Aller au contenu

Coolix

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    10

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Coolix

  1. Coolix
    Re, Merci pour ton efficacité en tout cas!! Juste au sujet du programme Smad-Lock je ne l'ai pas installé, avant de poster je n'avais que avast et spybot, c'est peut etre ces logiciels qui ont fait ça? Et je peux l'effacer ce dossier autorun? Cordialement
  2. Coolix
    Bonsoir, Ci-dessous le rapport Logfile of random's system information tool 1.08 (written by random/random) Run by Zaz' at 2010-08-05 00:16:00 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 12 GB (14%) free of 84 GB Total RAM: 1015 MB (52% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:16:09, on 05/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\EeePC\ACPI\AsTray.exe C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe C:\Program Files\EeePC\ACPI\AsEPCMon.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Zaz'\Bureau\RSIT.exe C:\Program Files\trend micro\Zaz'.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: ImageMixer 3 SE Camera Monitor Ver.4.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: SuperHybridEngine.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://srv07.admin.over-blog.com/fdata/iu/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242922962478 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242922950072 O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 10602 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072] "AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-12-04 114688] "AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-12-17 622592] "AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] "SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-09-18 16855040] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] ""= [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe ImageMixer 3 SE Camera Monitor Ver.4.lnk - C:\Program Files\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0 "NoDriveAutoRun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=0 "NoDriveTypeAutoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\iTunes\iTunesHelper.exe"="C:\Program Files\iTunes\iTunesHelper.exe:*:Disabled:iTunesHelper" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" ======List of files/folders created in the last 3 months====== 2010-08-04 15:26:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$ 2010-08-03 18:00:46 ----RASHD---- C:\Autorun.inf 2010-08-03 02:30:44 ----D---- C:\UsbFix 2010-08-03 01:56:00 ----SHD---- C:\RECYCLER 2010-08-03 01:23:24 ----A---- C:\ComboFix.txt 2010-08-03 01:12:55 ----A---- C:\Boot.bak 2010-08-03 01:12:49 ----RASHD---- C:\cmdcons 2010-08-03 01:08:05 ----D---- C:\WINDOWS\ERDNT 2010-08-02 22:56:59 ----D---- C:\Program Files\trend micro 2010-08-02 22:56:58 ----D---- C:\rsit 2010-07-30 18:53:51 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys 2010-07-30 18:53:50 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys 2010-07-30 18:53:50 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys 2010-07-30 18:53:50 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys 2010-07-30 18:53:45 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys 2010-07-30 18:53:41 ----D---- C:\Program Files\Avira 2010-07-30 18:53:41 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2010-07-30 04:00:35 ----D---- C:\Documents and Settings\Zaz'\Application Data\Malwarebytes 2010-07-30 04:00:19 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-07-30 04:00:17 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-07-30 04:00:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-07-30 04:00:16 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-07-30 01:41:44 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-07-30 01:41:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-07-30 