Aller au contenu

Nano07

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    8

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Nano07

  1. Nano07
    Ok toujours pas de probléme. Merci de ton aide. C'est sympa d'avoir pris du temps pour m'aider.
  2. Nano07
    Aujourd'hui, je n'ai pas eu de probléme malgré beaucoup de temps passé a faire des recherches avec google.
  3. Nano07
    bonjour Voici le rapport demandé ComboFix 10-04-04.01 - Adriano 05/04/2010 11:59:23.1.2 - x86 MINIMAL Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.2046.1278 [GMT 2:00] Lancé depuis: c:\users\Adriano\Desktop\COlaF.exe * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500 c:\$recycle.bin\S-1-5-21-3524237473-286587594-1364336306-500 c:\$recycle.bin\S-1-5-21-853294072-244299953-3589974181-1003 c:\windows\system32\Ijl11.dll c:\windows\system32\Packet.dll c:\windows\system32\wpcap.dll . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NPF ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-05 au 2010-04-05 )))))))))))))))))))))))))))))))))))) . 2010-04-04 16:21 . 2010-04-04 16:22 -------- d-----w- c:\users\Pascale\AppData\Roaming\XnView 2010-04-04 16:14 . 2010-04-04 16:23 -------- d-----w- c:\users\Pascale\.gimp-2.6 2010-04-04 13:34 . 2010-04-04 13:34 -------- d-----w- c:\users\Pascale\AppData\Local\Nikon 2010-04-04 13:34 . 2010-04-04 13:34 -------- d-----w- c:\users\Pascale\AppData\Roaming\NIKON 2010-04-04 13:03 . 2010-04-04 13:03 -------- d-----w- c:\users\Pascale\AppData\Roaming\Malwarebytes 2010-04-03 17:20 . 2006-06-02 12:37 236800 ----a-w- c:\windows\system32\drivers\RT2500.sys 2010-04-03 17:09 . 2010-04-03 17:10 -------- d-----w- c:\program files\NVIDIA Corporation 2010-04-03 17:08 . 2010-03-16 06:51 56424 ----a-w- c:\windows\system32\OpenCL.dll 2010-04-03 17:08 . 2010-03-16 06:51 11573768 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2010-04-03 17:08 . 2010-03-16 06:51 15227496 ----a-w- c:\windows\system32\nvoglv32.dll 2010-04-03 17:08 . 2010-03-16 06:51 4029544 ----a-w- c:\windows\system32\nvcuda.dll 2010-04-03 17:08 . 2010-03-16 06:51 2646632 ----a-w- c:\windows\system32\nvcuvenc.dll 2010-04-03 17:08 . 2010-03-16 06:51 215656 ----a-w- c:\windows\system32\nvcod1910.dll 2010-04-03 17:08 . 2010-03-16 06:51 215656 ----a-w- c:\windows\system32\nvcod.dll 2010-04-03 17:08 . 2010-03-16 06:51 2009704 ----a-w- c:\windows\system32\nvcuvid.dll 2010-04-03 17:08 . 2010-03-16 06:51 11647592 ----a-w- c:\windows\system32\nvcompiler.dll 2010-04-03 17:08 . 2010-04-03 17:08 -------- d-----w- C:\NVIDIA 2010-04-03 16:59 . 2010-04-04 23:02 -------- d-----w- c:\program files\ma-config.com 2010-04-03 16:40 . 2010-04-03 16:40 -------- d-----w- c:\users\Pascale\AppData\Local\Mozilla 2010-04-03 16:09 . 2010-04-03 16:24 -------- d-----w- C:\FyK 2010-03-31 21:46 . 2010-03-31 21:53 -------- d-----w- C:\rsit 2010-03-31 21:41 . 2010-03-31 21:43 -------- d---a-w- C:\Navilog1 2010-03-31 21:41 . 2010-03-31 21:41 -------- d-----w- c:\program files\navilog1 2010-03-31 16:41 . 2010-02-23 07:56 977920 ----a-w- c:\windows\system32\wininet.dll 2010-03-30 18:37 . 2010-03-30 18:38 -------- d-----w- c:\users\Adriano\DoctorWeb 2010-03-30 16:47 . 2010-03-30 16:47 -------- d-----w- c:\programdata\F-Secure 2010-03-30 16:43 . 2010-03-30 16:43 -------- d-----w- c:\program files\Common Files\Java 2010-03-30 16:43 . 2010-03-30 16:42 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-30 16:42 . 2010-03-30 16:42 -------- d-----w- c:\program files\Java 2010-03-25 10:51 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll 2010-03-25 10:51 . 2010-03-25 10:52 -------- d-----w- c:\program files\PDFCreator 2010-03-25 10:51 . 1998-07-13 00:08 119568 ----a-w- c:\windows\system32\VB6FR.DLL 2010-03-25 10:51 . 1998-07-13 00:08 59904 ----a-w- c:\windows\system32\MSCC2FR.DLL 2010-03-25 10:51 . 