Sujet Précédent Sujet Suivant

Rapport hijackthis

Fermé
dliardet - 30 août 2008 à 01:45
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 - 30 août 2008 à 14:41
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:44:23, on 30/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/content/public/choosecountry.aspx?c=us&l=en&s=gen
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (WficaCtl Object) - http://www.eserver.com/downloads/citrix/plugins/activex/wfica.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D17501F3-7F87-4AFA-B7FB-963E8F0152EF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O20 - Winlogon Notify: WinCtrl32 - WinCtrl32.dll (file missing)
O21 - SSODL: jGnnL - {701B4D5E-DAB1-E7F4-5014-331C81A3A981} - C:\WINDOWS\system32\vqa.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: a-squared Free Service a2freeRasAutogusvc (a2freeRasAutogusvc) - Unknown owner - C:\WINDOWS\
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Windows Presentation Foundation Font Cache 3.0.0.0 FontCache3.0.0.0DcomLaunch (FontCache3.0.0.0DcomLaunch) - Unknown owner - C:\WINDOWS\
O23 - Service: Windows Presentation Foundation Font Cache 3.0.0.0 FontCache3.0.0.0ose (FontCache3.0.0.0ose) - Unknown owner - C:\WINDOWS\
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Google Updater Service gusvcDcomLaunch (gusvcDcomLaunch) - Unknown owner - C:\WINDOWS\
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service de l'iPod iPodNtLmSsp (iPodNtLmSsp) - Unknown owner - C:\WINDOWS\
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Affichage des messages MessengerNlaAppMgmt (MessengerNlaAppMgmt) - Unknown owner - C:\WINDOWS\
O23 - Service: NLA (Network Location Awareness) NlaAppMgmt (NlaAppMgmt) - Unknown owner - C:\WINDOWS\
O23 - Service: NLA (Network Location Awareness) Nlaidsvc (Nlaidsvc) - Unknown owner - C:\WINDOWS\
O23 - Service: NLA (Network Location Awareness) Nlaidsvc Nlaidsvcupnphost (Nlaidsvcupnphost) - Unknown owner - C:\WINDOWS\
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de connexion automatique d'accès distant RasAutogusvc (RasAutogusvc) - Unknown owner - C:\WINDOWS\
O23 - Service: Gestionnaire de connexion automatique d'accès distant RasAutoPolicyAgent (RasAutoPolicyAgent) - Unknown owner - C:\WINDOWS\
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance RDSessMgrAlerter (RDSessMgrAlerter) - Unknown owner - C:\WINDOWS\
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance RDSessMgrAlerter RDSessMgrAlerterRasMan (RDSessMgrAlerterRasMan) - Unknown owner - C:\WINDOWS\
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance RDSessMgrdmserver (RDSessMgrdmserver) - Unknown owner - C:\WINDOWS\
O23 - Service: Appel de procédure distante (RPC) RpcSsCryptSvc (RpcSsCryptSvc) - Unknown owner - C:\WINDOWS\
O23 - Service: QoS RSVP RSVPGoogleDesktopManager (RSVPGoogleDesktopManager) - Unknown owner - C:\WINDOWS\
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Téléphonie TapiSrvMSDTC (TapiSrvMSDTC) - Unknown owner - C:\WINDOWS\
O23 - Service: Service Messenger Sharing Folders USN Journal Reader usnjsvcclr_optimization_v2.0.50727_32 (usnjsvcclr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\
O23 - Service: Windows Driver Foundation - User-mode Driver Framework WudfSvcNla (WudfSvcNla) - Unknown owner - C:\WINDOWS\

2 réponses

Réponse 1 / 2
combo
30 août 2008 à 01:54
Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

-Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes. risque de figer l'ordi

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

!\ Ne touche à rien tant que le scan n'est pas terminé. /!\ : risque de figer l'ordi (plantage complet)

::Si combofix demande a faire mise a jour tu refuse
::Si combofix detecte quelque chose et de demande a redemarer tu accepte
0
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 107
30 août 2008 à 10:42
salut a vous pour suivre
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536 > benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012
30 août 2008 à 14:41
Bonjour,

pour suivre aussi.
0
Réponse 2 / 2
dliardet
30 août 2008 à 14:09
ComboFix 08-08-29.02 - David Liardet 2008-08-30 2:28:56.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1537 [GMT 2:00]
Endroit: C:\Documents and Settings\David Liardet\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\David Liardet\Application Data\rhctm7j0en2p
C:\Documents and Settings\Lili Dos Santos\Cookies\lili_dos_santos@ehg-swisscom.hitbox[2].txt
C:\Program Files\GamesBar\oberontb.dll
C:\WINDOWS\system32\blphcpm7j0en2p.scr
C:\WINDOWS\system32\phcpm7j0en2p.bmp
C:\WINDOWS\SYSTEM32\VEdLTvut.ini
C:\WINDOWS\SYSTEM32\VEdLTvut.ini2

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-28 to 2008-08-30 ))))))))))))))))))))))))))))))))))))
.