01:21:50 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software 2010-07-29 14:35:47 ----N---- C:\WINDOWS\system32\browserchoice.exe 2010-07-18 04:43:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$ 2010-06-13 18:48:49 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$ 2010-06-13 18:48:35 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$ 2010-06-13 18:46:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$ 2010-06-13 18:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$ 2010-06-13 18:44:46 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$ 2010-06-13 18:44:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$ 2010-06-08 09:47:59 ----A---- C:\WINDOWS\system32\javaws.exe 2010-06-08 09:47:59 ----A---- C:\WINDOWS\system32\javaw.exe 2010-06-08 09:47:59 ----A---- C:\WINDOWS\system32\java.exe 2010-06-08 09:47:59 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-05-26 19:50:07 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$ 2010-05-26 19:49:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-05-18 10:10:46 ----D---- C:\Documents and Settings\Zaz'\Application Data\InterVideo ======List of files/folders modified in the last 3 months====== 2010-08-05 00:16:00 ----D---- C:\WINDOWS\Prefetch 2010-08-05 00:10:38 ----D---- C:\WINDOWS\Temp 2010-08-05 00:10:32 ----D---- C:\WINDOWS\system32\CatRoot2 2010-08-05 00:09:47 ----D---- C:\WINDOWS 2010-08-05 00:08:04 ----D---- C:\WINDOWS\system32 2010-08-05 00:08:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-08-05 00:07:53 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-08-04 17:16:48 ----HD---- C:\WINDOWS\inf 2010-08-04 15:26:36 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-08-03 18:09:41 ----HD---- C:\WINDOWS\$hf_mig$ 2010-08-03 17:43:59 ----SHD---- C:\WINDOWS\Installer 2010-08-03 01:20:49 ----A---- C:\WINDOWS\system.ini 2010-08-03 01:20:34 ----D---- C:\WINDOWS\system32\drivers\etc 2010-08-03 01:16:46 ----D---- C:\WINDOWS\system32\drivers 2010-08-03 01:16:46 ----D---- C:\WINDOWS\AppPatch 2010-08-03 01:16:36 ----D---- C:\Program Files\Fichiers communs 2010-08-03 01:12:56 ----RASH---- C:\boot.ini 2010-08-02 22:56:59 ----RD---- C:\Program Files 2010-08-02 22:50:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$ 2010-08-01 13:04:54 ----AC---- C:\WINDOWS\ntbtlog.txt 2010-08-01 12:00:31 ----A---- C:\WINDOWS\win.ini 2010-08-01 11:56:44 ----D---- C:\WINDOWS\pss 2010-08-01 02:17:36 ----D---- C:\Documents and Settings\Zaz'\Application Data\vlc 2010-07-30 18:52:32 ----D---- C:\WINDOWS\WinSxS 2010-07-30 18:12:36 ----D---- C:\Documents and Settings\Zaz'\Application Data\Orbit 2010-07-30 17:11:35 ----D---- C:\Documents and Settings 2010-07-30 10:49:24 ----D---- C:\Documents and Settings\All Users\Application Data\PIXELA 2010-07-30 10:49:17 ----HD---- C:\Program Files\InstallShield Installation Information 2010-07-30 10:49:17 ----D---- C:\Program Files\PIXELA 2010-07-30 10:47:43 ----D---- C:\Program Files\Canon 2010-07-30 10:47:35 ----D---- C:\Program Files\Google 2010-07-30 10:47:12 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-07-30 10:45:31 ----A---- C:\WINDOWS\imsins.BAK 2010-07-30 10:43:58 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-07-30 10:43:03 ----D---- C:\Documents and Settings\Zaz'\Application Data\Western Digital 2010-07-30 01:22:06 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-07-30 01:21:50 ----D---- C:\Program Files\Alwil Software 2010-07-28 19:40:25 ----D---- C:\Program Files\DOSBox-0.73 2010-07-27 08:30:01 ----A---- C:\WINDOWS\system32\shell32.dll 2010-07-26 19:24:38 ----D---- C:\Documents and Settings\Zaz'\Application Data\Skype 2010-07-22 09:57:09 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2010-07-07 16:58:05 ----D---- C:\Documents and Settings\Zaz'\Application Data\dvdcss 2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe 2010-06-30 12:01:44 ----SD---- C:\Documents