1998-07-13 00:08 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL 2010-03-25 10:51 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2010-03-24 11:50 . 2010-03-24 12:58 -------- d-----w- c:\windows\BDOSCAN8 2010-03-24 08:24 . 2010-03-31 21:54 -------- d-----w- c:\program files\Trend Micro 2010-03-24 08:08 . 2010-04-04 20:09 -------- d-----w- c:\program files\Windows Live Safety Center 2010-03-22 12:07 . 2010-03-24 11:17 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-03-22 12:06 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-22 12:06 . 2010-04-03 18:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-22 12:06 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-21 16:56 . 2010-03-21 16:56 -------- d-----w- c:\program files\Xilisoft 2010-03-21 07:56 . 2010-03-21 07:56 -------- d-----w- c:\users\Adriano\AppData\Local\dcunningham.net 2010-03-20 18:04 . 2010-03-20 18:22 -------- d-----w- c:\users\Adriano\AppData\Roaming\FileZilla 2010-03-20 18:04 . 2010-03-20 18:04 -------- d-----w- c:\program files\FileZilla FTP Client 2010-03-20 17:57 . 2007-12-30 04:01 307200 ----a-w- c:\users\Adriano\AppData\Roaming\Mozilla\Firefox\Profiles\jpfhesmy.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe 2010-03-20 17:57 . 2007-12-30 04:01 172032 ----a-w- c:\users\Adriano\AppData\Roaming\Mozilla\Firefox\Profiles\jpfhesmy.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe 2010-03-20 17:57 . 2007-12-30 04:01 90112 ----a-w- c:\users\Adriano\AppData\Roaming\Mozilla\Firefox\Profiles\jpfhesmy.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll 2010-03-17 19:09 . 2010-03-17 19:09 -------- d-----w- c:\users\Adriano\AppData\Roaming\WeecastPlayer.A27AB7741756020517D10FDBA9AD7A2F55F5F984.1 2010-03-17 19:09 . 2010-03-17 19:06 38784 ----a-w- c:\users\Adriano\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-03-17 19:09 . 2010-03-17 19:06 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-03-17 19:09 . 2010-03-17 19:09 -------- d-----w- c:\program files\Common Files\Adobe AIR 2010-03-16 00:15 . 2010-03-16 00:15 985704 ----a-w- c:\windows\system32\nvsvc.dll 2010-03-16 00:15 . 2010-03-16 00:15 1515624 ----a-w- c:\windows\system32\nvsvcr.dll 2010-03-16 00:15 . 2010-03-16 00:15 129640 ----a-w- c:\windows\system32\nvvsvc.exe 2010-03-16 00:14 . 2010-03-16 00:14 13683816 ----a-w- c:\windows\system32\nvcpl.dll 2010-03-16 00:14 . 2010-03-16 00:14 110696 ----a-w- c:\windows\system32\nvmctray.dll 2010-03-14 21:25 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe 2010-03-14 19:51 . 2010-03-14 19:51 -------- d-----w- c:\programdata\Multipressor 2010-03-14 19:49 . 2010-03-14 19:49 49152 ----a-r- c:\users\Adriano\AppData\Roaming\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe 2010-03-14 19:29 . 2010-03-14 19:29 199168 --sha-r- c:\windows\system32\QAGENTG.dll 2010-03-14 18:30 . 2010-03-14 18:30 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2010-03-14 15:35 . 2010-03-14 15:35 -------- d-----w- c:\users\Adriano\AppData\Roaming\Live Downloader 2010-03-11 19:38 . 2010-03-11 19:38 -------- d-----w- c:\programdata\GARMIN 2010-03-11 19:37 . 2010-03-11 19:37 -------- d-----w- C:\Garmin 2010-03-11 18:06 . 2010-03-11 19:36 -------- d-----w- c:\users\Adriano\AppData\Roaming\GARMIN 2010-03-11 18:06 . 2010-03-11 18:06 -------- d-----w- c:\program files\Garmin GPS Plugin 2010-03-11 18:06 . 2010-03-11 18:06 -------- d-----w- c:\program files\DIFX 2010-03-11 18:06 . 2010-03-11 19:38 -------- d-----w- c:\program files\Garmin 2010-03-08 17:39 . 2010-03-08 17:41 -------- d-----w- c:\programdata\FLEXnet 2010-03-08 17:31 . 2010-03-08 17:31 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2010-03-06 16:52 . 2010-03-06 16:52 -------- d-----w- c:\program files\Plug-Ins . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-05 10:02 . 2009-07-14 08:39 721680 ----a-w- c:\windows\system32\perfh00C.dat 2010-04-05 10:02 . 