Aller au contenu

claire7

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    8

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par claire7

  1. claire7
    Et bien, je ne sais pas pourquoi mais après avoir fait tout ce que vous préconisiez, tout remarche comme avant : plus de ralentissements, rien!!! La seule chose qui semblait bloquer est Avast car depuis que je l'ai éesinstallé tout va mieux. C'est cet antivirus qui m'avait annoncé le cheval de troie... Auriez vous un conseil à me donner dans le choix d'un bon antivius (gratuit???). Merci encore car tout semble être rentré dans l'ordre! MERCI!
  2. claire7
    info.txt logfile of random's system information tool 1.06 2009-04-29 22:34:48 ======Uninstall list====== -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C1B8CBC-9118-11D7-86D3-00055DF3561E}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9 -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe Adobe Illustrator 9.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Illustrator 9.0\Uninst.isu" -c"C:\Program Files\Adobe\Illustrator 9.0\Uninst.dll" Adobe Photoshop 6.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll" Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Au Pays Des Jouets-->D:\setup.exe -funinst.ins Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]-->C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe Encyclopédie Microsoft Encarta 98-->RunDll32 C:\PROGRA~1\MICROS~4\ENCYCL~1\UNENC98.DLL,Uninstall C:\PROGRA~1\MICROS~4\ENCYCL~1\SETUP98F\INST98F.LOG EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON CardMonitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x40c -UnInstall EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27F650A9-6FAB-41C8-8621-92FF0118B0C4}\SETUP.EXE" -l0x40c UNINST EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst EPSON PhotoStarter3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r EPSON Smart Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\Setup.exe" -l0x40c Uninstall EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything ESPRX420 Guide de réf.-->C:\Program Files\EPSON\TPMANUAL\ESPRX420\REF_G\DOCUNINS.EXE ESPRX420 Guide des logiciels-->C:\Program Files\EPSON\TPMANUAL\ESPRX420\PQU_G\DOCUNINS.EXE Favorit-->"c:\documents and settings\art\local settings\application data\yaiwoqm.exe" -uninstall Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall InfraRecorder-->C:\Program Files\InfraRecorder\uninstall.exe IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe iTunes-->MsiExec.exe /I{ABCE1C63-56ED-41FF-BEAF-57321F70DC49} Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Lettriq-->"C:\Program Files\Lettriq\unins000.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9} Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe PDFCreator 0.8.0-->C:\Program Files\PDFCreator\unins000.exe Petit Larousse 2009-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{422FADA9-FED2-41D7-B5FA-472BB98B7784}\Setup.exe" -l0x40c PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe" PhotoImpression 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66C8BE35-8BBB-472B-96C7-C7C9A499F988}\SETUP.EXE" -l0x40c Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe" Picture Package-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x40c UNINSTALL PIF DESIGNER2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}\SETUP.EXE" -l0x40c anything Pilotes NVIDIA nForce pour Windows 2000/XP-->rundll32.exe C:\WINDOWS\System32\NVNFINST.DLL,NvUninstallCrush PM100 Guide d'utilisation-->C:\Program Files\EPSON\TPMANUAL\PM100\REF_G\DOCUNINS.EXE Prassi PrimoCD Plus 2.0 (French)-->C:\WINDOWS\Unin.exe /U:C:\Program Files\Prassi PrimoCD Plus 2.0 (French)\Unin01.in QuickTime for Windows (32-bit)-->C:\WINDOWS\QTW32DEL.EXE QuickTime-->MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328} RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG Scooby-Doo, Panique dans la Ville fantôme-->C:\Program Files\Mindscape\Scooby-Doo, Panique dans la Ville fantôme\uninstal.exe Sony USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" UNINSTALL Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" The GIMP 2.2.8-->"C:\Program Files\GIMP-2.0\unins000.exe" Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548} Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows XP Hotfix (SP1) [see Q312370 for more information]-->C:\WINDOWS\$NtUninstallQ312370$\spuninst\spuninst.exe WJChess2D-->C:\PROGRA~1\JeffProd\WJCHES~1\UNWISE.EXE C:\PROGRA~1\JeffProd\WJCHES~1\INSTALL.LOG ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======System event log====== Computer Name: LOULOU Event Code: 26 Message: Application popup : : Machine Check: Record Number: 12705 Source Name: Application Popup Time Written: 20090323183654.000000+060 Event Type: Informations User: Computer Name: LOULOU Event Code: 26 Message: Application popup : : Machine Check: Regs Record Number: 12704 Source Name: Application Popup Time Written: 20090323183653.000000+060 Event Type: Informations User: Computer Name: LOULOU Event Code: 26 Message: Application popup : : Machine Check: Record Number: 12703 Source Name: Application Popup Time Written: 20090323183653.000000+060 Event Type: Informations User: Computer Name: LOULOU Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 12702 Source Name: EventLog Time Written: 20090323183648.000000+060 Event Type: Informations User: Computer Name: LOULOU Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Uniprocessor Free. Record Number: 12701 Source Name: EventLog Time Written: 20090323183648.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: LOULOU Event Code: 105 Message: The service was started. Record Number: 7432 Source Name: ATI Smart Time Written: 20080517071136.000000+120 Event Type: Informations User: Computer Name: LOULOU Event Code: 2001 Message: Le service EAPOL a été démarré correctement Record Number: 7431 Source Name: EAPOL Time Written: 20080517071136.000000+120 Event Type: Informations User: Computer Name: LOULOU Event Code: 0 Message: Record Number: 7430 Source Name: iPod Service Time Written: 20080511100125.000000+120 Event Type: Informations User: Computer Name: LOULOU Event Code: 2018 Message: L'agent d'extension du journal des événements SNMP est en cours de démarrage. Record Number: 7429 Source Name: EvntAgnt Time Written: 20080511100115.000000+120 Event Type: Informations User: Computer Name: LOULOU Event Code: 32068 Message: La règle de routage de trafic sortant n'est pas valide car elle ne peut pas trouver de périphérique valide. Les télécopies sortantes qui utilisent cette règle ne peuvent pas être acheminées. Vérifiez que le ou les périphériques concernés (en cas de routage vers un groupe de périphériques) sont connectés et installés correctement et allumés. En cas de routage vers un groupe, vérifiez que le groupe est configuré correctement. Code de pays/région : '*' Indicatif régional : '*' Record Number: 7428 Source Name: Microsoft Fax Time Written: 20080511100114.000000+120 Event Type: Avertissement User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\QuickTime\QTSystem "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD "PROCESSOR_REVISION"=0a00 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip -----------------EOF----------------- Et voici le log.text, maintenant j'espère que tout cela vous aidera! Merci pour votre aide. Logfile of random's system information tool 1.06 (written by random/random) Run by art at 2009-04-29 22:34:40 Microsoft Windows XP Professionnel System drive C: has 59 GB (50%) free of 117 GB Total RAM: 511 MB (26% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:34:48, on 29/04/2009 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\OpenOffice.org1.1.4\program\soffice.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\art\Bureau\RSIT.exe C:\Program Files\trend micro\art.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: ADILOOK Français sur disque C.LNK = C:\coktel\ADI4\ADILOOK.EXE O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe O9 - Extra button: (no name) - {8354F0FE-550E-4E14-AFE1-E5CEF9009311} - (no file) O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.presslabo.com/importer/MypixUploader.cab O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://D:\content\include\XPPatchInstaller.