2008-08-28 15:27 . 2008-08-28 15:39 96,976 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\klin.dat
2008-08-28 15:27 . 2008-08-28 15:39 87,855 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\klick.dat
2008-08-28 15:26 . 2008-08-28 15:26 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-08-28 15:26 . 2008-08-30 13:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-08-28 15:26 . 2008-08-30 06:59 3,368,992 --ahs---- C:\WINDOWS\SYSTEM32\DRIVERS\fidbox.dat
2008-08-28 15:26 . 2008-08-30 06:59 507,936 --ahs---- C:\WINDOWS\SYSTEM32\DRIVERS\fidbox2.dat
2008-08-28 15:26 . 2008-08-30 06:59 27,400 --ahs---- C:\WINDOWS\SYSTEM32\DRIVERS\fidbox.idx
2008-08-28 15:26 . 2008-08-30 06:59 2,816 --ahs---- C:\WINDOWS\SYSTEM32\DRIVERS\fidbox2.idx
2008-08-26 15:22 . 2008-08-26 15:22 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-08-26 15:22 . 2008-08-26 15:22 <REP> d-------- C:\Documents and Settings\David Liardet\Application Data\Malwarebytes
2008-08-26 15:12 . 2008-08-26 15:22 <REP> d-------- C:\WINDOWS\LastGood(2)
2008-08-23 15:24 . 2008-08-30 13:15 <REP> d-------- C:\Documents and Settings\David Liardet\Application Data\OpenOffice.org2
2008-08-23 15:18 . 2008-08-23 15:18 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-08-23 12:49 . 2008-08-26 15:22 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-08-23 12:49 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys
2008-08-23 12:49 . 2008-08-23 12:49 0 --a------ C:\WINDOWS\nsreg.dat
2008-08-22 23:23 . 2008-08-26 15:22 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-22 23:23 . 2008-08-22 23:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-22 23:23 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys
2008-08-22 23:23 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys
2008-08-22 23:08 . 2008-08-22 23:08 <REP> d-------- C:\Program Files\Trend Micro
2008-08-21 20:22 . 2008-08-28 12:46 <REP> d-------- C:\Program Files\a-squared Free
2008-08-17 19:00 . 2008-08-28 12:08 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-08-17 19:00 . 2008-08-28 15:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-17 18:21 . 2008-08-17 18:21 32 --a-s---- C:\WINDOWS\SYSTEM32\3897972993.dat
2008-08-17 18:17 . 2008-08-23 12:50 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-17 18:17 . 2008-08-17 18:17 1,409 --a------ C:\WINDOWS\QTFont.for
2008-07-16 11:04 . 2008-08-28 13:10 <REP> d-------- C:\Program Files\Yahoo!
2008-07-16 11:04 . 2008-07-16 11:04 <REP> d-------- C:\Program Files\CCleaner
2008-07-16 10:50 . 2005-05-23 13:00 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-07-16 10:50 . 2005-05-23 13:00 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-07-16 10:50 . 2005-05-23 13:00 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-07-16 10:50 . 2005-05-23 13:00 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-07-16 10:50 . 2005-05-23 13:00 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-07-16 10:50 . 2005-05-23 13:00 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-07-16 10:50 . 2005-05-23 13:00 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-07-16 10:50 . 2007-08-16 18:21 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Teleca
2008-07-16 10:50 . 2007-08-16 18:21 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Sony Ericsson
2008-07-16 10:50 . 2005-05-23 13:29 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Sonic
2008-07-16 10:50 . 2007-07-08 14:28 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Desperate Housewives
2008-07-16 10:50 . 2008-08-26 15:25 <REP> d-------- C:\Documents and Settings\Administrateur