and Settings\Zaz'\Application Data\Microsoft 2010-06-27 21:08:03 ----D---- C:\WINDOWS\Microsoft.NET 2010-06-27 21:07:57 ----RSD---- C:\WINDOWS\assembly 2010-06-13 18:45:37 ----D---- C:\Program Files\Internet Explorer 2010-06-13 18:45:19 ----D---- C:\WINDOWS\ie8updates 2010-06-09 01:50:54 ----D---- C:\Documents and Settings\Zaz'\Application Data\uTorrent 2010-06-08 09:47:52 ----D---- C:\Program Files\Java 2010-06-08 09:33:39 ----D---- C:\Program Files\uTorrent 2010-05-26 19:49:56 ----D---- C:\Program Files\Outlook Express 2010-05-06 12:33:44 ----A---- C:\WINDOWS\system32\wininet.dll 2010-05-06 12:33:43 ----A---- C:\WINDOWS\system32\urlmon.dll 2010-05-06 12:33:43 ----A---- C:\WINDOWS\system32\occache.dll 2010-05-06 12:33:43 ----A---- C:\WINDOWS\system32\mstime.dll 2010-05-06 12:33:42 ----A---- C:\WINDOWS\system32\mshtml.dll 2010-05-06 12:33:39 ----A---- C:\WINDOWS\system32\msfeedsbs.dll 2010-05-06 12:33:39 ----A---- C:\WINDOWS\system32\msfeeds.dll 2010-05-06 12:33:38 ----A---- C:\WINDOWS\system32\jsproxy.dll 2010-05-06 12:33:38 ----A---- C:\WINDOWS\system32\iertutil.dll 2010-05-06 12:33:37 ----A---- C:\WINDOWS\system32\iepeers.dll 2010-05-06 12:33:36 ----A---- C:\WINDOWS\system32\ieframe.dll 2010-05-06 12:33:33 ----A---- C:\WINDOWS\system32\iedkcs32.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816] R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-09-18 1326528] R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752] R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-08-19 991656] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-09-18 4816896] R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-23 38400] R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-01-01 47360] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-05-30 534568] S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-24 156816] S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-03-10 57384] S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-02-04 37032] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-08-19 47272] S3 catchme;catchme; \??\C:\DOCUME~1\Zaz'\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-11-27 25216] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-20 691696] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-02 346720] R2 IviRegMgr;IviRegMgr; C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Merci aussi pour les différents liens c'est très instructif Cordialement Coolix
  3. Coolix
    Bonsoir, Ci dessous le rapport Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4388 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 04/08/2010 19:53:26 mbam-log-2010-08-04 (19-53-26).txt Type d'examen: Examen complet (C:\|D:\|F:\|G:\|H:\|I:\|J:\|) Elément(s) analysé(s): 323060 Temps écoulé: 2 heure(s), 18 minute(s), 53 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) A priori il n'a rien trouvé mais j'ai toujours un dossier mane dans deux disques. Je dois les effacer? Cordialement
  4. Coolix
    Thanos je viens d'envoyer le lien par Mp Merci j'ai réussi a supprimer le dossier Je lance le scan MBAM et poste le rapport des que possible Cordialement
  5. Coolix
    Bonjour Thanos, Tout d'abord je n'ai pas pu t'envoyer de mp, ça ne fonctionne pas Ensuite, je n'ai pas de dossier mane sur G: Par contre en explorant mes differents disques usb -Sur J: j'ai un dossier autorun.inf sur une cle usb dans lequel il y a un dossier con puis un dossier aux puis un dossier qui se nomme nul. This autorun.inf is LOCKED by SMADΔV to protect your Flash-Disk from virus infection. -Sur G: rien d'anormal...? (peut etre un fichier caché à la racine du disque qui s'appelle nikon001.dsc mais je pense que c'est plutot un fichier pour mes photos mais bon je n'ai pas l'impression qu'il était la avant...) -Sur C: (disque dur de l'ordi)rien d'anormal -Sur D: (partition du disque principal) rien d'anormal -Sur F: un dossier "mane" -Sur I: un dossier "mane" et un fichier RECYCLE.BIN Du coup je n'ai pas encore effectué le scan MBAM comme je ne suis pas sur (il n'a pas de dossier mane à supprimer dans G:) Cordialement
