maxbat
-
Compteur de contenus
22 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par maxbat
-
C'était le port 137. Je suis derrière une Livebox Mini en DMZ qur mon PC (seul moyen trouvé d'ouvrir les ports pour des logiciels d'échange en attendant une mise à jour du firmware attendue par tous). Après quelques test, il est nécessaire que "system" et "svchost.exe" aient une règle en "Allow Ip Out From Any To Ip Any Where Protocol Is Any" pour que mon PC puisse se connecter automatiquement à internet au démarrage, sinon il ne trouve pas d'adresse IP de ma Livebox. De plus, il semble que "system", "svchost.exe" et "explorer.exe" aient des règles du type "Allow TCP (ou UDP ou Ip) From "Nom de mon réseau" To "Nom de mon réseau" Where Protocol And Port Is Any" Voilà j'espère avoir été assez clair (je peux faire des captures d'écran si nécessaire). Dites-moi ce que vous en pensez... Merci.
-
le problème que j'ai remarqué pour le processus "system", c'est que si je le bloque ou le mets en "outgoing only", je n'arrive depuis mon PC à accéder à mon réseau maison. Si je l'autorise par contre, le test de sécurité de Zebulon m'indique que le port est ouvert. Peut-on laisser ce processus me permettre d'accéder a mon réseau personnel seulement ? Merci encore.
-
Alors que dois-je faire ? les laisser en "outgoing only" est -elle une bonne solution ? Merci encore.
-
Bonjour, J'utilise le pare feu Comodo mais de temps en temps, il me demande si je dois accepter que les processus "system", "svchost" ou "spoolsv" se connectent à internet ou recoivent des connexion par internet... Ils veulent apparemment ouvrir des ports TCP ou UDP. Je sais que ce sont des services de Windows (j'ai XP Home) et que svchost en gère de nombreux mais pourquoi veulent-ils se connecter ? Dois-je accpeter, refuser, créer une règle spécifique pour ce genre de processus sans que cela ne me gène dans mon réseau ou ma connexion...? Je les ai mis en attendant en "outgoing only" je ne sais pas du tout si c'est le mieux... Merci d'avance.
-
Quel parefeu avec antivir et malwarebyte ?
maxbat a répondu à un(e) sujet de scwal69 dans Sécurisation, prévention
J'utilise Comodo avec Antivir free et Malwarebyte free. J'en suis très content, il a l'air très performant, en anglais mais très facile d'accès. -
Bonjour, Récemment, Comodo m'a fait montrer que le fichier slvhost.exe contenu apparemment dans Windows/System 32 a voulu modifier de nombreuses choses sur mon pc (registre etc...). Le problème, c'est que je n'arrive pas à trouver ce fichier même en affichant les fichiers cachés du system 32... . Ensuite, j'ai eu plusieurs infections que j'ai tenté d'enlever comme par exemple la suppresiion du service mises à jour que j'ai remis avec Dial a fix. JE ne trouve aucunes informations sur ce fichier sur internet et mes antivirus ne le repèrent apparemment pas. Je l'ai mis en quarantaine dans Comodo Defense +. Je vous demande votre aide pour savoir si je suis toujours infecté, Antivir m'avait aussi repéré des chevaux de troie a la suite de cela...). Voici mon Hijackthis et que puis-je faire de ce fichier ou d'autres qu'il aurait crée...(j'espère que je les ai tous supprimés...) . Merci beaucoup. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:36:51 - Maxbat, on 17/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Notebook Hardware Control\nhc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1214757344578 O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://www.piclens.com/shared/plinstll.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: getPlus® Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing) O23 - Service: Google Update Service (gupdate1c8c1a839fd1f2) (gupdate1c8c1a839fd1f2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 10407 bytes
-
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Voici le dernier rapport (j'espère ). Pourrais tu me donner quelques conseils pour que cela ne m'arrive plus ? Merci encore pour tout !!!!!!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:13:06, on 10/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Notebook Hardware Control\nhc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Windows Defender User Interface] C:\Program Files\Windows Defender\MSASCui.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1214757344578 O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://www.piclens.com/shared/plinstll.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: getPlus® Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing) O23 - Service: Google Update Service (gupdate1c8c1a839fd1f2) (gupdate1c8c1a839fd1f2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 10636 bytes -
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Voici le résultat du test : Fichier virus2.com reçu le 2008.09.10 16:57:06 (CET) Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.9.6.0 2008.09.10 EICAR_Test_File AntiVir 7.8.1.28 2008.09.10 Eicar-Test-Signature Authentium 5.1.0.4 2008.09.10 EICAR_Test_File Avast 4.8.1195.0 2008.09.10 EICAR Test-NOT virus!! AVG 8.0.0.161 2008.09.10 EICAR_Test BitDefender 7.2 2008.09.10 EICAR-Test-File (not a virus) CAT-QuickHeal 9.50 2008.09.10 EICAR Test File ClamAV 0.93.1 2008.09.10 Eicar-Test-Signature DrWeb 4.44.0.09170 2008.09.10 EICAR Test File (NOT a Virus!) eSafe 7.0.17.0 2008.09.10 EICAR Test File eTrust-Vet 31.6.6082 2008.09.10 the EICAR test string Ewido 4.0 2008.09.10 Not-A-Virus.Test.Eicar F-Prot 4.4.4.56 2008.09.09 EICAR_Test_File F-Secure 8.0.14332.0 2008.09.10 EICAR-Test-File Fortinet 3.112.0.0 2008.09.10 EICAR_TEST_FILE GData 19 2008.09.10 EICAR-Test-File Ikarus T3.1.1.34.0 2008.09.10 EICAR-ANTIVIRUS-TESTFILE K7AntiVirus 7.10.450 2008.09.10 Eicar-Test-File Kaspersky 7.0.0.125 2008.09.10 EICAR-Test-File McAfee 5380 2008.09.09 EICAR test file Microsoft 1.3903 2008.09.10 Virus:DOS/EICAR_Test_File NOD32v2 3429 2008.09.09 Eicar test file Norman 5.80.02 2008.09.10 EICAR_Test_file_not_a_virus! Panda 9.0.0.4 2008.09.09 EICAR-AV-TEST-FILE PCTools 4.4.2.0 2008.09.10 EICAR_test_file Prevx1 V2 2008.09.10 Test Virus Rising 20.61.22.00 2008.09.10 EICAR-Test-File Sophos 4.33.0 2008.09.10 EICAR-AV-Test Sunbelt 3.1.1616.1 2008.09.09 EICAR (v) Symantec 10 2008.09.10 EICAR Test String TheHacker 6.3.0.9.077 2008.09.10 EICAR_Test_File TrendMicro 8.700.0.1004 2008.09.10 Eicar_test_file VBA32 3.12.8.5 2008.09.10 EICAR-Test-File ViRobot 2008.9.10.1371 2008.09.10 EICAR-test VirusBuster 4.5.11.0 2008.09.10 