2009-07-14 08:39 139916 ----a-w- c:\windows\system32\perfc00C.dat 2010-04-04 16:25 . 2010-03-03 18:43 20 ---h--w- c:\programdata\PKP_DLbx.DAT 2010-04-04 13:34 . 2009-12-23 19:17 296400 ----a-w- c:\users\Pascale\AppData\Local\GDIPFONTCACHEV1.DAT 2010-04-03 17:47 . 2009-12-20 15:16 296400 ----a-w- c:\users\Adriano\AppData\Local\GDIPFONTCACHEV1.DAT 2010-04-03 17:20 . 2009-12-19 18:45 -------- d-----w- c:\program files\Hercules 2010-04-03 17:10 . 2010-01-30 08:27 -------- d-----w- c:\programdata\NVIDIA 2010-04-03 17:05 . 2010-04-03 17:05 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_point32k_01009.Wdf 2010-03-31 19:53 . 2009-12-27 17:53 -------- d-----w- c:\users\Adriano\AppData\Roaming\vlc 2010-03-29 19:00 . 2010-02-14 17:25 -------- d-----w- c:\users\Adriano\AppData\Roaming\Canon 2010-03-29 18:27 . 2009-12-19 21:22 -------- d-----w- c:\program files\CCleaner 2010-03-25 09:00 . 2009-12-20 16:14 -------- d-----w- c:\programdata\Microsoft Help 2010-03-24 14:37 . 2009-12-26 16:34 -------- d-----w- c:\users\Adriano\AppData\Roaming\XnView 2010-03-22 13:51 . 2009-12-27 19:36 -------- d-----w- c:\users\Adriano\AppData\Roaming\Azureus 2010-03-22 13:38 . 2010-02-28 10:59 -------- d-----w- c:\programdata\Lavasoft 2010-03-21 16:56 . 2010-01-09 16:50 -------- d-----w- c:\users\Adriano\AppData\Roaming\Xilisoft Corporation 2010-03-20 17:20 . 2010-03-03 18:32 -------- d-----w- c:\program files\Common Files\Nikon 2010-03-20 17:20 . 2010-03-03 18:31 0 ---h--w- c:\programdata\PKP_DLdw.DAT 2010-03-20 17:18 . 2010-02-28 15:34 -------- d-----w- c:\users\Adriano\AppData\Roaming\ESTsoft 2010-03-20 17:18 . 2010-02-28 15:34 -------- d-----w- c:\programdata\ESTsoft 2010-03-16 19:40 . 2010-03-16 19:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2010-03-16 06:51 . 2010-04-03 17:08 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd 2010-03-16 06:51 . 2009-09-27 22:12 600680 ----a-w- c:\windows\system32\nvudisp.exe 2010-03-16 06:51 . 2009-09-27 22:12 1296488 ----a-w- c:\windows\system32\nvapi.dll 2010-03-16 06:51 . 2009-06-10 21:19 9386088 ----a-w- c:\windows\system32\nvd3dum.dll 2010-03-14 19:51 . 2010-03-03 18:34 -------- d-----w- c:\users\Adriano\AppData\Roaming\Nikon 2010-03-14 18:30 . 2010-02-28 13:05 -------- d-----w- c:\program files\Common Files\Adobe 2010-03-12 09:26 . 2010-01-30 08:27 600680 ----a-w- c:\windows\system32\nvuninst.exe 2010-03-06 10:21 . 2009-12-26 17:34 -------- d-----w- c:\users\Adriano\AppData\Roaming\gtk-2.0 2010-03-03 18:45 . 2010-03-03 18:45 20 ---h--w- c:\programdata\PKP_DLck.DAT 2010-03-03 18:45 . 2010-03-03 18:45 -------- d-----w- c:\programdata\MIDI Patch Names 2010-03-03 18:45 . 2010-03-03 18:31 -------- d-----w- c:\programdata\Ultima_T15 2010-03-03 18:45 . 2010-03-03 18:31 -------- d-----w- c:\programdata\EnterNHelp 2010-03-03 18:43 . 2010-03-03 18:32 -------- d-----w- c:\program files\Nikon 2010-03-03 18:33 . 2010-03-03 18:33 57344 ----a-r- c:\users\Adriano\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe 2010-02-28 15:37 . 2010-02-28 15:37 2734 ----a-r- c:\users\Adriano\AppData\Roaming\Microsoft\Installer\{44FC0AF5-40EC-498E-A836-66199A9D69FB}\_BFA178B815B81ACFB491F5.exe 2010-02-28 15:37 . 2010-02-28 15:37 2734 ----a-r- c:\users\Adriano\AppData\Roaming\Microsoft\Installer\{44FC0AF5-40EC-498E-A836-66199A9D69FB}\_6FEFF9B68218417F98F549.exe 2010-02-28 15:37 . 2010-02-28 15:37 2734 ----a-r- c:\users\Adriano\AppData\Roaming\Microsoft\Installer\{44FC0AF5-40EC-498E-A836-66199A9D69FB}\_1C5BB49D830401D284D208.exe 2010-02-28 15:37 . 2010-02-28 15:37 -------- d-----w- c:\program files\ePaperPress 2010-02-28 15:30 . 2010-02-28 15:30 249856 ------w- c:\windows\Setup1.exe 2010-02-28 15:30 . 2010-02-28 15:30 73216 ----a-w- c:\windows\ST6UNST.EXE 2010-02-28 11:22 . 2010-02-28 11:22 -------- d-----w- c:\users\Adriano\AppData\Roaming\Malwarebytes 2010-02-28 11:21 . 