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1218373717071 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) - file://D:\Content\include\msSecUcd.cab O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurate...countHelper.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lettriq Drivers Auto Removal (pr2aqb2l) (pr2aqb2l) - Vocabelum Inc - C:\WINDOWS\system32\pr2aqb2l.exe -- End of file - 7780 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2003-09-18 848144] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-04-27 282624] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-07-27 271672] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-09-13 185632] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2001-08-28 13312] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2001-08-02 1077277] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage Adobe Gamma Loader.exe.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe Hyperappel du Petit Larousse 2009.lnk - C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Documents and Settings\art\Menu Démarrer\Programmes\Démarrage ADILOOK Français sur disque C.LNK - C:\coktel\ADI4\ADILOOK.EXE OpenOffice.org 1.1.4.lnk - C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2009-04-29 19:59:29 ----SHD---- C:\RECYCLER 2009-04-29 09:32:46 ----A---- C:\WINDOWS\System32\javaws.exe 2009-04-29 09:32:46 ----A---- C:\WINDOWS\System32\javaw.exe 2009-04-29 09:32:46 ----A---- C:\WINDOWS\System32\java.exe 2009-04-27 21:31:49 ----A---- C:\ComboFix.txt 2009-04-26 18:52:47 ----D---- C:\Program Files\eBay 2009-04-25 09:58:47 ----D---- C:\rsit 2009-04-23 23:09:16 ----D---- C:\Program Files\CCleaner 2009-04-23 22:09:30 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-04-23 22:09:30 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2009-04-23 10:07:55 ----D---- C:\Documents and Settings\art\Application Data\Malwarebytes 2009-04-23 10:07:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes 2009-04-23 10:07:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-04-23 09:40:29 ----A---- C:\Boot.bak 2009-04-23 09:40:19 ----RASHD---- C:\cmdcons 2009-04-23 09:37:11 ----A---- C:\WINDOWS\NIRCMD.exe 2009-04-23 09:37:10 ----A---- C:\WINDOWS\zip.exe 2009-04-23 09:37:10 ----A---- C:\WINDOWS\vFind.exe 2009-04-23 09:37:10 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-04-23 09:37:10 ----A---- C:\WINDOWS\SWSC.exe 2009-04-23 09:37:10 ----A---- C:\WINDOWS\SWREG.exe 2009-04-23 09:37:10 ----A---- C:\WINDOWS\sed.exe 2009-04-23 09:37:10 ----A---- C:\WINDOWS\grep.exe 2009-04-23 09:37:01 ----D---- C:\WINDOWS\ERDNT 2009-04-23 09:36:55 ----D---- C:\Qoobox 2009-04-22 10:31:24 ----D---- C:\Program Files\Avira 2009-04-22 10:31:24 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira ======List of files/folders modified in the last 1 months====== 2009-04-29 22:34:48 ----D---- C:\Program Files\Trend Micro 2009-04-29 22:30:42 ----D---- C:\Program Files\Mozilla Firefox 2009-04-29 22:30:18 ----D---- C:\WINDOWS\System32\inetsrv 2009-04-29 22:30:07 ----D---- C:\WINDOWS\Temp 2009-04-29 22:29:56 ----D---- C:\WINDOWS\Debug 2009-04-29 22:29:45 ----D---- C:\Program Files\OpenOffice.org1.1.4 2009-04-29 22:28:39 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-04-29 22:18:37 ----D---- C:\WINDOWS\system32 2009-04-29 22:18:30 ----D---- C:\WINDOWS\System32\drivers 2009-04-29 22:18:25 ----D---- C:\WINDOWS\Prefetch 2009-04-29 09:49:00 ----SHD---- C:\WINDOWS\Installer 2009-04-29 09:32:45 ----D---- C:\Program Files\Java 2009-04-29 00:10:17 ----D---- C:\WINDOWS 2009-04-27 21:30:48 ----D---- C:\WINDOWS\System32\CatRoot2 2009-04-27 21:28:43 ----A---- C:\WINDOWS\system.ini 2009-04-27 21:27:01 ----D---- C:\WINDOWS\AppPatch 2009-04-27 21:26:58 ----D---- C:\Program Files\Fichiers communs 2009-04-26 18:53:57 ----HD---- C:\Program Files\InstallShield Installation Information 2009-04-26 18:52:47 ----RD---- C:\Program Files 