EICAR_test_file Webwasher-Gateway 6.6.2 2008.09.10 Virus.Eicar-Test-Signature Information additionnelle File size: 68 bytes MD5...: 44d88612fea8a8f36de82e1278abb02f SHA1..: 3395856ce81f2b7382dee72602f798b642f14140 SHA256: 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f SHA512: cc805d5fab1fd71a4ab352a9c533e65fb2d5b885518f4e565e68847223b8e6b8<br>5cb48f3afad842726d99239c9e36505c64b0dc9a061d9e507d833277ada336ab PEiD..: - TrID..: File type identification<br>Unknown! PEInfo: - Prevx info: http://info.prevx.com/aboutprogramtext.asp...82E120078ABB02F Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.9.6.0 2008.09.10 EICAR_Test_File AntiVir 7.8.1.28 2008.09.10 Eicar-Test-Signature Authentium 5.1.0.4 2008.09.10 EICAR_Test_File Avast 4.8.1195.0 2008.09.10 EICAR Test-NOT virus!! AVG 8.0.0.161 2008.09.10 EICAR_Test BitDefender 7.2 2008.09.10 EICAR-Test-File (not a virus) CAT-QuickHeal 9.50 2008.09.10 EICAR Test File ClamAV 0.93.1 2008.09.10 Eicar-Test-Signature DrWeb 4.44.0.09170 2008.09.10 EICAR Test File (NOT a Virus!) eSafe 7.0.17.0 2008.09.10 EICAR Test File eTrust-Vet 31.6.6082 2008.09.10 the EICAR test string Ewido 4.0 2008.09.10 Not-A-Virus.Test.Eicar F-Prot 4.4.4.56 2008.09.09 EICAR_Test_File F-Secure 8.0.14332.0 2008.09.10 EICAR-Test-File Fortinet 3.112.0.0 2008.09.10 EICAR_TEST_FILE GData 19 2008.09.10 EICAR-Test-File Ikarus T3.1.1.34.0 2008.09.10 EICAR-ANTIVIRUS-TESTFILE K7AntiVirus 7.10.450 2008.09.10 Eicar-Test-File Kaspersky 7.0.0.125 2008.09.10 EICAR-Test-File McAfee 5380 2008.09.09 EICAR test file Microsoft 1.3903 2008.09.10 Virus:DOS/EICAR_Test_File NOD32v2 3429 2008.09.09 Eicar test file Norman 5.80.02 2008.09.10 EICAR_Test_file_not_a_virus! Panda 9.0.0.4 2008.09.09 EICAR-AV-TEST-FILE PCTools 4.4.2.0 2008.09.10 EICAR_test_file Prevx1 V2 2008.09.10 Test Virus Rising 20.61.22.00 2008.09.10 EICAR-Test-File Sophos 4.33.0 2008.09.10 EICAR-AV-Test Sunbelt 3.1.1616.1 2008.09.09 EICAR (v) Symantec 10 2008.09.10 EICAR Test String TheHacker 6.3.0.9.077 2008.09.10 EICAR_Test_File TrendMicro 8.700.0.1004 2008.09.10 Eicar_test_file VBA32 3.12.8.5 2008.09.10 EICAR-Test-File ViRobot 2008.9.10.1371 2008.09.10 EICAR-test VirusBuster 4.5.11.0 2008.09.10 EICAR_test_file Webwasher-Gateway 6.6.2 2008.09.10 Virus.Eicar-Test-Signature Information additionnelle File size: 68 bytes MD5...: 44d88612fea8a8f36de82e1278abb02f SHA1..: 3395856ce81f2b7382dee72602f798b642f14140 SHA256: 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f SHA512: cc805d5fab1fd71a4ab352a9c533e65fb2d5b885518f4e565e68847223b8e6b8<br>5cb48f3afad842726d99239c9e36505c64b0dc9a061d9e507d833277ada336ab PEiD..: - TrID..: File type identification<br>Unknown! PEInfo: - Prevx info: http://info.prevx.com/aboutprogramtext.asp...82E120078ABB02F Qu'est ce que ce fichier ? -
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Il semblerait que cela ait merveilleusement bien marché !!! Le fichier routercontrol n'apparait enfin plus au démarrage, mes accents circonflexes et trémas sont revenus (êîôû ï...!!!) et ma connexion wifi semble avoir retrouvée tout son potentiel ! Cependant comment ais-je pu attrapper ce rootkit, j'ai remplacé avast par antivir (version française que j'ai trouvé), j'utilise windows defender, firefox et le pare feu livebox + xp sp2. Que me conseillerais tu pour que cela ne m'arrive plus ? Encore merci vraiment bravo !!! Voici le rapport de Combofix : ComboFix 08-09-05.14 - Maxime 2008-09-10 16:20:05.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.603 [GMT 2:00] Endroit: C:\Documents and Settings\Maxime\Bureau\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Maxime\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML C:\WINDOWS\system32\_000003_.tmp.dll C:\WINDOWS\system32\_000005_.tmp.dll C:\WINDOWS\system32\_000006_.tmp.dll C:\WINDOWS\system32\_000007_.tmp.dll C:\WINDOWS\system32\_000008_.tmp.dll C:\WINDOWS\system32\_000009_.tmp.dll C:\WINDOWS\system32\_000010_.tmp.dll C:\WINDOWS\system32\_000011_.tmp.dll C:\WINDOWS\system32\_000012_.tmp.dll C:\WINDOWS\system32\_000019_.tmp.dll D:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_6TO4 -------\Service_6to4 ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-08-10 to 2008-09-10 )))))))))))))))))))))))))))))))))))) . 2008-09-10 15:44 . 2008-09-10 16:06 250 --a------ C:\WINDOWS\gmer.ini 2008-09-10 14:42 . 2008-09-10 14:42 68 --a------ C:\WINDOWS\system32\virus2.com 2008-09-10 14:07 . 2008-09-10 14:07 <REP> d-------- C:\Program Files\Avira 2008-09-10 14:07 . 2008-09-10 14:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-09-09 17:12 . 2008-09-09 17:12 <REP> d-------- C:\rsit 2008-09-08 20:26 . 2008-09-08 20:26 <REP> d-------- C:\Program Files\ConvertHelper 2008-09-07 17:02 . 2008-09-07 17:02 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf 2008-09-07 17:01 . 2007-06-08 14:46 1,560,576 --a------ C:\WINDOWS\system32\BttnCmns_64.dll 2008-09-07 17:01 . 2006-06-30 06:46 1,560,576 --a------ C:\WINDOWS\system32\BttnCmns.dll 2008-09-07 17:01 . 2007-06-18 17:12 16,768 --a------ C:\WINDOWS\system32\drivers\HpqKbFiltr.sys 2008-09-07 14:37 . 2008-09-07 14:37 <REP> d-------- C:\Program Files\Trend Micro 2008-09-07 11:27 . 2008-09-07 11:27 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-09-07 11:27 . 2008-09-07 11:27 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\Malwarebytes 2008-09-07 11:27 . 2008-09-07 11:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-09-07 11:27 . 2008-09-02 00:16 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-09-07 11:27 . 2008-09-02 00:16 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-09-06 14:25 . 2008-09-06 14:27 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\SPORE 2008-09-06 14:08 . 2008-09-06 14:08 <REP> d-------- C:\Program Files\Electronic Arts 2008-09-03 17:11 . 2008-03-16 14:30 216,064 -r-hs---- C:\WINDOWS\system32\nbDX.dll 2008-09-03 17:11 . 2006-03-10 22:48 169,472 -r-hs---- C:\WINDOWS\system32\MatroskaDX.ax 2008-09-03 17:11 . 2005-11-25 21:46 161,792 -r-hs---- C:\WINDOWS\system32\RealMediaDX.ax 2008-09-03 17:11 . 2003-11-21 00:00 54,784 -r-hs---- C:\WINDOWS\system32\RLAPEDec.ax 2008-09-03 17:11 . 2004-04-27 00:00 37,888 -r-hs---- C:\WINDOWS\system32\RLMPCDec.ax 2008-09-03 17:11 . 2007-02-21 12:47 31,232 -r-hs---- C:\WINDOWS\system32\msfDX.dll 2008-09-03 17:10 . 2006-05-03 11:06 163,328 -r-hs---- C:\WINDOWS\system32\flvDX.dll 2008-09-03 17:10 . 2006-01-13 00:23 123,904 -r-hs---- C:\WINDOWS\system32\AVCDX.ax 2008-09-03 17:09 . 