2010-02-28 11:21 -------- d-----w- c:\programdata\Malwarebytes 2010-02-28 11:00 . 2010-02-28 11:00 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-02-28 10:54 . 2010-02-28 10:54 97364760 ----a-w- c:\users\Adriano\Ad-AwareInstaller.exe 2010-02-28 10:52 . 2010-02-28 10:52 5115824 ----a-w- c:\users\Adriano\mbam-setup.exe 2010-02-27 19:23 . 2010-02-27 19:23 -------- d-----w- c:\program files\SureThing Express Labeler 2010-02-27 19:23 . 2010-02-27 19:23 -------- d-----w- c:\program files\Common Files\SureThing Shared 2010-02-27 19:19 . 2010-02-27 19:02 -------- d-----w- c:\program files\Pinnacle 2010-02-27 19:17 . 2010-02-27 19:17 29926 ----a-r- c:\users\Adriano\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe 2010-02-27 19:17 . 2010-02-27 19:17 -------- d-----w- c:\program files\Common Files\Pinnacle 2010-02-27 19:16 . 2010-02-27 19:16 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection 2010-02-27 19:15 . 2010-01-09 22:20 -------- d-----w- c:\programdata\Pinnacle 2010-02-27 19:07 . 2010-02-27 19:07 -------- d-----w- c:\program files\Common Files\Pegasus Imaging 2010-02-27 19:06 . 2010-02-27 19:06 -------- d-----w- c:\programdata\Studio 14 2010-02-27 19:06 . 2010-02-27 19:06 -------- d-----w- c:\programdata\Pinnacle Studio Plus 2010-02-27 18:08 . 2010-02-27 18:08 -------- d-----w- c:\users\Adriano\AppData\Roaming\theimagingfactory 2010-02-27 18:01 . 2010-02-27 18:01 -------- d-----w- c:\users\Adriano\AppData\Roaming\ePaperPress 2010-02-24 09:16 . 2009-12-19 20:40 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-02-23 14:58 . 2010-02-23 14:53 -------- d-----w- c:\users\Pascale\AppData\Roaming\Canon 2010-02-23 14:57 . 2010-02-23 14:55 -------- d-----w- c:\users\Pascale\AppData\Roaming\PhotoFiltre 2010-02-21 19:59 . 2010-02-21 19:56 -------- d-----w- c:\users\Adriano\AppData\Roaming\PhotoFiltre 2010-02-18 19:55 . 2010-01-10 11:00 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-02-18 19:43 . 2009-12-27 17:55 -------- d-----w- c:\users\Adriano\AppData\Roaming\dvdcss 2010-02-14 19:16 . 2010-02-14 19:16 -------- d-----w- c:\program files\Canon 2010-02-14 19:16 . 2007-01-26 16:14 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-02-14 10:42 . 2009-12-20 20:28 -------- d-----w- c:\program files\Windows Live 2010-02-02 07:45 . 2010-02-24 17:40 2048 ----a-w- c:\windows\system32\tzres.dll 2010-01-18 23:29 . 2010-02-10 16:24 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-01-18 23:29 . 2010-02-10 16:24 85504 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-01-18 23:29 . 2010-02-10 16:24 365568 ----a-w- c:\windows\system32\secproc_isv.dll 2010-01-18 23:29 . 2010-02-10 16:24 369152 ----a-w- c:\windows\system32\secproc.dll 2010-01-18 23:28 . 2010-02-10 16:24 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-01-18 23:28 . 2010-02-10 16:24 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-01-18 23:28 . 2010-02-10 16:24 320512 ----a-w- c:\windows\system32\RMActivate.exe 2010-01-18 23:28 . 2010-02-10 16:24 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-01-08 03:18 . 2010-02-10 16:25 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2010-01-08 03:17 . 2010-02-10 16:25 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-01-05 18:00 . 2010-01-09 19:37 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-08-25 81920] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-08-25 221184] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-03-29 1086856] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "UacDisableNotify"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-20 691696] S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-20 108289] --- Autres Services/Pilotes en mémoire --- *Deregistered* - EraserUtilRebootDrv *Deregistered* - SPBBCDrv *Deregistered* - SRTSPX *Deregistered* - SYMDNS *Deregistered* - SymEvent *Deregistered* - SYMFW *Deregistered* - SYMIDS *Deregistered* - SYMNDISV *Deregistered* - SYMREDRV *Deregistered* - SYMTDI . Contenu du dossier 'Tâches planifiées' . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\Adriano\AppData\Roaming\Mozilla\Firefox\Profiles\jpfhesmy.default\ FF - component: c:\users\Adriano\AppData\Roaming\Mozilla\Firefox\Profiles\jpfhesmy.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x84E711F8]<< kernel: MBR read successfully detected MBR rootkit hooks: IoDeviceObjectType -> DumpProcedure -> 0xd46a624f SecurityProcedure -> 0x84ebc460 QueryNameProcedure -> 0x84ebc5f0 user & kernel MBR OK ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,b6,ea,42,35,b9,d4,44,b4,82,6e,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,b6,ea,42,35,b9,d4,44,b4,82,6e,\ [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\nvvsvc.exe c:\windows\system32\rundll32.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Windows Live\Family Safety\fsssvc.exe c:\windows\system32\taskhost.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\conhost.exe c:\windows\RtHDVCpl.exe c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\sppsvc.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Heure de fin: 2010-04-05 12:12:58 - La machine a redémarré ComboFix-quarantined-files.txt 2010-04-05 10:12 Avant-CF: 44 076 306 432 octets libres Après-CF: 43 762 122 752 octets libres - - End Of File - - 9EC87956B1B33169E2754A931BC69345
  4. Nano07
    merci ci joint la copie d'écran copie ecran
  5. Nano07
    Exuse moi pour cette question mais je suis un peu novice sur les forums. J'ai fait une copie d'écran que j'ai collé dans un document word pour ne pas la perdre. Cooment je fais pour te l'envoyer.
  6. Nano07
    Bonjour Le scan on line n'est dispo. Message du site "Bientôt disponible : Une nouvelle version de Kaspersky Online Scanner encore plus performante ! Kaspersky Online Scanner est en cours de réactualisation, veuillez nous en excuser. En attendant la nouvelle mouture optimisée de Kaspersky Online Scanner, téléchargez une version d'essai gratuite de Kaspersky Internet Security 2010, la solution antivirus qui possède toutes les fonctions nécessaires pour utiliser Internet en toute sécurité. En savoir plus..." Je fais un scan avec une version d'essai?
  7. Nano07
    Merci de ton aide Ci joint le rapport Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Version de la base de données: 3950 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 03/04/2010 21:07:08 mbam-log-2010-04-03 (21-07-08).txt Type d'examen: Examen rapide Elément(s) analysé(s): 112384 Temps écoulé: 7 minute(s), 10 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  8. Nano07
    Bonjour, depuis quelques temps, internet exporer ne redirige vers des pages qui ne correspondent pas la demande. C'est generalement des pubs (Wesdiscovers.com, Moodiva, on line Pharmacy). Mais sourtout il me met régulierement un message "Warning ! your computer is vulnerable to malware attacks). Un scan (bidon ?) du systéme s'effectue, puis un nouveau message apparait "Windows security Alert". Pour finir on me propose de télecharger un fichier intitulé Packupdate_build.231.exe. La source du télechargement est bestrev26pd.xorg.pl. Mon antivirus ne detecte rien (Antivir). J'ai utilisé des logigiels spécifiques comme adaware ou malwarebytes sans succés. Pouvez vous m'aider ? Ci joint le log Hijackthis. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:10:21, on 03/04/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [uSBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/...s/wlscctrl2.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://config.zebulon.fr/plugins/MaConfig_4_0_2_0.cab O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing) -- End of file - 4760 bytes
×
×
  • Créer...