2009-04-26 18:50:45 ----D---- C:\WINDOWS\Downloaded Installations 2009-04-24 13:59:43 ----D---- C:\Program Files\Lettriq 2009-04-24 10:53:21 ----D---- C:\WINDOWS\Internet Logs 2009-04-24 09:36:01 ----SD---- C:\WINDOWS\Tasks 2009-04-24 09:34:58 ----D---- C:\Program Files\Google 2009-04-24 09:34:58 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google 2009-04-23 23:20:10 ----D---- C:\WINDOWS\Minidump 2009-04-23 22:55:44 ----D---- C:\Program Files\Common Files 2009-04-23 09:40:29 ----RASH---- C:\boot.ini 2009-04-22 13:57:15 ----RSHDC---- C:\WINDOWS\System32\dllcache 2009-04-22 10:02:46 ----D---- C:\WINDOWS\System32\NtmsData ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-03-01 576512] R1 avgntdd;avgntdd; C:\WINDOWS\SYSTEM32\DRIVERS\avgntdd.sys [2008-05-09 45376] R1 avipbb;avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [2008-10-30 75072] R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\System32\drivers\cdrbsvsd.sys [2003-12-03 13566] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2001-08-23 14080] R1 ssmdrv;ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R2 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\System32\DRIVERS\atinmdxx.sys [2003-01-21 13824] R3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\System32\DRIVERS\atinrvxx.sys [2003-01-21 102400] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] R3 nvax;Service for NVIDIA® nForce Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056] R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-09-23 80896] R3 nvnforce;Service for NVIDIA® nForce Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-08-17 24960] R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-04-01 51584] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2001-08-28 15616] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-17 21760] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2003-02-17 16384] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2003-02-17 83968] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2003-02-17 10112] S3 sermouse;Pilote pour souris sur port série; C:\WINDOWS\System32\DRIVERS\sermouse.sys [2001-08-28 18432] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2003-02-17 10880] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2003-02-17 14976] S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2001-08-28 11136] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2001-08-17 24832] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2001-08-17 13824] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2003-02-17 18688] S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys [] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 IISADMIN;Administration IIS; C:\WINDOWS\System32\inetsrv\inetinfo.exe [2001-08-28 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984] R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\System32\inetsrv\inetinfo.exe [2001-08-28 14336] R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2001-08-28 29696] R2 W3SVC;Publication World Wide Web; C:\WINDOWS\System32\inetsrv\inetinfo.exe [2001-08-28 14336] R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-07-27 501048] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2003-02-28 110677] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2001-08-28 250368] S2 pr2aqb2l;Lettriq Drivers Auto Removal (pr2aqb2l); C:\WINDOWS\system32\pr2aqb2l.exe [2008-12-04 415088] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-26 137200] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2001-08-28 8192] -----------------EOF-----------------
  3. claire7