2008-09-03 17:09 <REP> d-------- C:\Program Files\eRightSoft 2008-09-01 18:38 . 2008-09-08 20:21 <REP> d-------- C:\Program Files\Free Music Zilla 2008-09-01 15:47 . 2008-09-01 17:04 <REP> d-------- C:\Program Files\Free Download Manager 2008-08-28 19:05 . 2008-08-28 19:06 <REP> d-------- C:\Program Files\VisualTaskTips 2008-08-27 16:04 . 2008-08-27 21:51 <REP> d-------- C:\Program Files\UltraISO 2008-08-26 11:46 . 2008-09-10 13:28 1,374 --a------ C:\WINDOWS\imsins.BAK 2008-08-26 11:46 . 2008-08-26 11:46 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-08-26 11:46 . 2008-08-26 11:46 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf 2008-08-24 23:09 . 2006-11-02 07:09 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll 2008-08-24 23:09 . 2008-08-24 23:09 21,672 --a------ C:\WINDOWS\system32\drivers\ggsemc.sys 2008-08-24 23:09 . 2008-08-24 23:09 13,352 --a------ C:\WINDOWS\system32\drivers\ggflt.sys 2008-08-24 23:07 . 2008-08-24 23:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson 2008-08-24 23:06 . 2008-08-24 23:06 <REP> d-------- C:\Program Files\Sony Ericsson 2008-08-23 16:33 . 1998-06-18 00:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL 2008-08-23 14:48 . 2008-09-03 17:36 <REP> d-------- C:\Program Files\Shape Viewer 2008-08-22 22:52 . 2008-08-22 22:52 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\Intel 2008-08-22 22:52 . 2008-08-22 22:52 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\Intel 2008-08-22 22:52 . 2008-06-26 06:15 3,630,080 --a------ C:\WINDOWS\system32\drivers\NETw5x32.sys 2008-08-22 22:52 . 2008-04-18 16:09 2,756,608 --a------ C:\WINDOWS\system32\NETw5r32.dll 2008-08-22 22:52 . 2008-04-18 16:08 659,456 --a------ C:\WINDOWS\system32\NETw5c32.dll 2008-08-22 22:51 . 2008-08-22 22:51 <REP> d-------- C:\Program Files\Fichiers communs\Intel 2008-08-22 22:48 . 2008-08-22 22:48 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\Intel 2008-08-22 22:48 . 2008-08-22 22:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Intel 2008-08-21 21:52 . 2008-08-21 21:52 38 --a------ C:\WINDOWS\avisplitter.INI 2008-08-18 17:20 . 2008-08-18 17:20 158 --a------ C:\WINDOWS\TSDataEx.ini 2008-08-14 16:44 . 2008-08-15 07:43 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\La Bataille pour la Terre du Milieu 2008-08-14 16:32 . 2008-08-14 16:32 <REP> d-------- C:\Program Files\EA GAMES 2008-08-14 12:09 . 2008-08-14 12:09 <REP> d-------- C:\Program Files\JkDefragGUI 2008-08-14 11:40 . 2008-08-14 11:40 <REP> d-------- C:\Program Files\PROnetworks 2008-08-13 15:45 . 2008-05-01 16:36 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll 2008-08-13 15:39 . 2008-04-11 21:05 691,712 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll 2008-08-12 18:24 . 2008-08-12 18:24 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\vlc . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-10 14:25 22,528 ----a-w C:\WINDOWS\system32\drivers\nhcDriver.sys 2008-09-10 14:16 --------- d-----w C:\Documents and Settings\Maxime\Application Data\SiteAdvisor 2008-09-10 11:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-09-08 19:26 --------- d-----w C:\Program Files\Dictionnaire 2008-09-08 18:32 --------- d-----w C:\Documents and Settings\Maxime\Application Data\uTorrent 2008-09-08 18:09 --------- d-----w C:\Program Files\eChanblard 2008-09-07 19:12 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-09-06 21:00 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-09-06 20:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-09-06 20:40 --------- d-----w C:\Program Files\SpywareBlaster 2008-09-06 12:07 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-03 15:29 --------- d-----w C:\Program Files\Microsoft Games 2008-08-31 18:30 --------- d-----w C:\Documents and Settings\Maxime\Application Data\MyPhoneExplorer 2008-08-31 18:15 --------- d-----w C:\Program Files\Paint.NET 2008-08-29 11:52 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE 2008-08-29 11:52 249,856 ------w C:\WINDOWS\Setup1.exe 2008-08-27 12:41 --------- d-----w C:\Program Files\TuneUp Utilities 2008 2008-08-24 20:58 --------- d-----w C:\Program Files\MyPhoneExplorer 2008-08-22 20:51 --------- d-----w C:\Program Files\Intel 2008-08-22 14:01 --------- d-----w C:\Program Files\ma-config.com 2008-08-22 14:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\ma-config.com 2008-08-22 10:25 --------- d-----w C:\Program Files\PicLensIE 2008-08-22 09:41 --------- d-----w C:\Program Files\Windows Live 2008-08-22 09:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-08-17 19:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania 2008-08-14 14:51 --------- d-----w C:\Documents and Settings\Maxime\Application Data\dvdcss 2008-08-13 20:32 --------- d-----w C:\Program Files\uTorrent 2008-08-12 16:23 --------- d-----w C:\Program Files\VideoLAN 2008-08-11 17:05 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-08-09 13:39 --------- d-----w C:\Documents and Settings\Maxime\Application Data\Stellarium 2008-08-09 13:38 --------- d-----w C:\Program Files\Stellarium 2008-08-05 21:01 --------- d-----w C:\Program Files\BestGameEver 2008-08-03 17:58 --------- d-----w C:\Program Files\DivX 2008-08-03 17:57 --------- d-----w C:\Program Files\Atmosphere Lite 2008-08-03 17:13 --------- d-----w C:\Program Files\Fichiers communs\Nero 2008-08-03 17:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero 2008-08-03 16:31 --------- d-----w C:\Program Files\Unlocker 2008-08-03 13:20 --------- d-----w C:\Program Files\DAEMON Tools Lite 2008-08-03 12:29 --------- d-----w C:\Program Files\iTunes 2008-08-03 12:29 --------- d-----w C:\Program Files\iPod 2008-07-26 09:24 --------- d-----w C:\Program Files\Google 2008-07-20 15:44 324,120 ----a-w C:\WINDOWS\system32\drivers\iaStor.sys 2008-07-18 16:33 --------- d-----w C:\Program Files\Zattoo 2008-07-18 07:02 --------- d-----w C:\Program Files\Anno 1701 2008-07-17 17:10 --------- d-----w C:\Program Files\Microsoft Silverlight 2008-07-16 10:09 --------- d-----w C:\Documents and Settings\Maxime\Application Data\Apple Computer 2008-07-15 16:25 --------- d-----w C:\Documents and Settings\Maxime\Application Data\Orbit 2008-07-10 16:04 --------- d-----w C:\Program Files\Fichiers communs\xing shared 2008-07-10 16:04 --------- d-----w C:\Program Files\Fichiers communs\Real 2008-07-10 15:52 --------- d-----w C:\Program Files\Java 2008-07-10 12:31 --------- d-----w C:\Program Files\NFO viewer 2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll 2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll 2008-03-16 12:30 216,064 --sh--r C:\WINDOWS\system32\nbDX.dll 2008-05-07 13:28 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008050720080508\index.