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-30 00:29 --------- d-----w C:\Program Files\GamesBar
2008-08-28 18:13 --------- d-----w C:\Documents and Settings\Lili Dos Santos\Application Data\Skype
2008-08-28 13:39 58,368 ----a-w C:\WINDOWS\SYSTEM32\spoolsv.exe
2008-08-28 13:39 509,952 ----a-w C:\WINDOWS\SYSTEM32\winlogon.exe
2008-08-28 13:39 16,896 ----a-w C:\WINDOWS\SYSTEM32\svchost.exe
2008-08-28 13:39 14,336 ----a-w C:\WINDOWS\SYSTEM32\lsass.exe
2008-08-28 13:39 110,080 ----a-w C:\WINDOWS\SYSTEM32\services.exe
2008-08-28 13:39 1,039,360 ----a-w C:\WINDOWS\explorer.exe
2008-08-28 11:06 --------- d-----w C:\Program Files\Gamenext
2008-08-26 13:24 --------- d-----w C:\Program Files\World of Warcraft (privé)
2008-08-25 13:18 --------- d-----w C:\Program Files\World of Warcraft
2008-08-23 13:17 --------- d-----w C:\Program Files\Java
2008-08-23 10:51 --------- d-----w C:\Program Files\Nokia
2008-08-23 10:51 --------- d-----w C:\Program Files\Fichiers communs\Nokia
2008-08-23 10:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-08-18 14:58 --------- d-----w C:\Documents and Settings\Lili Dos Santos\Application Data\scrfunkamok
2008-08-18 14:52 --------- d-----w C:\Documents and Settings\David Liardet\Application Data\scrfunkamok
2008-08-18 14:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\INTERNET SPAM SUPPORT AUDIO
2008-08-17 17:44 --------- d-----w C:\Program Files\BearShare
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\cdm.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\SYSTEM32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\SYSTEM32\wuauclt.exe
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\SYSTEM32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\SYSTEM32\wups.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\SYSTEM32\wuapi.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\SYSTEM32\wucltui.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\SYSTEM32\wuweb.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\SYSTEM32\wuaueng.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\SYSTEM32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\SYSTEM32\muweb.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\SYSTEM32\es.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\SYSTEM32\mscms.dll
2008-06-24 16:23 74,240 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mscms.dll
2008-06-24 08:28 3,592,192 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2008-06-23 09:21 70,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2008-06-23 09:21 625,664 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
2008-06-21 05:23 161,792 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakui.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\SYSTEM32\mswsock.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip.sys
2008-06-20 10:44 138,368 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\bthport.sys
2008-05-08 12:28 202,752 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\rmcast.sys
2008-05-07 05:38 90,624 ----a-w C:\WINDOWS\SYSTEM32\nmwcdcls.dll
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2008-05-07 05:15 1,293,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\quartz.dll
2008-05-01 14:31 331,776 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msadce.dll
.

------- Sigcheck -------

2008-08-28 15:39 16896 a8fb150e88a67da58410b7e28ad52e8c C:\WINDOWS\SYSTEM32\svchost.exe

2005-05-25 21:07 359936 63fdfea54eb53de2d863ee454937ce1e C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
2006-01-13 19:07 360448 5562cc0a47b2aef06d3417b733f3c195 C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
2008-06-20 12:44 360960 744e57c99232201ae98c49168b918f48 C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
2008-06-20 13:51 361600 9aefa14bd6b182d61e3119fa5f436d3d C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
2008-06-20 13:59 361600 ad978a1b783b5719720cff204b666c8e C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
2004-08-05 13:00 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
2005-05-25 21:04 359808 88763a98a4c26c409741b4aa162720c9 C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
2006-01-13 04:28 359808 583e063fdc888ca30d05c2724b0d7ef4 C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
2006-04-20 13:51 359808 1dbf125862891817f374f407626967f4 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
2007-10-30 19:20 360064 90caff4b094573449a0872a0f919b178 C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
2008-06-20 12:45 360320 1cc09561e21a48a7f649a40f18235860 C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip.sys
2008-06-20 12:45 360320 1cc09561e21a48a7f649a40f18235860 C:\WINDOWS\SYSTEM32\DRIVERS\tcpip.sys

2008-08-28 15:39 509952 68f89dcb80b45660aee06bf1fe353b49 C:\WINDOWS\SYSTEM32\winlogon.exe

md5deep: C:\WINDOWS\explorer.exe: error at offset 0: Permission denied
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-05 13:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

2008-08-28 15:39 110080 e063b61a9466b0cf8a3a68316bd85877 C:\WINDOWS\SYSTEM32\services.exe

2008-08-28 15:39 14336 0c4a26a14d5812484d8a3c834bbd47ab C:\WINDOWS\SYSTEM32\lsass.exe