    Analyse de c:\program files\Fichiers communs\suwutojoz.com Fichier suwutojoz.com reçu le 2009.04.29 14:40:10 (CET) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/40 (0%) Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.101 2009.04.29 - AhnLab-V3 5.0.0.2 2009.04.29 - AntiVir 7.9.0.156 2009.04.29 - Antiy-AVL 2.0.3.1 2009.04.29 - Authentium 5.1.2.4 2009.04.29 - Avast 4.8.1335.0 2009.04.28 - AVG 8.5.0.287 2009.04.29 - BitDefender 7.2 2009.04.29 - CAT-QuickHeal 10.00 2009.04.29 - ClamAV 0.94.1 2009.04.29 - Comodo 1141 2009.04.29 - DrWeb 4.44.0.09170 2009.04.29 - eSafe 7.0.17.0 2009.04.27 - eTrust-Vet 31.6.6482 2009.04.29 - F-Prot 4.4.4.56 2009.04.29 - F-Secure 8.0.14470.0 2009.04.29 - Fortinet 3.117.0.0 2009.04.29 - GData 19 2009.04.29 - Ikarus T3.1.1.49.0 2009.04.29 - K7AntiVirus 7.10.719 2009.04.29 - Kaspersky 7.0.0.125 2009.04.29 - McAfee 5599 2009.04.28 - McAfee+Artemis 5599 2009.04.28 - McAfee-GW-Edition 6.7.6 2009.04.29 - Microsoft 1.4602 2009.04.29 - NOD32 4042 2009.04.29 - Norman 6.00.06 2009.04.28 - nProtect 2009.1.8.0 2009.04.29 - Panda 10.0.0.14 2009.04.28 - PCTools 4.4.2.0 2009.04.29 - Prevx1 3.0 2009.04.29 - Rising 21.27.22.00 2009.04.29 - Sophos 4.41.0 2009.04.29 - Sunbelt 3.2.1858.2 2009.04.28 - Symantec 1.4.4.12 2009.04.29 - TheHacker 6.3.4.1.317 2009.04.29 - TrendMicro 8.950.0.1092 2009.04.29 - VBA32 3.12.10.3 2009.04.29 - ViRobot 2009.4.29.1715 2009.04.29 - VirusBuster 4.6.5.0 2009.04.28 - Information additionnelle File size: 18417 bytes MD5...: 3a51857fa8b4a1d7fc6163a716fb7bf6 SHA1..: 95b386d5404721f5fcaae734ebcfe4d6b3f6043f SHA256: e3ed975c5db1819a63a7cebe53d2941b96517c60d4a46ee7b34d5c2356d270d2 SHA512: 98c93775ea7f1b8f3940625bf99f251c66006e31ee1234181844402d2b10f29c 58d290ae880b49f72b37210efa384d38e4f1941e67d3f5a342ccfe83a79eb346 ssdeep: 384:Q9qaAwblgzLU8FZqq45arWRRc2XAKFuCGtwl7s7VYERr:OqaxizI8p4oWR3A KGtwlQdRr PEiD..: - TrID..: File type identification Unknown! PEInfo: - PDFiD.: - RDS...: NSRL Reference Data Set -
  4. claire7
    Analyse due c:\program files\Fichiers communs\duxi.dll Fichier duxi.dll reçu le 2009.04.29 14:28:32 (CET) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/40 (0%) Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.101 2009.04.29 - AhnLab-V3 5.0.0.2 2009.04.29 - AntiVir 7.9.0.156 2009.04.29 - Antiy-AVL 2.0.3.1 2009.04.29 - Authentium 5.1.2.4 2009.04.29 - Avast 4.8.1335.0 2009.04.28 - AVG 8.5.0.287 2009.04.29 - BitDefender 7.2 2009.04.29 - CAT-QuickHeal 10.00 2009.04.29 - ClamAV 0.94.1 2009.04.29 - Comodo 1141 2009.04.29 - DrWeb 4.44.0.09170 2009.04.29 - eSafe 7.0.17.0 2009.04.27 - eTrust-Vet 31.6.6482 2009.04.29 - F-Prot 4.4.4.56 2009.04.29 - F-Secure 8.0.14470.0 2009.04.29 - Fortinet 3.117.0.0 2009.04.29 - GData 19 2009.04.29 - Ikarus T3.1.1.49.0 2009.04.29 - K7AntiVirus 7.10.719 2009.04.29 - Kaspersky 7.0.0.125 2009.04.29 - McAfee 5599 2009.04.28 - McAfee+Artemis 5599 2009.04.28 - McAfee-GW-Edition 6.7.6 2009.04.29 - Microsoft 1.4602 2009.04.29 - NOD32 4042 2009.04.29 - Norman 6.00.06 2009.04.28 - nProtect 2009.1.8.0 2009.04.29 - Panda 10.0.0.14 2009.04.28 - PCTools 4.4.2.0 2009.04.29 - Prevx1 3.0 2009.04.29 - Rising 21.27.22.00 2009.04.29 - Sophos 4.41.0 2009.04.29 - Sunbelt 3.2.1858.2 2009.04.28 - Symantec 1.4.4.12 2009.04.29 - TheHacker 6.3.4.1.317 2009.04.29 - TrendMicro 8.950.0.1092 2009.04.29 - VBA32 3.12.10.3 2009.04.29 - ViRobot 2009.4.29.1715 2009.04.29 - VirusBuster 4.6.5.0 2009.04.28 - Information additionnelle File size: 12618 bytes MD5...: 66077861039f786f098ae4e21bedded9 SHA1..: b34da44cb45cf40598a2c9e5677bfded01080537 SHA256: fca88b57568e75955f33e701f12c69cf42ce0c70d48e4dd074b032e747b09141 SHA512: 0e0f7c1879fab1d304dc5a880ed4903257708411f6f7ff45111b2762ff02d6d2 06c272418f5c0c57120127dc93a1e55f067bb06a045661544be3f962331b1475 ssdeep: 192:IesmknaEGTA6BDWuhY8oTdUmmocXzC6CD42Xgboy0fMjqCWOe551SmHWQrJh es4d:pkvElxCTdUkcXzpFinVf83W9HWoJHs PEiD..: - TrID..: File type identification MPEG Video (100.0%) PEInfo: - PDFiD.: - RDS...: NSRL Reference Data Set -
  5. claire7