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{77D7E795-33C5-4323-974D-A2A49AB75517}] 2008-08-30 12:15 133616 --a----t- C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 1187840] "NotebookHardwareControl"="C:\Program Files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1024000] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-15 7561216] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-04-18 C:\WINDOWS\system32\CHDAudPropShortcut.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "GreyMSIAds"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.I420"= i420vfw.dll "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl] --a------ 2008-05-12 15:10 202032 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe "nwiz"=nwiz.exe /installquiet /nodetect "QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" "HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime "NeroFilterCheck"=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" "SystrayORAHSS"="C:\Program Files\Orange\Systray\SystrayApp.exe" "ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe "IntelWireless"="C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray "IntelZeroConfig"="C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe" "SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe "MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto "NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\TmNationsForever\\TmForever.exe"= "C:\\Program Files\\Anno 1701\\Anno1701.exe"= "C:\\Program Files\\eChanblard\\emule.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\EA GAMES\\La Bataille pour la Terre du Milieu\\game.dat"= "C:\\Program Files\\Zattoo\\Zattoo.exe"= "C:\\Program Files\\MyPhoneExplorer\\MyPhoneExplorer.exe"= "C:\\Program Files\\Wormux\\wormux.exe"= "C:\\Program Files\\Free Music Zilla\\FMZilla.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R2 Prvflder;Prvflder;C:\WINDOWS\system32\DRIVERS\prvflder.sys [2006-04-21 70912] R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [ ] S3 Com4QLBEx;Com4QLBEx;C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840] S3 getPlus® Helper;getPlus® Helper;C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [ ] S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-08-24 13352] S3 gupdate1c8c1a839fd1f2;Google Update Service (gupdate1c8c1a839fd1f2);C:\Program Files\Google\Update\GoogleUpdate.exe [2008-08-30 133104] S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-07-25 191656] S3 NETw5x32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-06-26 3630080] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-06-27 355584] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F277B357-CF8F-0B76-A44E-BA96F46162F6}] C:\WINDOWS:rtrcntrl.exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' . - - - - ORPHANS REMOVED - - - - HKLM-Run-routercontrol - C:\WINDOWS:rtrcntrl.exe MSConfigStartUp-SunJavaUpdateSched - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\gygr974b.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FireFox -: prefs.js - STARTUP.HOMEPAGE - chrome://speeddial/content/speeddial.xul FF -: plugin - C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\gygr974b.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll FF -: plugin - C:\Program Files\Google\Google Earth Plugin\firefox\plugins\npgeplugin.dll FF -: plugin - C:\Program Files\Google\Update\1.2.131.11\npGoogleOneClick5.dll FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll FF -: plugin - c:\Program Files\Microsoft Silverlight\2.0.30226.2\npctrl.dll FF -: plugin - c:\Program Files\Microsoft Silverlight\2.0.30523.6\npctrl.dll FF -: plugin - c:\Program Files\Microsoft Silverlight\2.0.30523.8\npctrl.1.0.30109.0.dll FF -: plugin - c:\Program Files\Microsoft Silverlight\2.0.30523.8\npctrl.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll FF -: plugin - C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll FF -: plugin - C:\Program Files\Virtual Earth 3D\npVE3D.dll FF -: plugin - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-10 16:25:03 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run routercontrol = C:\WINDOWS:rtrcntrl.exe??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Balayage des fichiers cach‚s ... C:\WINDOWS:rtrcntrl.exe 18944 bytes executable Scan termin‚ avec succŠs Les fichiers cach‚s: 1 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Windows Defender\MsMpEng.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Mozilla Firefox\firefox.exe . ************************************************************************** . Temps d'accomplissement: 2008-09-10 16:30:25 - machine was rebooted ComboFix-quarantined-files.txt 2008-09-10 14:30:21 Pre-Run: 17,093,279,744 octets libres Post-Run: 17,107,734,528 octets libres 286 --- E O F --- 2008-09-10 11:32:43 -
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Oui ils se trouvent tous les deux dans le meme dossier... -
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Le fichier m'affiche le message suivant : "LoadLibrary "gmer.dll" le module spécifié est introuvable." Ce rootkit pourrait etre à l'origine de mes problèmes d'accents par exemple ? Merci encore... -
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Voilà le rapport de GMER. Les fichiers de "My private Folder" sont dans un dossier protégé par mot de passe mais que je connais. Et le fameux fichier "rtrcntrl" apparait bien... GMER 1.0.14.14536 - http://www.gmer.net Rootkit scan 2008-09-10 15:50:58 Windows 5.1.2600 Service Pack 3 ---- Files - GMER 1.0.14 ---- File C:\Documents and Settings\Maxime\My Private Folder\DSC00062_2.JPG 219276 bytes File C:\Documents and Settings\Maxime\My Private Folder\DSC00062_2.JPG.$e_ 1024 bytes File C:\Documents and Settings\Maxime\My Private Folder\prvflder.dat 512 bytes File C:\Documents and Settings\Maxime\My Private Folder\SMS de Ma Chérie.sms 598 bytes File C:\Documents and Settings\Maxime\My Private Folder\SMS de Ma Chérie.sms.$e_ 1024 bytes File C:\Documents and Settings\Maxime\My Private Folder\SMS de Ma Chérie.txt 334 bytes File C:\Documents and Settings\Maxime\My Private Folder\SMS de Ma Chérie.txt.$e_ 1024 bytes File C:\Documents and Settings\Maxime\My Private Folder\Thumbs.db 97280 bytes File C:\Documents and Settings\Maxime\My Private Folder\Thumbs.db.$e_ 512 bytes File C:\Documents and Settings\Maxime\My Private Folder\Waaa !!!.jpg 6130 bytes File C:\Documents and Settings\Maxime\My Private Folder\Waaa !!!.jpg.$e_ 1024 bytes ADS C:\WINDOWS:rtrcntrl.exe 18944 bytes executable ---- EOF - GMER 1.0.14 ---- -
