manu13
-
Compteur de contenus
5 -
Inscription
-
Dernière visite
manu13's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
alerte avast trop de mail identiques
manu13 a répondu à un(e) sujet de manu13 dans Analyses et éradication malwares
ok merci beaucoup pour ce soir je vais pouvoir dormir tranquille, il faudra que je me penche un peu sur la démarche que tu m'a donné afin d'essayer de comprendre un peu le système. Demain je ferai la transissions vers Antivir en suivant l'aide. Encore merci @+ Manu -
alerte avast trop de mail identiques
manu13 a répondu à un(e) sujet de manu13 dans Analyses et éradication malwares
ok apparement je n'ai plus d'alerte d'Avast voici le rapport de ComboFix.exe : ComboFix 07-10-26.4 - manu-domi 2007-10-26 22:16:03.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.125 [GMT 2:00] Running from: C:\Documents and Settings\manu-domi\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\manu-domi\Bureau\CFScript.txt * Created a new restore point FILE:: C:\WINDOWS\SYSTEM32\imepadsm58.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\SYSTEM32\imepadsm58.dll . ((((((((((((((((((((((((((((( Fichiers créés 2007-09-26 to 2007-10-26 )))))))))))))))))))))))))))))))))))) . 2007-10-26 22:14 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-26 21:02 <REP> d-------- C:\Program Files\Trend Micro 2007-10-24 20:33 <REP> d-------- C:\Documents and Settings\manu-domi\AbiSuite 2007-10-22 22:16 <REP> d-------- C:\Program Files\CCleaner 2007-10-20 12:39 <REP> d---s---- C:\Documents and Settings\manu-domi\UserData 2007-10-16 19:45 <REP> d-------- C:\Program Files\Stellar Phoenix NTFS Data Recovery 2007-10-16 19:45 165,888 --a------ C:\WINDOWS\Ckconfig.exe 2007-10-16 19:45 69,632 --a------ C:\WINDOWS\system32\Crypserv.exe 2007-10-16 19:45 31,846 --a------ C:\WINDOWS\system32\Ckldrv.sys 2007-10-16 19:45 27,648 -ra------ C:\WINDOWS\Setup_ck.exe 2007-10-16 19:45 18,432 --a------ C:\WINDOWS\Setup_ck.dll 2007-10-16 19:45 11,776 --a------ C:\WINDOWS\Ckrfresh.exe 2007-10-16 19:45 4 --a------ C:\WINDOWS\vx86036.dat 2007-10-10 12:33 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll 2007-10-06 11:23 <REP> d-------- C:\Documents and Settings\manu-domi\Application Data\MSN6 2007-10-06 11:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MSN6 2007-10-06 08:48 <REP> d-------- C:\WINDOWS\system32\NtmsData 2007-10-04 20:14 <REP> d-------- C:\Program Files\Alcohol Soft 2007-10-04 20:01 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-10-02 19:23 <REP> d-------- C:\Program Files\France Topo 3 Provence Côte d'Azur Méditerranée . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-26 16:18 --------- d-----w C:\Documents and Settings\manu-domi\Application Data\Wallpaper 2007-10-24 08:11 --------- d-----w C:\Program Files\DeKiBulle 2007-10-23 20:48 --------- d-----w C:\Program Files\eMule 2007-10-23 20:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-10-21 18:05 --------- d-----w C:\Program Files\OziExplorer 2007-10-17 09:02 --------- d-----w C:\Program Files\Everest Poker 2007-10-13 07:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2007-10-12 18:22 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-03 20:38 --------- d-----w C:\Program Files\TTQV4 2007-09-20 16:06 --------- d-----w C:\Program Files\Windows Live 2007-09-20 11:17 --------- d-----w C:\Program Files\Logitech 2007-09-20 11:16 --------- d-----w C:\Program Files\Fichiers communs\Labtec 2007-09-08 07:47 --------- d-----w C:\Program Files\MyPhoneExplorer 2007-09-06 10:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 10:05 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 10:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 10:02 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 10:00 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-09-05 19:52 --------- d-----w C:\Program Files\Mozilla Thunderbird 2007-07-11 18:02 207 ----a-w C:\Program Files\lastversion.txt 2006-10-31 10:07 31,223 ----a-w C:\Program Files\nv4_disp.cat 2006-10-22 10:22 99,664 ----a-w