    voici le fichier demandé : ComboFix-quarantined-files.txt 2009-04-23 07:56:26 . 2009-04-23 07:56:26 183 ----a-w C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-yaiwoqm.reg.dat 2009-04-23 07:56:26 . 2009-04-23 07:56:26 150 ----a-w C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-Widget Neuf.reg.dat 2009-04-23 07:53:37 . 2009-04-27 19:27:11 7,456 ----a-w C:\Qoobox\Quarantine\Registry_backups\tcpip.reg 2009-04-23 07:37:01 . 2009-04-27 19:10:19 162 ----a-w C:\Qoobox\Quarantine\catchme.log 2009-04-18 09:27:46 . 2009-04-23 07:52:53 1,591 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Application Data\yaiwoqm_navps.dat.vir 2009-04-18 09:27:46 . 2009-04-18 09:27:44 354,107 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Application Data\yaiwoqm_nav.dat.vir 2009-04-18 09:27:46 . 2009-04-23 07:52:45 3,255 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Application Data\yaiwoqm.dat.vir 2009-04-18 09:27:45 . 2009-04-18 09:27:45 269,824 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Application Data\yaiwoqm.exe.vir 2008-10-24 13:03:22 . 2008-10-24 13:03:22 18,780 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Temporary Internet Files\abisude.exe.vir 2008-10-24 13:02:51 . 2008-10-24 20:45:12 1,604 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Menu Démarrer\Programmes\XP_AntiSpyware\Uninstall.lnk.vir 2008-10-24 13:02:51 . 2008-10-24 13:02:51 1,592 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Menu Démarrer\Programmes\XP_AntiSpyware\XP_AntiSpyware.lnk.vir 2008-10-23 16:54:23 . 2008-10-23 16:54:23 17,764 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Temporary Internet Files\kynun.com.vir 2008-10-23 16:54:23 . 2008-10-23 16:54:23 11,220 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Temporary Internet Files\ivyhy.reg.vir 2008-10-23 16:54:22 . 2008-10-23 16:54:22 17,494 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\art\Local Settings\Temporary Internet Files\tijupyqi.inf.vir 2008-10-23 16:54:15 . 2006-12-21 23:07:56 86,070 ----a-w C:\Qoobox\Quarantine\C\Program Files\XP_AntiSpyware\pthreadVC2.dll.vir 2006-07-26 23:15:42 . 2001-11-05 00:49:14 69,632 -c--a-w C:\Qoobox\Quarantine\C\WINDOWS\Pp.exe.vir 2004-07-22 15:15:43 . 2004-07-22 15:15:43 1,024 ----a-w C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\History\search.vir 2004-07-22 15:11:29 . 2004-07-22 15:11:29 78 ----a-w C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\settings.dat.vir 2004-07-22 15:11:29 . 2004-07-22 15:11:29 522 ----a-w C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\settings.htm.vir 2004-07-22 15:11:14 . 2004-07-22 15:11:14 16 ----a-w C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\s_pid.dat.vir 2004-07-16 12:07:18 . 2004-07-16 12:07:18 8,192 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\dubois\Cookies\MM2048.DAT.vir 2004-07-16 12:07:18 . 2004-07-16 12:07:18 8,192 ----a-w C:\Qoobox\Quarantine\C\Documents and Settings\dubois\Cookies\MM256.DAT.vir
  6. claire7
    Bonjour merci pour ton aide, j'espère arriver à faire tout ce que tu me demandes. Je te tiens au courant des résultats et te les poste.
  7. claire7
    Un petit up, en espérant que quelqu'un pourra m'aider ! Ci-dessus, le résultat de l'analyse combofix.
  8. claire7
    Bonjour, après des pub intempestives s'ouvrant, un ralentissement très important de mon ordi, je voudrais de l'aide. J'ai fait l'analyse avec combofix que je vous joins. Si vous pouviez l'analyser et me dire ce qui cloche car je ne m'en sors vraiment pas toute seule. Merci pour votre aide. ComboFix 09-04-27.02 - art 27/04/2009 21:10.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.0.1252.33.1036.18.511.231 [GMT 2:00] Lancé depuis: c:\documents and settings\art\Bureau\ComboFix.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2009-05-27 au 2009-4-27 )))))))))))))))))))))))))))))))))))) . 2009-04-26 16:52 . 2009-04-26 16:52 -------- d-----w c:\program files\eBay 2009-04-26 16:52 . 2009-04-26 16:52 -------- d-----w c:\documents and settings\All Users.WINDOWS\eBay 2009-04-25 07:58 . 2009-04-25 08:09 -------- d-----w C:\rsit 2009-04-23 21:09 . 2009-04-23 21:11 -------- d-----w c:\program files\CCleaner 2009-04-23 20:09 . 2009-04-23 20:13 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-04-23 20:09 . 2009-04-24 08:39 -------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2009-04-23 08:07 . 2009-04-23 08:07 -------- d-----w c:\documents and settings\art\Application Data\Malwarebytes 2009-04-23 08:07 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-04-23 08:07 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-23 08:07 . 