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
En tout cas merci pour le temps que tu m'accordes... Penses-tu que ce qu'on essaye d'enlever soit néfaste ? Je ne savais pas le quel refaire alors voici le premier lib.dat : Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 24E8-EFE4 R‚pertoire de C:\ 26/03/2008 16:06 <REP> Documents and Settings 26/03/2008 16:07 <REP> hp 27/03/2008 18:37 <REP> I386 31/03/2008 20:12 <REP> Intel 10/09/2008 15:23 0 liste1.txt 31/05/2008 20:00 642 Maxbat.lnk 10/09/2008 15:01 <REP> Program Files 09/09/2008 17:12 <REP> rsit 08/09/2008 20:50 <REP> SWSETUP 10/07/2008 14:15 <REP> temp 10/09/2008 15:23 <REP> WINDOWS 2 fichier(s) 642 octets 9 R‚p(s) 17ÿ202ÿ491ÿ392 octets libres Et voici le second : Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" "RecGuard"="C:\\Windows\\SMINST\\RecGuard.exe" "NotebookHardwareControl"="\"C:\\Program Files\\Notebook Hardware Control\\nhc.exe\" -quiet" "IAAnotif"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe" "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe" "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "avgnt"="\"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min" "routercontrol"="C:\\WINDOWS:rtrcntrl.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] @="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" @="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" @="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" @="" ⴠⴭⴭⴭⴭⴭⴭWindows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" ⴠⴭⴭⴭⴭⴭⴭ -
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Non désolé c'est moi qui avait fait une erreur... Voici le premier rapport : Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 24E8-EFE4 R‚pertoire de C:\Documents and Settings\Maxime\Bureau 10/09/2008 15:03 <REP> . 10/09/2008 15:03 <REP> .. 04/09/2008 18:38 2ÿ477 Dicos Encarta.lnk 27/03/2008 18:55 686 Dictionnaires langues.lnk 14/08/2008 15:17 699 eChanblard.lnk 22/08/2008 12:46 1ÿ935 Galerie de photos Windows Live.lnk 10/07/2008 13:58 803 Internet Explorer.lnk 19/08/2008 14:54 2ÿ137 iTunes.lnk 10/09/2008 14:57 121 lib.bat 27/03/2008 18:40 468 Ma musique.lnk 02/09/2008 17:21 2ÿ567 Microsoft Encarta 2008 - tudes DVD.lnk 10/09/2008 13:51 2ÿ467 Microsoft Encarta Maths.lnk 01/09/2008 18:26 2ÿ575 Microsoft Office Word 2007.lnk 14/08/2008 15:07 1ÿ614 Mozilla Firefox.lnk 24/08/2008 22:58 1ÿ742 MyPhoneExplorer.lnk 09/09/2008 17:12 304ÿ189 RSIT.exe 14/08/2008 15:08 1ÿ753 Windows Live Messenger .lnk 26/03/2008 23:56 782 Windows Media Player.lnk 11/08/2008 17:52 1ÿ506 Zattoo.lnk 17 fichier(s) 328ÿ521 octets 2 R‚p(s) 17ÿ203ÿ109ÿ888 octets libres Et voilà le second : Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" "RecGuard"="C:\\Windows\\SMINST\\RecGuard.exe" "NotebookHardwareControl"="\"C:\\Program Files\\Notebook Hardware Control\\nhc.exe\" -quiet" "IAAnotif"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe" "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe" "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "routercontrol"="C:\\WINDOWS:rtrcntrl.exe" "avgnt"="\"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min" "virus"="C:\\WINDOWS\\system32\\virus2.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] @="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" @="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" @="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" @="" ⴠⴭⴭⴭⴭⴭⴭWindows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" ⴠⴭⴭⴭⴭⴭⴭ -
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Le fichier me lance une analyse spybot ? Est-ce cela que je dois poster ? -
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Voici un nouveau rapport... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:50:53, on 10/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Notebook Hardware Control\nhc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Maxime R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [routercontrol] C:\WINDOWS:rtrcntrl.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [virus] C:\WINDOWS\system32\virus2.com O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1214757344578 O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://www.piclens.com/shared/plinstll.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: getPlus® Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing) O23 - Service: Google Update Service (gupdate1c8c1a839fd1f2) (gupdate1c8c1a839fd1f2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 11338 bytes -
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Ha non mais je te crois totalement. J'ai d'ailleurs changé mon antivirus. Cependant ce démarrage revient toujours meme après l'avoir supprimé. Je ne sais pas si il a rapport avec mes problèmes d'accent ou d'internet wifi... Cependant j'ai remarqué tout ça au meme moment.. -
[Résolu] Troubles divers et logiciels bizarres au démarrage
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Non mais le doublon est du au fait que mon problème était résolu mais il est revenu... mais j'en suis désolé... Et puis j'ai de nouveaux symptomes apparemment avec le wifi. Et pour avast peut importe vu que j'ai analysé mon pc avec Malwarebyte's et spybot qui n'ont rien trouvés... Voici mon RSIT : (merci de s'y intéresser en tout cas ) Logfile of random's system information tool (written by random/random) Run by Maxime at 2008-09-09 17:12:31 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 17 GB (19%) free of 87 GB Total RAM: 1022 MB (49% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:12:48, on 09/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Notebook Hardware Control\nhc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Maxime\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Maxime.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Maxime R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [routercontrol] C:\WINDOWS:rtrcntrl.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1214757344578 O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://www.piclens.com/shared/plinstll.