C:\Program Files\nv3d.chm 2006-10-22 10:22 99,390 ----a-w C:\Program Files\nvwrsel.dl_ 2006-10-22 10:22 99,167 ----a-w C:\Program Files\nv3dENG.chm 2006-10-22 10:22 98,760 ----a-w C:\Program Files\NVRSJA.dl_ 2006-10-22 10:22 97,315 ----a-w C:\Program Files\NVRSKO.dl_ 2006-10-22 10:22 97,305 ----a-w C:\Program Files\nvapi.dl_ 2006-10-22 10:22 95,224 ----a-w C:\Program Files\nvwrsru.dl_ 2006-10-22 10:22 93,693 ----a-w C:\Program Files\nvwrshu.dl_ 2006-10-22 10:22 92,516 ----a-w C:\Program Files\nvwrses.dl_ 2006-10-22 10:22 91,652 ----a-w C:\Program Files\NVRSZHC.dl_ 2006-10-22 10:22 90,967 ----a-w C:\Program Files\nvwrsfr.dl_ 2006-10-22 10:22 90,925 ----a-w C:\Program Files\nvwrspt.dl_ 2006-10-22 10:22 90,407 ----a-w C:\Program Files\nvwrsesm.dl_ 2006-10-22 10:22 90,361 ----a-w C:\Program Files\nvwrsnl.dl_ 2006-10-22 10:22 90,102 ----a-w C:\Program Files\nvwrsde.dl_ 2006-10-22 10:22 90,001 ----a-w C:\Program Files\nvwrssk.dl_ 2006-10-22 10:22 9,111 ----a-w C:\Program Files\nvmccsrs.dl_ 2006-10-22 10:22 89,668 ----a-w C:\Program Files\nvwrspl.dl_ 2006-10-22 10:22 89,559 ----a-w C:\Program Files\nvwrsit.dl_ 2006-10-22 10:22 89,537 ----a-w C:\Program Files\nvwrsptb.dl_ 2006-10-22 10:22 886,722 ----a-w C:\Program Files\nvwss.dl_ 2006-10-22 10:22 88,830 ----a-w C:\Program Files\nvwrstr.dl_ 2006-10-22 10:22 88,231 ----a-w C:\Program Files\nvwrssl.dl_ 2006-10-22 10:22 88,224 ----a-w C:\Program Files\nvsvc32.ex_ 2006-10-22 10:22 87,448 ----a-w C:\Program Files\nvwrsfi.dl_ 2006-10-22 10:22 87,213 ----a-w C:\Program Files\nvwrscs.dl_ 2006-10-22 10:22 862,685 ----a-w C:\Program Files\nvwdmcpl.dl_ 2006-10-22 10:22 862 ----a-w C:\Program Files\setup.ini 2006-10-22 10:22 86,259 ----a-w C:\Program Files\NvColor.ex_ 2006-10-22 10:22 85,748 ----a-w C:\Program Files\NVRSEL.dl_ 2006-10-22 10:22 85,242 ----a-w C:\Program Files\nvwrsda.dl_ 2006-10-22 10:22 85,081 ----a-w C:\Program Files\nvwrsno.dl_ 2006-10-22 10:22 85,065 ----a-w C:\Program Files\nvwrssv.dl_ 2006-10-22 10:22 84,019 ----a-w C:\Program Files\nvwrshe.dl_ 2006-10-22 10:22 83,746 ----a-w C:\Program Files\nvwrsar.dl_ 2006-10-22 10:22 82,701 ----a-w C:\Program Files\NVRSRU.dl_ 2006-10-22 10:22 81,604 ----a-w C:\Program Files\nvwrseng.dl_ 2006-10-22 10:22 80,987 ----a-w C:\Program Files\NVRSDE.dl_ 2006-10-22 10:22 80,697 ----a-w C:\Program Files\NVEPClnt.ex_ 2006-10-22 10:22 80,075 ----a-w C:\Program Files\NVRSFR.dl_ 2006-10-22 10:22 79,592 ----a-w C:\Program Files\NVRSSK.dl_ 2006-10-22 10:22 79,079 ----a-w C:\Program Files\NVRSES.dl_ 2006-10-22 10:22 78,959 ----a-w C:\Program Files\NVRSHU.dl_ 2006-10-22 10:22 78,431 ----a-w C:\Program Files\NVRSIT.dl_ 2006-10-22 10:22 78,428 ----a-w C:\Program Files\NVRSNL.dl_ 2006-10-22 10:22 78,060 ----a-w C:\Program Files\NVRSPL.dl_ 2006-10-22 10:22 77,757 ----a-w C:\Program Files\NVRSPT.dl_ 2006-10-22 10:22 77,509 ----a-w C:\Program Files\NVRSTH.dl_ 2006-10-22 10:22 77,470 ----a-w C:\Program Files\NVRSCS.dl_ 2006-10-22 10:22 77,067 ----a-w C:\Program Files\NVRSTR.dl_ 2006-10-22 10:22 76,953 ----a-w C:\Program Files\NVRSPTB.dl_ 2006-10-22 10:22 76,748 ----a-w C:\Program Files\NVRSESM.dl_ 2006-10-22 10:22 76,077 ----a-w C:\Program Files\NVRSSL.dl_ 2006-10-22 10:22 751,259 ----a-w C:\Program Files\nvwssr.dl_ 2006-10-22 10:22 74,208 ----a-w C:\Program Files\NVRSDA.dl_ 2006-10-22 10:22 73,910 ----a-w C:\Program Files\NVRSNO.dl_ 2006-10-22 10:22 73,736 ----a-w C:\Program Files\NVRSSV.dl_ 2006-10-22 10:22 73,250 ----a-w C:\Program Files\NVRSFI.dl_ 2006-10-22 10:22 73,240 ----a-w C:\Program Files\nvwrsja.dl_ 2006-10-22 10:22 72,334 ----a-w C:\Program Files\NVRSENG.dl_ 2006-10-22 10:22 69,683 ----a-w C:\Program Files\nvwrsko.dl_ 2006-10-22 10:22 68,593 ----a-w C:\Program Files\setup.skin 2006-10-22 10:22 67,085 ----a-w C:\Program Files\modes.txt 2006-10-22 10:22 667,613 ----a-w C:\Program Files\nwiz.ex_ 2006-10-22 10:22 66,215 ----a-w C:\Program Files\nvwrszht.dl_ 2006-10-22 10:22 652,962 ----a-w C:\Program Files\nview.dl_ 2006-10-22 10:22 65,201 ----a-w C:\Program Files\nvwrszhc.dl_ 2006-10-22 