Query User{EF937BC3-0836-4F63-8766-E9BB2DD0B0FD}c:\\program files\\logitech\\desktop messenger\\8876480\\program\\backweb-8876480.exe"= TCP:c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe:backWeb-8876480
"TCP Query User{6B9309D5-5CE8-4011-B085-F9275E9A3178}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= UDP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs
"UDP Query User{27A1A53D-9693-4324-A19A-DD9BE57E9E56}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= TCP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs
"TCP Query User{939A8B19-DD4E-47CC-8DAC-D4A12B76D7F5}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= UDP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs
"UDP Query User{1BA12FFD-A4F7-4276-845D-1AE3E0750EC6}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= TCP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs
"TCP Query User{EFED29CB-88B0-4378-81F7-299B29884F79}c:\\program files\\logitech\\desktop messenger\\8876480\\program\\backweb-8876480.exe"= UDP:c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe:backWeb-8876480
"UDP Query User{6306EF7A-2EBE-4AF8-8E7E-4C6230885681}c:\\program files\\logitech\\desktop messenger\\8876480\\program\\backweb-8876480.exe"= TCP:c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe:backWeb-8876480
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2006-07-05 63352]
R1 ElRawDisk;ElRawDisk;\??\c:\windows\system32\drivers\elrawdsk.sys [2008-07-08 12800]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2007-10-16 20496]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-09-12 595824]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-09-12 595824]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sVAIO_VEDB [2008-02-26 29183504]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-01-03 11032]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-25 3666432]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2007-04-10 74240]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2007-04-10 43904]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\DRIVERS\SonyImgF.sys [2007-04-10 31104]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-04-23 812544]
S3 FANTOM;LEGO MINDSTORMS NXT Driver;c:\windows\system32\DRIVERS\fantom.sys [2006-03-10 39424]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-11-10 33752]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\SONY\Image Converter 3\ICScsiSV.exe [2008-06-05 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;"c:\program files\SONY\Image Converter 3\IcVzMonLauncher.exe" [2008-06-05 67760]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\SONY\VAIO Media Integrated Server\UCLS.exe [2008-06-05 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"c:\program files\SONY\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" []
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\SONY\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2008-06-05 1089536]
*Newly Created Service* - CATCHME
.
Contenu du dossier 'Tâches planifiées'
2008-12-10 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2008-12-01 09:38]
2008-12-09 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Utilisateur.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.ca/
mWindow Title =
uInternet Settings,ProxyOverride = localhost
IE: Ajouter à Kaspersky Anti-Bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
IE: Crawler Search
IE: E&xporter vers Microsoft Excel
c:\windows\Downloaded Program Files\InstallerControl.dll - O16 -: CabBuilder
hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
c:\windows\Downloaded Program Files\oscan81.ocx_x - c:\windows\bdoscandellang.ini
c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
hxxp://www.zebulon.fr/scan8/oscan8.cab
FireFox -: Profile - c:\users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\aa5mgm6z.default\
FF -: plugin - c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\np_gp.dll
FF -: plugin - c:\users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\aa5mgm6z.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\plugins\np_gp.dll
.
.
------- Associations de fichier -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 16:43:29
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(864)
c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll
c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
c:\windows\system32\WS2_32.dll
- - - - - - - > 'lsass.exe'(644)
c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll
c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll
.
Heure de fin: 2008-12-10 16:45:53
ComboFix-quarantined-files.txt 2008-12-10 21:45:47
Avant-CF: 126 369 570 816 octets libres
Après-CF: 126,330,503,168 octets libres
283 --- E O F --- 2008-12-08 19:56:10
Mario Robot
Messages postés
115
Date d'inscription
samedi 7 juillet 2007
Statut
Membre
Dernière intervention
23 mars 2017
6
12 déc. 2008 à 03:44
12 déc. 2008 à 03:44
Salut
Dans la quarantaine dans Qoobox il y a des fichier .exe.vir . C'est tu des virus?
Dans la quarantaine dans Qoobox il y a des fichier .exe.vir . C'est tu des virus?
Mario Robot
Messages postés
115
Date d'inscription
samedi 7 juillet 2007
Statut
Membre
Dernière intervention
23 mars 2017
6
9 févr. 2009 à 01:52
9 févr. 2009 à 01:52
Salut
La patition caché qui a l'installateur de vista peut tu être infecter?
Merci
La patition caché qui a l'installateur de vista peut tu être infecter?
Merci
29 sept. 2008 à 19:25
fait 1 NOUVEAU scan hijackthis stp
a+
Scan saved at 19:56:26, on 2008-09-28