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: getPlus® Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing) O23 - Service: Google Update Service (gupdate1c8c1a839fd1f2) (gupdate1c8c1a839fd1f2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 11427 bytes Scheduled tasks folder C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job C:\WINDOWS\tasks\MP Scheduled Scan.job Registry dump [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}] IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2008-03-31 728168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77D7E795-33C5-4323-974D-A2A49AB75517}] Google Update Helper - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll [2008-08-30 133616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-12-14 392240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-03-31 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll [2008-03-31 654320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}] C:\Program Files\PicLensIE\PicLens.dll [2008-08-19 3493888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-03-24 352256] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-03-31 2436160] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-04-18 61952] "RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008] "NotebookHardwareControl"=C:\Program Files\Notebook Hardware Control\nhc.exe [2007-05-04 2629632] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1024000] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-04-15 7561216] "routercontrol"=C:\WINDOWS:rtrcntrl.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-12 202032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\routercontrol] C:\WINDOWS:rtrcntrl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:uTorrent.exe" "C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever" "C:\Program Files\Anno 1701\Anno1701.exe"="C:\Program Files\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701" "C:\Program Files\eChanblard\emule.exe"="C:\Program Files\eChanblard\emule.exe:*:Enabled:eChanblard" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu\game.dat"="C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu\game.dat:*:Enabled:La Bataille pour la Terre du Milieu" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Zattoo\Zattoo.exe"="C:\Program Files\Zattoo\Zattoo.exe:*:Enabled:Zattoo" "C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe"="C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe:*:Enabled:MyPhoneExplorer" "C:\Program Files\Wormux\wormux.exe"="C:\Program Files\Wormux\wormux.exe:*:Enabled:Wormux is a convivial mass murder game." "C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla Module" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" File associations .reg - open - regedit.exe "%1" %* .scr - open - "%1" %* List of files/folders created in the last three months 2008-09-09 17:12:31 ----D---- C:\rsit 2008-09-08 20:26:20 ----D---- C:\Program Files\ConvertHelper 2008-09-07 17:01:08 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll 2008-09-07 17:01:07 ----A---- C:\WINDOWS\system32\BttnCmns.dll 2008-09-07 14:37:24 ----D---- C:\Program Files\Trend Micro 2008-09-07 11:27:47 ----D---- C:\Documents and Settings\Maxime\Application Data\Malwarebytes 2008-09-07 11:27:42 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-09-07 11:27:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-09-06 14:25:54 ----D---- C:\Documents and Settings\Maxime\Application Data\SPORE 2008-09-06 14:08:02 ----D---- C:\Program Files\Electronic Arts 2008-09-03 17:11:00 ----RSH---- C:\WINDOWS\system32\nbDX.dll 2008-09-03 17:11:00 ----RSH---- C:\WINDOWS\system32\msfDX.dll 2008-09-03 17:10:59 ----RSH---- C:\WINDOWS\system32\flvDX.dll 2008-09-03 17:09:03 ----D---- C:\Program Files\eRightSoft 2008-09-01 18:38:36 ----D---- C:\Program Files\Free Music Zilla 2008-09-01 15:47:56 ----D---- C:\Program Files\Free Download Manager 2008-08-28 19:05:10 ----D---- C:\Program Files\VisualTaskTips 2008-08-27 16:04:51 ----D---- C:\Program Files\UltraISO 2008-08-26 11:46:17 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$ 2008-08-24 23:09:22 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll 2008-08-24 23:07:59 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Ericsson 2008-08-24 23:06:45 ----D---- C:\Program Files\Sony Ericsson 2008-08-23 18:23:15 ----D---- C:\Documents and Settings\Maxime\Application Data\Help 2008-08-23 16:33:13 ----A---- C:\WINDOWS\system32\VB5DB.DLL 2008-08-23 14:48:10 ----D---- C:\Program Files\Shape Viewer 2008-08-22 22:52:31 ----A---- C:\WINDOWS\system32\NETw5r32.dll 2008-08-22 22:52:31 ----A---- C:\WINDOWS\system32\NETw5c32.dll 2008-08-22 22:51:34 ----D---- C:\Program Files\Fichiers communs\Intel 2008-08-22 22:48:31 ----D---- C:\Documents and Settings\All Users\Application Data\Intel 2008-08-22 22:48:28 ----D---- C:\Documents and Settings\Maxime\Application Data\Intel 2008-08-21 21:52:40 ----A---- C:\WINDOWS\avisplitter.INI 2008-08-18 17:20:51 ----A---- C:\WINDOWS\TSDataEx.ini 2008-08-14 16:44:31 ----D---- C:\Documents and Settings\Maxime\Application Data\La Bataille pour la Terre du Milieu 2008-08-14 16:32:16 ----D---- C:\Program Files\EA GAMES 2008-08-14 12:09:05 ----D---- C:\Program Files\JkDefragGUI 2008-08-14 11:40:39 ----D---- C:\Program Files\PROnetworks 2008-08-12 18:24:19 ----D---- C:\Documents and Settings\Maxime\Application Data\vlc 2008-08-09 15:39:30 ----D---- C:\Documents and Settings\Maxime\Application Data\Stellarium 2008-08-09 15:38:09 ----D---- C:\Program Files\Stellarium 2008-08-05 23:01:13 ----D---- C:\Program Files\BestGameEver 2008-08-03 22:36:47 ----A---- C:\WINDOWS\system32\NVUNINST.EXE 2008-08-03 22:34:44 ----A---- C:\WINDOWS\system32\nvudisp.exe 2008-08-03 18:46:16 ----A---- C:\WINDOWS\system32\ShellManager310E2D762.dll 2008-08-03 18:31:37 ----D---- C:\Program Files\Unlocker 2008-08-03 18:19:49 ----A---- C:\WINDOWS\Winchat.ini 2008-08-03 15:20:57 ----D---- C:\Program Files\DAEMON Tools Lite 2008-08-03 14:29:23 ----D---- C:\Program Files\iPod 2008-08-03 14:29:16 ----D---- C:\Program Files\iTunes 2008-07-31 02:21:58 ----A---- C:\WINDOWS\system32\icardres.dll.mui 2008-07-29 20:35:46 ----A---- C:\WINDOWS\system32\PresentationHost.exe 2008-07-29 19:59:58 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll 2008-07-29 19:59:58 ----A---- C:\WINDOWS\system32\PresentationHostProxy.dll 2008-07-29 19:59:58 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2008-07-29 