10:22 60,169 ----a-w C:\Program Files\nvmobJPN.chm 2006-10-22 10:22 6,144 ----a-w C:\Program Files\Finance.tv_ 2006-10-22 10:22 6,101 ----a-w C:\Program Files\Advanced.tv_ 2006-10-22 10:22 58,989 ----a-w C:\Program Files\nvmobKOR.chm 2006-10-22 10:22 58,989 ----a-w C:\Program Files\nvmobCHT.chm 2006-10-22 10:22 58,975 ----a-w C:\Program Files\nvmobTHA.chm 2006-10-22 10:22 58,433 ----a-w C:\Program Files\nvmobELL.chm 2006-10-22 10:22 58,265 ----a-w C:\Program Files\nvmobHEB.chm 2006-10-22 10:22 58,009 ----a-w C:\Program Files\nvmobCHS.chm 2006-10-22 10:22 574,838 ----a-w C:\Program Files\nvMoblS.dl_ 2006-10-22 10:22 57,505 ----a-w C:\Program Files\nvmobPLK.chm 2006-10-22 10:22 57,271 ----a-w C:\Program Files\nvmobARA.chm 2006-05-03 09:06:54 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll 2007-02-21 10:47:16 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "DeKiBulle"="C:\Program Files\DeKiBulle\DeKiBulle.exe" [2007-07-30 15:24] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "eCarteBleue-LP-P1"="C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe" [2005-12-13 16:37] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22] "nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 16:57] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Rainlendar2"="C:\Program Files\Rainlendar2\Rainlendar2.exe" [2007-01-01 15:31] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 10:20] "Wallpaper"="C:\Program Files\Wallpaper\Wallpaper.exe" [2006-05-22 19:17] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-08-16 16:19] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 10:37] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-02-14 19:28:19] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 10:15:56] NkvMon.exe.lnk - C:\Program Files\Nikon\NkView6\NkvMon.exe [2007-01-16 01:34:57] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\imepadsm] imepadsm58.dll S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys S3 SetupNTGLM7X;SetupNTGLM7X;\??\G:\NTGLM7X.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa81b490-7748-11dc-88d6-000b6a73988c}] Auto\command - AdobeR.exe e AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-10-18 16:47:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" . ************************************************************************** catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-26 22:21:51 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-10-26 22:24:12 - machine was rebooted . --- E O F --- -
alerte avast trop de mail identiques
manu13 a répondu à un(e) sujet de manu13 dans Analyses et éradication malwares
Ok j'ai envoyé le fichier, j'ai créé un fichier CFscript mais je ne trouve pas le fichier ComboFix.exe ? -
alerte avast trop de mail identiques
manu13 a répondu à un(e) sujet de manu13 dans Analyses et éradication malwares
voici le rapport Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:03:11, on 26/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\crypserv.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\DeKiBulle\DeKiBulle.exe C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Rainlendar2\Rainlendar2.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Wallpaper\Wallpaper.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\LVComS.exe C:\Program Files\Nikon\NkView6\NkvMon.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [DeKiBulle] C:\Program Files\DeKiBulle\DeKiBulle.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [eCarteBleue-LP-P1] "C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe" /dontopenmycards O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O20 - Winlogon Notify: imepadsm - C:\WINDOWS\SYSTEM32\imepadsm58.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 8042 bytes -
bonjour, tout nouveau dans ce forum j'ai 1 gros problème depuis 5 jours avec des messages d' Avast me disant que des mails identiques sont envoyés comment s' en débarrasser scan anti virus : néant spybot : néant ad-aware : néant merci de m'aider car la je commence à craquer Manu