2005-06-11 02:17 57856 ad3d9d191aea7b5445fe1d82ffbb4788 C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2004-08-05 13:00 57856 b4ef928e4fad79364a80acba6d999934 C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe
2008-08-28 15:39 58368 3513a57ec257df60f641d20031acb383 C:\WINDOWS\SYSTEM32\spoolsv.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-26 23:29 36864]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-01 17:41 68856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 18:41 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 15:42 1404928]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 13:52 339968]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 21:12 221184]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 17:54 57344]
"UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2004-01-07 02:01 110592]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 02:05 127035]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 02:02 86016]
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-11 04:19 69632]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"D-Link AirPlus XtremeG"="C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe" [2005-03-28 15:25 1011712]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2004-12-16 18:49 49152]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 10:46 497200]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 11:34 614960]
"LVCOMSX"="C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-06-26 11:33 243248]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-05-26 12:45 257088]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-13 21:53 1838592]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-04-25 18:21 201992]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoDispScrSavPage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"jGnnL"= {701B4D5E-DAB1-E7F4-5014-331C81A3A981} - C:\WINDOWS\system32\vqa.dll [2007-04-16 17:53 32768]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winbb65.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winet18.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winff25.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wingg00.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winhv06.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winii23.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winkd16.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winli76.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wintw03.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winus13.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winwj78.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\HD Publishing\\Joint Task Force\\jtf.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"C:\\WINDOWS\\SYSTEM32\\DPVSETUP.EXE"=
"C:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader

R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 18:29]
R2 LF30FS;LF30FS;C:\Program Files\Everstrike Software\Lock Folder XP 3.6\LF30XP.sys [2004-11-19 19:07]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-03-25 20:07]
S0 Winbb65;Winbb65;C:\WINDOWS\system32\Drivers\Winbb65.sys []
S0 Winet18;Winet18;C:\WINDOWS\system32\Drivers\Winet18.sys []
S0 Winff25;Winff25;C:\WINDOWS\system32\Drivers\Winff25.sys []
S0 Wingg00;Wingg00;C:\WINDOWS\system32\Drivers\Wingg00.sys []
S0 Winhv06;Winhv06;C:\WINDOWS\system32\Drivers\Winhv06.sys []
S0 Winii23;Winii23;C:\WINDOWS\system32\Drivers\Winii23.sys []
S0 Winkd16;Winkd16;C:\WINDOWS\system32\Drivers\Winkd16.sys []
S0 Winli76;Winli76;C:\WINDOWS\system32\Drivers\Winli76.sys []
S0 Wintw03;Wintw03;C:\WINDOWS\system32\Drivers\Wintw03.sys []
S0 Winus13;Winus13;C:\WINDOWS\system32\Drivers\Winus13.sys []
S0 Winwj78;Winwj78;C:\WINDOWS\system32\Drivers\Winwj78.sys []
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2005-03-22 04:17]
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 19:08]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 19:11]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 19:11]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 19:13]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 19:15]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 15:17]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 15:17]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0220ff4-4ef4-11db-a566-00123f30285f}]
\Shell\AutoRun\command - F:\setupSNK.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

2008-07-26 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2006-10-10 18:13]

2005-06-29 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1117227390.job
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2002-06-27 01:46]

2008-08-29 C:\WINDOWS\Tasks\User_Feed_Synchronization-{BBAB188B-CE11-4665-A1AD-6E8635453E7F}.job
- C:\WINDOWS\system32\msfeedssync.exe [2006-10-17 12:58]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Nokia.PCSync - C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
HKLM-Run-LFAgent - (no file)
Notify-WinCtrl32 - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\David Liardet\Application Data\Mozilla\Firefox\Profiles\ha6mbk7c.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.ch/
FF -: plugin - C:\Program Files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-30 13:11:50
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\a2freeRasAutogusvc]
"ImagePath"="ð%€|\18Ï\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FontCache3.0.0.0DcomLaunch]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FontCache3.0.0.0ose]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gusvcDcomLaunch]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iPodNtLmSsp]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MessengerNlaAppMgmt]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaAppMgmt]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Nlaidsvc]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Nlaidsvcupnphost]
"ImagePath"="ð%€|ÀÍ\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAutogusvc]
"ImagePath"="ð%€|¨Í\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAutoPolicyAgent]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDSessMgrAlerter]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDSessMgrAlerterRasMan]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDSessMgrdmserver]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcSsCryptSvc]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RSVPGoogleDesktopManager]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TapiSrvMSDTC]
"ImagePath"="ð%€|x\[u]0[/u]1\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usnjsvcclr_optimization_v2.0.50727_32]
"ImagePath"="ð%€|XÍ\[u]0[/u]9 srv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfSvcNla]
"ImagePath"="ð%€|¨Í\[u]0[/u]9 srv"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\SYSTEM32\ati2evxx.exe
C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.bin
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\SYSTEM32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
C:\WINDOWS\SYSTEM32\IMAPI.EXE
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-30 13:19:54 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-30 11:19:41

Pre-Run: 86,592,061,440 octets libres
Post-Run: 87,004,753,920 octets libres

344 --- E O F --- 2008-08-29 23:04:06
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
1fichier.com et bloqueur de pub
anthea1309 -
Patoche12 -

60 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Accés au cloud
Dadou1968 -
loisou17 -

3 réponses