19:24:50 ----A---- C:\WINDOWS\system32\infocardapi.dll 2008-07-29 19:24:50 ----A---- C:\WINDOWS\system32\icardres.dll 2008-07-29 19:24:50 ----A---- C:\WINDOWS\system32\icardagt.exe 2008-07-29 16:05:16 ----A---- C:\WINDOWS\system32\SPort.dll 2008-07-25 11:16:58 ----A---- C:\WINDOWS\system32\mscories.dll 2008-07-25 11:16:58 ----A---- C:\WINDOWS\system32\mscorier.dll 2008-07-25 11:16:58 ----A---- C:\WINDOWS\system32\mscoree.dll 2008-07-25 11:16:46 ----A---- C:\WINDOWS\system32\dfshim.dll 2008-07-16 14:19:01 ----D---- C:\Program Files\uTorrent 2008-07-15 18:21:34 ----D---- C:\Documents and Settings\Maxime\Application Data\Orbit 2008-07-10 20:19:02 ----A---- C:\WINDOWS\system32\NetProvCredMan.dll 2008-07-10 18:04:17 ----D---- C:\Program Files\Fichiers communs\xing shared 2008-07-10 17:52:26 ----A---- C:\WINDOWS\system32\javaws.exe 2008-07-10 17:52:26 ----A---- C:\WINDOWS\system32\javaw.exe 2008-07-10 17:52:26 ----A---- C:\WINDOWS\system32\java.exe 2008-07-10 14:31:16 ----D---- C:\Program Files\NFO viewer 2008-07-08 15:09:41 ----D---- C:\Documents and Settings\Maxime\Application Data\CyberLink 2008-07-08 15:04:22 ----D---- C:\Documents and Settings\Maxime\Application Data\dvdcss 2008-07-08 12:04:26 ----D---- C:\Documents and Settings\Maxime\Application Data\DivX 2008-07-02 11:43:15 ----D---- C:\Program Files\Fichiers communs\Adobe 2008-07-02 11:32:23 ----D---- C:\Documents and Settings\All Users\Application Data\NOS 2008-06-27 11:40:33 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2008-06-27 11:40:33 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2008-06-27 11:23:45 ----HD---- C:\WINDOWS\PIF 2008-06-24 14:43:37 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd 2008-06-24 14:41:40 ----D---- C:\Program Files\Fichiers communs\Logishrd 2008-06-24 09:55:51 ----D---- C:\Program Files\Fichiers communs\Symantec Shared 2008-06-20 23:41:53 ----D---- C:\Program Files\Anno 1701 2008-06-18 19:52:28 ----A---- C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2008-06-17 13:39:51 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2008-06-16 17:21:19 ----D---- C:\Documents and Settings\Maxime\Application Data\FMZilla 2008-06-14 16:57:56 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-14 16:57:35 ----D---- C:\Program Files\SpywareBlaster 2008-06-14 12:37:33 ----D---- C:\Program Files\Armadillo Run 2008-06-13 19:30:38 ----D---- C:\Program Files\QuickTime 2008-06-13 15:28:11 ----D---- C:\Program Files\MSECache 2008-06-13 15:25:21 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage 2008-06-13 11:05:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-06-12 13:15:01 ----A---- C:\WINDOWS\msnfix.txt 2008-06-12 10:05:02 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles 2008-06-12 09:59:38 ----D---- C:\WINDOWS\nview 2008-06-12 09:51:37 ----D---- C:\Documents and Settings\All Users\Application Data\TrackMania 2008-06-11 21:23:01 ----A---- C:\WINDOWS\system32\nvcuda.dll 2008-06-11 02:07:24 ----A---- C:\WINDOWS\system32\DivXsm.exe 2008-06-11 02:07:20 ----A---- C:\WINDOWS\system32\qt-dx331.dll 2008-06-11 02:04:26 ----A---- C:\WINDOWS\system32\ssldivx.dll 2008-06-11 02:04:26 ----A---- C:\WINDOWS\system32\libdivx.dll 2008-06-11 02:03:26 ----A---- C:\WINDOWS\system32\dtu100.dll.manifest 2008-06-11 02:03:26 ----A---- C:\WINDOWS\system32\dtu100.dll 2008-06-11 02:03:26 ----A---- C:\WINDOWS\system32\dpl100.dll.manifest 2008-06-11 02:03:26 ----A---- C:\WINDOWS\system32\dpl100.dll 2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpv11.dll 2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpus11.dll 2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpuGUI11.dll 2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpuGUI10.dll 2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpu11.dll 2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpu10.dll 2008-06-11 02:03:20 ----A---- C:\WINDOWS\system32\divx_xx11.dll 2008-06-11 02:03:20 ----A---- C:\WINDOWS\system32\divx_xx0c.dll 2008-06-11 02:03:20 ----A---- C:\WINDOWS\system32\divx_xx0a.dll 2008-06-11 02:03:20 ----A---- C:\WINDOWS\system32\divx_xx07.dll 2008-06-11 02:03:18 ----A---- C:\WINDOWS\system32\DivX.dll List of drivers R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-06-20 271360] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-06-20 18048] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-15 12672] R2 Prvflder;Prvflder; C:\WINDOWS\system32\DRIVERS\prvflder.sys [2006-04-21 70912] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-04-18 11904] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152] R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2006-10-30 329901] R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-10-30 30459] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-11-13 862922] R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-10-30 47875] R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-10-30 67672] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168] R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344] R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2007-05-01 630272] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-08-22 1035008] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-08-22 201600] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NETw4x32;Pilote de carte Intel® Wireless WiFi Link pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2008-03-13 2530176] R3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\WINDOWS\system32\drivers\nhcDriver.sys [] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-04-15 3658528] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 SoC PC-Camera Service;SoC PC-Camera; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2004-07-28 136576] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-12-06 220032] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-09-20 162432] R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-08-22 718464] S2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [] S3 a9qc7kz0;a9qc7kz0; C:\WINDOWS\system32\drivers\a9qc7kz0.sys [] S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-10-30 149123] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-11-16 165496] S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760] S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-08-24 13352] S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2008-08-24 