2009-04-23 08:07 -------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes 2009-04-23 08:07 . 2009-04-23 08:07 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-04-22 08:31 . 2009-04-22 08:31 -------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Avira 2009-04-22 08:31 . 2009-04-22 08:31 -------- d-----w c:\program files\Avira . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-27 17:39 . 2006-08-01 07:46 -------- d-----w c:\program files\OpenOffice.org1.1.4 2009-04-26 16:53 . 2004-07-16 12:00 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-24 11:59 . 2009-02-10 08:00 -------- d-----w c:\program files\Lettriq 2009-04-24 07:34 . 2007-04-21 07:48 -------- d-----w c:\program files\Google 2009-04-23 20:55 . 2004-07-17 15:43 -------- d-----w c:\program files\Common Files 2009-03-29 11:46 . 2006-07-26 20:14 70892 ----a-w c:\windows\system32\perfc00C.dat 2009-03-29 11:46 . 2006-07-26 20:14 426020 ----a-w c:\windows\system32\perfh00C.dat 2009-03-27 11:07 . 2009-03-27 11:07 -------- d-----w c:\program files\KeirNet 2009-03-20 13:23 . 2009-03-20 13:23 49152 ----a-r c:\windows\system32\inetwh32.dll 2009-03-20 13:23 . 2009-03-20 13:23 1044480 ----a-r c:\windows\system32\roboex32.dll 2009-03-09 18:46 . 2008-10-24 19:07 4212 ---h--w c:\windows\system32\zllictbl.dat 2009-02-20 12:49 . 2006-09-04 14:02 70384 ----a-w c:\documents and settings\art\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2008-10-24 13:03 . 2008-10-24 13:03 19804 ----a-w c:\program files\Fichiers communs\desadat.reg 2008-10-24 13:03 . 2008-10-24 13:03 13213 ----a-w c:\program files\Fichiers communs\eqajo.dl 2008-10-24 13:03 . 2008-10-24 13:03 12748 ----a-w c:\program files\Fichiers communs\ikan.db 2008-10-24 13:03 . 2008-10-24 13:03 12605 ----a-w c:\program files\Fichiers communs\hypu.reg 2008-10-23 16:54 . 2008-10-23 16:54 18417 ----a-w c:\program files\Fichiers communs\suwutojoz.com 2008-10-23 16:54 . 2008-10-23 16:54 17191 ----a-w c:\program files\Fichiers communs\syvuhupo.bat 2008-10-23 16:54 . 2008-10-23 16:54 12618 ----a-w c:\program files\Fichiers communs\duxi.dll 2008-10-23 16:54 . 2008-10-23 16:54 11952 ----a-w c:\program files\Fichiers communs\orusan.lib 2007-04-21 07:48 . 2007-04-21 07:48 69120 -csha-w c:\program files\Thumbs.db 2007-04-21 07:46 . 2007-04-21 07:46 14994144 ----a-w c:\program files\GoogleEarthWin_EARE.exe 2007-03-05 19:30 . 2007-03-05 19:29 7613870 ----a-w c:\program files\gimp-2.2.8-i586-setup.zip 2006-12-28 09:37 . 2006-12-28 09:36 539648 ----a-w c:\program files\ytb612_efgsip.exe 2006-10-04 08:44 . 2006-10-04 08:44 10462920 ----a-w c:\program files\XLVIEWER.EXE 2006-09-23 17:30 . 2006-09-23 17:30 4034727 ----a-w c:\program files\wjchess.exe 2005-05-27 13:44 . 2005-05-27 13:44 8709995 ----a-w c:\program files\instantphoto_setup.exe 2005-05-20 07:45 . 2005-05-20 07:45 2270016 ----a-w c:\program files\Belebele3.zip 2005-02-22 17:32 . 2005-02-22 17:32 8054797 ----a-w c:\program files\DesignWorkshop.exe 2004-07-16 12:17 . 2004-07-16 12:17 1412 ----a-w c:\program files\Tele2 ADSL.lnk . ((((((((((((((((((((((((((((( SnapShot@2009-04-23_07.55.45 ))))))))))))))))))))))))))))))))))))))))) . + 2009-04-27 17:39 . 2009-04-27 17:39 16384 c:\windows\Temp\Perflib_Perfdata_7c.dat + 2009-04-27 17:39 . 2009-04-27 17:39 16384 c:\windows\Temp\Perflib_Perfdata_5a4.dat + 2009-04-27 17:39 . 2009-04-27 17:39 16384 c:\windows\Temp\Perflib_Perfdata_4d4.dat + 2006-07-26 20:41 . 2001-08-28 12:00 19429 c:\windows\system32\MsDtc\Trace\msdtcvtr.bat - 2006-07-26 20:48 . 2009-04-23 06:47 65536 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2006-07-26 20:48 . 2009-04-26 08:42 65536 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2006-07-26 20:48 . 2009-04-23 06:47 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2006-07-26 20:48 . 2009-04-26 08:42 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2006-07-26 20:48 . 2009-04-23 06:47 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2006-07-26 20:48 . 2009-04-26 08:42 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2008-10-24 13:03 . 