21672] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NETw5x32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-06-26 3630080] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-03-14 1428480] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\system32\DRIVERS\agp440.sys [] S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\system32\DRIVERS\agpCPQ.sys [] S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\system32\DRIVERS\alim1541.sys [] S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\system32\DRIVERS\amdagp.sys [] S4 cbidf;cbidf; C:\WINDOWS\system32\system32\DRIVERS\cbidf2k.sys [] S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\system32\DRIVERS\sisagp.sys [] S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\system32\DRIVERS\viaagp.sys [] List of services R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-11-11 266295] R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-07-10 819200] R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-07-20 354840] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-04-15 143427] R2 prfldsvc;Private Folder Service; C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe [2006-04-21 69632] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [2008-07-10 466944] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344] S3 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-06-27 611664] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [] S3 gupdate1c8c1a839fd1f2;Google Update Service (gupdate1c8c1a839fd1f2); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-08-30 133104] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-03-31 138680] S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192] S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264] S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-07-25 191656] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-06-24 537896] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-06-27 355584] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 S24EventMonitor;Intel® PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2008-07-10 901120] -----------------EOF----------------- -
Bonjour a tous . Depuis peu, mon pc me perd par moment l'accent circonflexe que je ne peux plus utiliser sur les lettre (^^ comme ça oui par contre). Après avoir tout essayé (drivers, virus, langue du clavier qui me l'avait fait revenir puis repartir à nouveau) je ne sais plus quoi faire. De plus, mon pc relié en wifi m'affiche de temps en temps que je suis connecté sur "le nom de mon réseau(non sécurisé)" alors qu'il est bien évidemment tout à fait sécurisé par clé wap. Tout ceci ne m'arrivait pas avant..mais avant quoi... J'ai remarqué un fichier bizarre qui se démarre avec mon pc du nom de "routercontrol" de chemin "C:\WINDOWS:rtrcntrl.exe". Tune up me dit que ce démarrage renvoi vers un emplacement invalide mais quand je le supprime il revient toujours... Je demande donc votre aide ^^. Merci beaucoup ! PS : je n'arrive plus a télécharger sur zebulon, on me demande un login Voici mon rapport Hijackthis si cela peut aider : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:56:59, on 08/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Notebook Hardware Control\nhc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Maxime R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [routercontrol] C:\WINDOWS:rtrcntrl.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1214757344578 O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://www.piclens.com/shared/plinstll.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: getPlus® Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing) O23 - Service: Google Update Service (gupdate1c8c1a839fd1f2) (gupdate1c8c1a839fd1f2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 11577 bytes
-
[Résolu] Problème clavier...
maxbat a répondu à un(e) sujet de maxbat dans Analyses et éradication malwares
Je viens de réussir à régler mon problème avec les langues de claviers. @+ -
Depuis quelques temps (je ne sais pas vraiment combien de temps mais je viens juste de m'en apercevoir), je ne peux plus mettre d'accent circonflexe ou de tréma sur des lettres. J'ai un ordinateur portable et ce problème apparait sur le clavier de ce pc, un autre branché en usb et meme le clavier visuel de windows xp. J'ai vu sur des forums un problème existant de ce type mais chez eux, le problème faisait apparaitre 2 accents circonflexes avant la lettre en question du type ^^e alors que pour moi, ces accents ne marchent par sur les lettre mais seuls oui (^^). Quand je tape "la touche accent circonflexe" puis le e ensuite, un "e" apparait seul, sans accent... J'ai pris le e comme exemple mais le problème y est sur les autres lettres comme le i par exemple. J'ai effectué des analyses avec Spybot et Malwarebyte's mais toujours rien... J'utilise avast comme anti-virus et windows defender. je n'ai jamais eu de problèmes auparavant. J'ai tenté de désinstallé les pilotes des claviers mais le problème réside encore... Je vous transmet mon rapport Hijackthis si cela peut vous etre utile (j'ai repérer un programme inconnu qui se lance au démarrage du nom de "routercontrol" que je n'avais jamais vu mais impossible de le supprimer il revient tout le temps. Je ne sais pas si il y a un rapport...). D'avance merci beaucoup ! ________________________________________________________________________________ __________ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:57:30, on 07/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Notebook Hardware Control\nhc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Windows Defender\MSASCui.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Maxime R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [routercontrol] C:\WINDOWS:rtrcntrl.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1214757344578 O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://www.piclens.com/shared/plinstll.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: getPlus® Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing) O23 - Service: Google Update Service (gupdate1c8c1a839fd1f2) (gupdate1c8c1a839fd1f2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 11143 bytes
-
J'ai un problême d'affichage dans le "Panneau de Configuration". Il n'y a plus le lien à gauche "Basculer vers l'affichage classique". Si quelqu'un sait comment le faire réapparaître ou réactiver l'affichage classique du "Panneau de Configuration". Merci Beaucoup.