2008-10-24 13:03 19040 c:\windows\amugy.bat + 2009-04-26 16:53 . 2009-04-26 16:53 2494 c:\windows\Installer\{69640730-B830-4C24-BB5C-222DA1260548}\ARPPRODUCTICON.exe + 2006-07-26 22:27 . 2009-04-27 17:43 204318 c:\windows\system32\inetsrv\MetaBase.bin + 2008-10-24 20:46 . 2009-04-27 18:03 262144 c:\windows\system32\config\systemprofile\NtUser.dat - 2008-10-24 20:46 . 2009-04-23 07:38 262144 c:\windows\system32\config\systemprofile\NtUser.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\ctfmon.exe" [2001-08-28 13312] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2001-08-02 1077277] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-04-27 282624] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-10 136600] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-07-27 271672] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 185632] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2001-08-28 13312] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-08-17 439872] c:\documents and settings\art\Menu D‚marrer\Programmes\D‚marrage\ ADILOOK Fran‡ais sur disque C.LNK - c:\coktel\ADI4\ADILOOK.EXE [1997-12-11 186880] OpenOffice.org 1.1.4.lnk - c:\program files\OpenOffice.org1.1.4\program\quickstart.exe [2004-10-28 61440] c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.exe.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2004-7-16 98304] Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2004-7-16 98304] Hyperappel du Petit Larousse 2009.lnk - c:\program files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe [2009-1-26 237568] Picture Package Menu.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2004-12-26 151552] Picture Package VCD Maker.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2004-12-26 106496] R2 pr2aqb2l;Lettriq Drivers Auto Removal (pr2aqb2l); [x] S0 avgntmgr;avgntmgr;c:\windows\SYSTEM32\DRIVERS\avgntmgr.sys [2008-01-21 22336] S0 pe3aqb2l;Lettriq Environment Driver (pe3aqb2l);c:\windows\system32\drivers\pe3aqb2l.sys [2008-12-04 68720] S0 pf2aqb2l;Lettriq File System Driver (pf2aqb2l);c:\windows\system32\drivers\pf2aqb2l.sys [2008-12-04 83568] S1 aswSP;avast! Self Protection; [x] S1 avgntdd;avgntdd;c:\windows\system32\DRIVERS\avgntdd.sys [2008-05-09 45376] . Contenu du dossier 'Tâches planifiées' 2009-04-13 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://home.neuf.fr/ uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = about:blank uInternet Settings,ProxyOverride = localhost uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: {{8354F0FE-550E-4E14-AFE1-E5CEF9009311} IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} - hxxp://www.presslabo.com/importer/MypixUploader.cab DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} - file://d:\content\include\XPPatchInstaller.CAB DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} - file://d:\content\include\msSecUcd.cab DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} - hxxp://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab FF - ProfilePath - c:\documents and settings\art\Application Data\Mozilla\Firefox\Profiles\ehhbyd39.default\ FF - prefs.js: browser.startup.homepage - hxxp://tempsreel.nouvelobs.com/index.html ---- PARAMETRES FIREFOX ---- FF - user.js: yahoo.homepage.dontask - true. ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-27 21:29 Windows 5.1.2600 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1757981266-706699826-725345543-1006\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(648) c:\windows\system32\ODBC32.dll c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll - - - - - - - > 'lsass.exe'(704) c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll c:\windows\System32\dssenh.dll - - - - - - - > 'explorer.exe'(2276) c:\windows\System32\msi.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll . Heure de fin: 2009-04-27 21:31 ComboFix-quarantined-files.txt 2009-04-27 19:29 ComboFix2.txt 2009-04-27 18:30 ComboFix3.txt 2009-04-23 07:57 Avant-CF: 61 658 177 536 octets libres Après-CF: 61 655 040 000 octets libres 166
×
×
  • Créer...