  6. Coolix
    Bonjour Thanos, Virus total a bien détecté un malware. Ci dessous le log Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2010.08.03.00 2010.08.03 - AntiVir 8.2.4.32 2010.08.03 - Antiy-AVL 2.0.3.7 2010.08.03 - Authentium 5.2.0.5 2010.08.03 W32/Rimecud.I.gen!Eldorado Avast 4.8.1351.0 2010.08.03 - Avast5 5.0.332.0 2010.08.03 Win32:SuspBehav-C AVG 9.0.0.851 2010.08.03 Cryptic.AQZ BitDefender 7.2 2010.08.03 - CAT-QuickHeal 11.00 2010.08.03 - ClamAV 0.96.0.3-git 2010.08.03 - Comodo 5631 2010.08.03 - DrWeb 5.0.2.03300 2010.08.03 Trojan.Packed.20655 Emsisoft 5.0.0.36 2010.08.03 - eSafe 7.0.17.0 2010.08.03 - eTrust-Vet 36.1.7759 2010.08.03 - F-Prot 4.6.1.107 2010.08.03 W32/Rimecud.I.gen!Eldorado F-Secure 9.0.15370.0 2010.08.03 - Fortinet 4.1.143.0 2010.08.02 - GData 21 2010.08.03 - Ikarus T3.1.1.84.0 2010.08.03 - Jiangmin 13.0.900 2010.08.03 - Kaspersky 7.0.0.125 2010.08.03 - McAfee 5.400.0.1158 2010.08.03 - McAfee-GW-Edition 2010.1 2010.08.03 Heuristic.BehavesLike.Win32.Spyware.H Microsoft 1.6004 2010.08.03 - NOD32 5337 2010.08.03 a variant of Win32/Kryptik.FRV Norman 6.05.11 2010.08.03 - nProtect 2010-08-03.01 2010.08.03 - Panda 10.0.2.7 2010.08.03 - PCTools 7.0.3.5 2010.08.03 - Prevx 3.0 2010.08.03 - Rising 22.59.01.04 2010.08.03 - Sophos 4.56.0 2010.08.03 - Sunbelt 6679 2010.08.03 - SUPERAntiSpyware 4.40.0.1006 2010.08.03 - Symantec 20101.1.1.7 2010.08.03 - TheHacker 6.5.2.1.330 2010.08.03 - TrendMicro 9.120.0.1004 2010.08.03 Mal_Palevo5 TrendMicro-HouseCall 9.120.0.1004 2010.08.03 Mal_Palevo5 VBA32 3.12.12.7 2010.08.02 Malware-Cryptor.Grygoryi.3 ViRobot 2010.8.3.3969 2010.08.03 - VirusBuster 5.0.27.0 2010.08.03 - Information additionnelle File size: 150528 bytes MD5...: 5baf7e3320e8144cc16e19d06b580ab2 SHA1..: 167772f4f723ba6c1be9bf178f20cbcb1c179327 SHA256: 5ce90ae1acd1d7c60f6a07c1fe655b4eb6cd415dd55aa7e20c59b78966e55daa ssdeep: 3072:w/aFw0lIwuiEK71A2bOouNyhZ61GZTjVZ83ng3sNf5QV4sO:w/a5Iri1Vju E6wjvCtNf5kg PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x4980 timedatestamp.....: 0x47dac55e (Fri Mar 14 18:35:10 2008) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xda93 0xdc00 6.48 c21c671c36d5d9a83f8b490c56849a65 .rdata 0xf000 0x2c00 0x2c00 5.55 1bc197a0a0042f1557911e9962b29875 .data 0x12000 0x13af8 0x13c00 6.69 17c8c451a4e3bd664cfa72a3af2503cb .rsrc 0x26000 0x1000 0x400 3.57 ce6a2c30413396344bd57d1dd86aee74 ( 3 imports ) > kernel32.dll: FindFirstFileW, FindNextFileW, FindClose, LoadLibraryA, LoadLibraryW, GetProcAddress, CreateFileW, ReadFile, WriteFile, GetFileSize, SetEndOfFile, CloseHandle, TlsAlloc, TlsGetValue, TlsFree, UnmapViewOfFile, MapViewOfFile, GetUserDefaultLangID, TlsSetValue, GlobalAddAtomA, GlobalFindAtomA, GlobalDeleteAtom, FindFirstFileA, FindNextFileA, GlobalReAlloc, CreateMutexA, ReleaseMutex, DeleteFileA, LoadLibraryExA, CreateFileA, FormatMessageA, WriteConsoleA, FindResourceA, LoadResource, SizeofResource, FreeResource, GetCPInfo, GetSystemInfo, CreateThread, GetCurrentThreadId, ResumeThread, SetThreadPriority, ExitThread, SetFileAttributesW, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, RemoveDirectoryA, lstrlenA, CopyFileA, GetDriveTypeA, LockResource, ExitProcess, GlobalLock, GetModuleFileNameA, FileTimeToDosDateTime, OpenMutexA, CreateProcessA, CreateEventA, SetEvent, ResetEvent, HeapAlloc, HeapCreate, HeapDestroy, GetProcessHeap, HeapReAlloc, HeapSize, HeapFree, GetShortPathNameA, CreateEventW, GlobalUnlock, IsDBCSLeadByte, ExpandEnvironmentStringsA, MultiByteToWideChar, InterlockedIncrement, GetLocaleInfoA, GetCurrentProcess, SetFileAttributesA, SetUnhandledExceptionFilter, GetExitCodeThread, TerminateThread, GetUserDefaultLCID, SetFilePointer, CreateProcessW, FindResourceW, InterlockedExchange, GetTempFileNameA, WaitForMultipleObjects, IsBadReadPtr, lstrcpynA, WaitForSingleObject, InterlockedCompareExchange, GetSystemDirectoryW, WritePrivateProfileStringA, GetCommandLineW, LoadLibraryExW, GetTempPathA, GetFullPathNameA, SetThreadLocale, lstrcmpiW, GetStringTypeExA, GetVersion, lstrcmpA, SetFileTime, GetLocaleInfoW, GlobalHandle, GetSystemTimeAsFileTime, QueryPerformanceCounter, GetTempPathW, SystemTimeToFileTime, RtlUnwind, GetLocalTime, SetEnvironmentVariableA, lstrcmpiA, DeviceIoControl, GetFileAttributesA, CompareStringA, GetTickCount, DisableThreadLibraryCalls, GetEnvironmentStrings, GetCommandLineA, GetModuleHandleA, GetCurrentThread, GetSystemDefaultLCID, FileTimeToSystemTime, GetFileTime, FileTimeToLocalFileTime, GetSystemDirectoryA, GetPrivateProfileStringA, IsBadCodePtr, GetCurrentDirectoryA, TerminateProcess, GetOEMCP, GetStdHandle, SetCurrentDirectoryA, RaiseException, VirtualAlloc, GetVersionExA, GetVersionExW, InterlockedDecrement, GetThreadLocale, LocalFree, CreateDirectoryA, IsDebuggerPresent > MSVCRT.DLL: _fstat, clearerr, _getcwd, _snwprintf, _fdopen, strtoul, _unlink, ceil, _pipe, _errno, _getch, _snprintf, _fullpath, __set_app_type, fwrite, realloc, _ultoa, pow, _setjmp, _wcsicmp, rewind, tolower, abort, atoi, _flsbuf, memcmp, _dup, sqrt, wcscspn, _write, wcstombs, __initenv, _unlock, _lseek, _itow, wctomb, fread, _isatty, _wcsupr, strtok, fclose, clock, fgetpos, _mktemp, _filelengthi64, __setusermatherr, setlocale, bsearch, _setmode, perror, memset, rand, putchar, fputs, _vsnwprintf, _get_osfhandle, _osver, strpbrk, _exit, strcmp, signal, _strcmpi, _isctype, ungetc, malloc, fopen, exit, _vsnprintf, towlower, _ismbblead, wcsncmp, _mkdir, strcat, srand, __dllonexit, _except_handler3, vsprintf, strcspn, strlen, _stricmp, memcpy, __p___initenv, ftell, sprintf, strncmp, getenv, _onexit, __mb_cur_max, __p__fmode, _chmod, _fileno, _mbsrchr, strspn, puts, _wcsnicmp, calloc, _getpid, _pctype, strchr, time, _CIsqrt, _wtol, wcscat, _open_osfhandle, isdigit, _mbsicmp, __p__environ, _acmdln, memchr, wcstol, __p__commode, __CxxFrameHandler, _mbscmp, _wfopen, _stat, _initterm, fgets, wcstoul, _XcptFilter, _umask, swprintf, fprintf, _lseeki64, log, _purecall, wcschr, fseek, _lock, strerror, fgetc, wcsstr, _iob, iswctype, rename, remove, __lc_codepage, cos, localtime, iswdigit, _filbuf, sin, toupper, _strnicmp, _read, fflush, _itoa, free, floor, fputc, _cexit, strtol, printf, isleadbyte, localeconv, isspace, strncpy, _strlwr, _CIpow, _c_exit, fsetpos, towupper, strrchr, wcslen, __badioinfo, memmove, strcpy, _wcslwr, _beginthreadex, atol, qsort, _putenv, _setjmp3, _close, swscanf, sscanf, atof, strncat, _controlfp, _strdup, strstr, _wtoi, ctime, _amsg_exit, _ftol, __getmainargs, _assert, isxdigit, atexit, iswspace, __pioinfo, wcsrchr, longjmp, gmtime, _adjust_fdiv, _utime, _open, wcscmp, wcsncpy > user32.dll: SendMessageA, IsWindowEnabled, PeekMessageA, GetSystemMetrics, LoadIconA, IsChild, MessageBeep, EmptyClipboard, ReleaseDC, ScreenToClient, GetDC, GetMenuState, FindWindowA, GetMenuItemCount, IsIconic, PtInRect, SetScrollInfo, BeginPaint, GetClassNameA, GetMenuItemID, DefWindowProcA, CharNextA, SetMenu, KillTimer, DispatchMessageA, GetMenu, GetWindowPlacement, SetScrollRange, GetCapture, SetCapture, IntersectRect, SendDlgItemMessageA, GetMessageA, RemovePropA, GetSysColor, EndDialog, WindowFromPoint, FrameRect, wsprintfA, CharLowerA, CreateWindowExA, SetTimer, CloseClipboard, SetWindowPlacement, DestroyCursor, DrawFrameControl, AdjustWindowRectEx, CreateMenu, IsRectEmpty, SetWindowLongA, GetScrollRange, WinHelpA, GetWindowRect, DrawEdge, CheckMenuItem, SetScrollPos, GetParent, GetClassInfoA, LoadStringA, DrawTextA, IsDialogMessageA, SetPropA, GetDlgItem, SetActiveWindow, SetWindowsHookExA, GetWindowLongA, SetForegroundWindow, SetCursor, GetKeyboardType, UnregisterClassA, RemoveMenu, EnableWindow, GetPropA, SetClipboardData, IsWindow, SetFocus, GetSystemMenu, GetWindowTextA, SystemParametersInfoA, WaitMessage, MessageBoxA, DestroyIcon, SetWindowTextA, DrawIconEx, GetClientRect, LoadBitmapA, OpenClipboard, ShowCursor, GetMessagePos, GetScrollInfo, DeleteMenu, GetCursorPos, SetRect, GetWindowDC, GetFocus, EnumWindows, GetScrollPos, DestroyWindow, CreatePopupMenu, GetActiveWindow, IsZoomed, RegisterClassA, MapWindowPoints, RedrawWindow, PostMessageA, FillRect, UpdateWindow, TranslateMessage, EqualRect, CallNextHookEx, OffsetRect, GetWindowThreadProcessId, EnableMenuItem, ReleaseCapture, SetClassLongA, GetTopWindow, GetMenuStringA, TrackPopupMenu, PostQuitMessage, RegisterWindowMessageA, GetSysColorBrush, GetDCEx, InflateRect, LoadCursorA, DrawMenuBar, GetLastActivePopup, IsWindowVisible, RegisterClipboardFormatA, InsertMenuItemA, GetIconInfo, InsertMenuA, DrawIcon, ShowWindow, UnhookWindowsHookEx, CallWindowProcA, DialogBoxParamA, EnumThreadWindows, SetWindowPos, GetKeyState, ScrollWindow ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Win64 Executable Generic (59.6%) Win32 Executable MS Visual C++ (generic) (26.2%) Win32 Executable Generic (5.9%) Win32 Dynamic Link Library (generic) (5.2%) Generic Win/DOS Executable (1.3%) Symantec Reputation Network: Suspicious.Insight Suspicious.Insight | Symantec sigcheck: publisher....: Hex-Rays SA copyright....: product......: The Interactive Disassembler description..: The Interactive Disassembler original name: IDAG.EXE internal name: The Interactive Disassembler file version.: 5.5.0.925 comments.....: signers......: - signing date.: - verified.....: Unsigned J'ai donc lancé l'outil suppression de usbfix mais mon pc n'a pas redemarrer Ci dessous le log ############################## | UsbFix 7.018 | [suppression] Utilisateur: Zaz' (Administrateur) # ZAVIETKA [ ] Mis à jour le 29/07/10 par El Desaparecido / C_XX Lancé à 17:54:27 | 03/08/2010 Site Web: Bienvenue dans nos Pages Persos Contact: FindyKill.Contact@gmail.com CPU: Intel® Atom CPU N280 @ 1.66GHz CPU 2: Intel® Atom CPU N280 @ 1.66GHz Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Pare-feu Windows: Activé Antivirus: AntiVir Desktop 9.0.1.32 [Enabled | Updated] RAM -> 1015 Mo C:\ (%systemdrive%) -> Disque fixe # 82 Go (11 Go libre(s) - 14%) [] # NTFS D:\ -> Disque fixe # 62 Go (186 Mo libre(s) - 0%) [] # NTFS E:\ -> CD-ROM F:\ -> Disque fixe # 932 Go (452 Go libre(s) - 48%) [DD Externe] # NTFS G:\ -> Disque amovible # 15 Go (3 Go libre(s) - 17%) [NIKON D90] # FAT32 H:\ -> CD-ROM I:\ -> Disque fixe # 297 Go (32 Go libre(s) - 11%) [My Passport] # NTFS J:\ -> Disque amovible # 4 Go (391 Mo libre(s) - 10%) [Lexar] # FAT32 ################## | Éléments infectieux | Non supprimé ! G:\mane\\\strane.exe Supprimé! G:\Autorun.inf Non supprimé ! H:\Autorun.inf ################## | Registre | Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives ################## | Mountpoints2 | ################## | Listing | [13/01/2010 - 17:22:29 | A | 0] C:\AUTOEXEC.BAT [01/08/2010 - 12:00:31 | A | 216] C:\Boot.bak [03/08/2010 - 01:12:56 | RASH | 286] C:\boot.ini [14/04/2008 - 14:00:00 | RASH | 4952] C:\Bootfont.bin [03/08/2010 - 01:12:55 | RASHD ] C:\cmdcons [03/08/2004 - 23:00:08 | A | 263488] C:\cmldr [03/08/2010 - 01:23:24 | A | 11841] C:\ComboFix.txt [13/01/2010 - 17:22:29 | A | 0] C:\CONFIG.SYS [30/07/2010 - 17:11:35 | D ] C:\Documents and Settings [13/01/2009 - 19:00:07 | D ] C:\Intel [13/01/2010 - 17:22:29 | RASH | 0] C:\IO.SYS [13/01/2010 - 17:22:29 | RASH | 0] C:\MSDOS.SYS [14/04/2008 - 14:00:00 | RASH | 47564] C:\NTDETECT.COM [14/04/2008 - 14:00:00 | RASH | 252240] C:\ntldr [03/08/2010 - 17:41:57 | ASH | 1598029824] C:\pagefile.sys [02/08/2010 - 22:56:59 | RD ] C:\Program Files [03/08/2010 - 01:23:28 | AD ] C:\Qoobox [03/08/2010 - 18:00:37 | SHD ] C:\RECYCLER [02/08/2010 - 22:57:17 | D ] C:\rsit [02/08/2010 - 22:52:46 | AH | 268] C:\sqmdata00.sqm [03/08/2010 - 02:27:33 | AH | 268] C:\sqmdata01.sqm [26/07/2010 - 20:24:20 | AH | 232] C:\sqmdata02.sqm [26/07/2010 - 20:26:18 | AH | 232] C:\sqmdata03.sqm [26/07/2010 - 20:52:30 | AH | 232] C:\sqmdata04.sqm [26/07/2010 - 22:43:52 | AH | 232] C:\sqmdata05.sqm [27/07/2010 - 08:20:58 | AH | 232] C:\sqmdata06.sqm [27/07/2010 - 08:22:49 | AH | 232] C:\sqmdata07.sqm [27/07/2010 - 18:47:56 | AH | 232] C:\sqmdata08.sqm [28/07/2010 - 15:04:45 | AH | 232] C:\sqmdata09.sqm [28/07/2010 - 15:07:48 | AH | 232] C:\sqmdata10.sqm [29/07/2010 - 14:44:45 | AH | 232] C:\sqmdata11.sqm [30/07/2010 - 18:08:24 | AH | 232] C:\sqmdata12.sqm [30/07/2010 - 18:45:43 | AH | 268] C:\sqmdata13.sqm [30/07/2010 - 18:51:44 | AH | 268] C:\sqmdata14.sqm [31/07/2010 - 09:34:31 | AH | 268] C:\sqmdata15.sqm [31/07/2010 - 14:51:33 | AH | 232] C:\sqmdata16.sqm [01/08/2010 - 12:35:33 | AH | 268] C:\sqmdata17.sqm [02/08/2010 - 17:33:43 | AH | 268] C:\sqmdata18.sqm [02/08/2010 - 17:39:52 | AH | 268] C:\sqmdata19.sqm [02/08/2010 - 22:52:45 | AH | 244] C:\sqmnoopt00.sqm [03/08/2010 - 02:27:33 | AH | 244] C:\sqmnoopt01.sqm [26/07/2010 - 20:24:20 | AH | 244] C:\sqmnoopt02.sqm [26/07/2010 - 20:26:18 | AH | 244] C:\sqmnoopt03.sqm [26/07/2010 - 20:52:30 | AH | 244] C:\sqmnoopt04.sqm [26/07/2010 - 22:43:52 | AH | 244] C:\sqmnoopt05.sqm [27/07/2010 - 08:20:58 | AH | 244] C:\sqmnoopt06.sqm [27/07/2010 - 08:22:49 | AH | 244] C:\sqmnoopt07.sqm [27/07/2010 - 18:47:55 | AH | 244] C:\sqmnoopt08.sqm [28/07/2010 - 15:04:45 | AH | 244] C:\sqmnoopt09.sqm [28/07/2010 - 15:07:48 | AH | 244] C:\sqmnoopt10.sqm [29/07/2010 - 14:44:45 | AH | 244] C:\sqmnoopt11.sqm [30/07/2010 - 18:08:24 | AH | 244] C:\sqmnoopt12.sqm [30/07/2010 - 18:45:43 | AH | 244] C:\sqmnoopt13.sqm [30/07/2010 - 18:51:44 | AH | 244] C:\sqmnoopt14.sqm [31/07/2010 - 09:34:30 | AH | 244] C:\sqmnoopt15.sqm [31/07/2010 - 14:51:33 | AH | 244] C:\sqmnoopt16.sqm [01/08/2010 - 12:35:32 | AH | 244] C:\sqmnoopt17.sqm [02/08/2010 - 17:33:43 | AH | 244] C:\sqmnoopt18.sqm [02/08/2010 - 17:39:52 | AH | 244] C:\sqmnoopt19.sqm [01/05/2009 - 03:15:15 | SHD ] C:\System Volume Information [03/08/2010 - 18:00:37 | D ] C:\UsbFix [03/08/2010 - 18:00:45 | A | 1501] C:\UsbFix.txt [03/08/2010 - 02:34:07 | D ] C:\WINDOWS [24/07/2010 - 23:27:31 | D ] D:\HongKong [30/06/2010 - 19:54:15 | D ] D:\Laos [24/07/2010 - 23:27:12 | D ] D:\Malaisie [27/04/2010 - 04:39:34 | D ] D:\Photos [03/08/2010 - 18:00:37 | SHD ] D:\RECYCLER [01/05/2009 - 03:12:02 | SHD ] D:\System Volume Information [01/08/2010 - 02:09:44 | D ] F:\Applications IpodTouch [13/02/2009 - 00:42:36 | D ] F:\Documents [01/08/2010 - 02:11:03 | D ] F:\Jeux [01/08/2010 - 02:10:32 | D ] F:\Logiciels Zip [31/07/2010 - 13:05:57 | RD ] F:\mane [29/03/2009 - 22:32:41 | D ] F:\Manga [28/10/2009 - 01:43:09 | D ] F:\Musique [01/08/2010 - 00:43:23 | D ] F:\Photos [01/08/2010 - 02:14:11 | D ] F:\Podcasts [03/08/2010 - 02:35:17 | SHD ] F:\RECYCLER [29/03/2009 - 23:04:06 | D ] F:\Roms [28/10/2009 - 00:32:26 | SHD ] F:\System Volume Information [01/08/2010 - 00:52:04 | D ] F:\Vidéo [18/07/2010 - 23:00:16 | AH | 512] G:\NIKON001.DSC [18/07/2010 - 23:00:16 | D ] G:\DCIM [30/07/2010 - 02:01:56 | RSHD ] G:\mane [18/06/2009 - 23:12:18 | R | 88] H:\autorun.inf [14/11/2009 - 02:33:06 | RD ] H:\Extras [13/11/2009 - 21:25:22 | R | 3687200] H:\Unlock.exe [13/11/2009 - 23:42:23 | RD ] H:\User Manuals [14/11/2009 - 02:30:12 | R | 1456475] H:\Virtual CD Manager.exe [14/11/2009 - 02:33:33 | RD ] H:\WD SmartWare [13/11/2009 - 21:25:22 | R | 3280672] H:\WD SmartWare.exe [18/06/2009 - 19:06:24 | R | 695] H:\What is this.html [03/08/2010 - 02:35:19 | D ] I:\$RECYCLE.BIN [01/08/2010 - 02:18:05 | D ] I:\Caméra [01/08/2010 - 02:26:08 | D ] I:\Documents [31/07/2010 - 13:08:38 | RD ] I:\mane [01/08/2010 - 02:24:19 | D ] I:\Photos [03/08/2010 - 18:00:37 | SHD ] I:\RECYCLER [30/07/2010 - 00:58:55 | SHD ] I:\System Volume Information [25/05/2010 - 22:37:16 | D ] J:\Words [31/07/2010 - 21:05:56 | A | 3342809088] J:\civ4.iso [15/05/2010 - 16:35:30 | AD ] J:\autorun.inf [22/05/2010 - 20:51:10 | RSHD ] J:\RECYCLER [03/08/2010 - 02:17:48 | D ] J:\Adobe Photoshop Lightroom v3.0 Build 677000 + Serials [22/05/2010 - 22:45:34 | D ] J:\Billets d'avion [24/05/2010 - 17:02:26 | A | 201216] J:\Prépa blog le bon.doc ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) I:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_ZAVIETKA.zip Upload pour UsbFix, Ad-Remover & FindyKill Merci de votre contribution. ################## | E.O.F | Quel est la suite? Merci beaucoup Cordialement Coolix
  7. Coolix
    Ci-dessous le scan ############################## | UsbFix 7.018 | [Recherche] Utilisateur: Zaz' (Administrateur) # ZAVIETKA [ ] Mis à jour le 29/07/10 par El Desaparecido / C_XX Lancé à 02:34:38 | 03/08/2010 Site Web: Bienvenue dans nos Pages Persos Contact: FindyKill.Contact@gmail.com CPU: Intel® Atom CPU N280 @ 1.66GHz CPU 2: Intel® Atom CPU N280 @ 1.66GHz Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Pare-feu Windows: Activé Antivirus: AntiVir Desktop 9.0.1.32 [Enabled | Updated] RAM -> 1015 Mo C:\ (%systemdrive%) -> Disque fixe # 82 Go (11 Go libre(s) - 14%) [] # NTFS D:\ -> Disque fixe # 62 Go (186 Mo libre(s) - 0%) [] # NTFS E:\ -> CD-ROM F:\ -> Disque fixe # 932 Go (452 Go libre(s) - 48%) [DD Externe] # NTFS G:\ -> Disque amovible # 15 Go (3 Go libre(s) - 17%) [NIKON D90] # FAT32 H:\ -> CD-ROM I:\ -> Disque fixe # 297 Go (32 Go libre(s) - 11%) [My Passport] # NTFS J:\ -> Disque amovible # 4 Go (391 Mo libre(s) - 10%) [Lexar] # FAT32 ################## | Éléments infectieux | Présent! G:\mane\\\strane.exe Présent! G:\Autorun.inf Présent! H:\Autorun.inf ################## | Registre | Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives ################## | Mountpoints2 | ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F | résultats? ça n'a pas l'air top... Merci encore Coolix
  8. Coolix
    Rebonsoir Thanos, Merci pour ton suivi très réactif Je te met le rapport ComboFix 10-08-02.01 - Zaz' 03/08/2010 1:14.1.2 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1015.658 [GMT 2:00] Lancé depuis: c:\documents and settings\Zaz'\Bureau\Coolix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Administrateur.ZAVIETKA\Application Data\nwvyyw.exe c:\documents and settings\Zaz'\Application Data\nwvyyw.exe c:\documents and settings\Zaz'\Recent\Thumbs.db c:\windows\system32\376421 c:\windows\system32\376421\shell.fne c:\windows\system32\376421\spec.fne c:\windows\system32\807758 c:\windows\system32\Thumbs.db F:\Autorun.inf . ((((((((((((((((((((((((((((( Fichiers créés du 2010-07-02 au 2010-08-02 )))))))))))))))))))))))))))))))))))) . 2010-08-02 20:56 . 2010-08-02 20:57 -------- d-----w- c:\program files\trend micro 2010-08-02 20:56 . 2010-08-02 20:57 -------- d-----w- C:\rsit 2010-07-30 16:53 . 2009-03-30 06:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-07-30 16:53 . 2009-11-25 08:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-07-30 16:53 . 2009-02-13 08:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-07-30 16:53 . 2009-02-13 08:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-07-30 16:53 . 2010-07-30 16:53 -------- d-----w- c:\program files\Avira 2010-07-30 16:53 . 2010-07-30 16:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-07-30 15:12 . 2010-07-30 15:12 -------- d-sh--w- c:\documents and settings\Administrateur.ZAVIETKA\IETldCache 2010-07-30 02:00 . 2010-07-30 02:00 -------- d-----w- c:\documents and settings\Zaz'\Application Data\Malwarebytes 2010-07-30 02:00 . 2010-04-29 11:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-07-30 02:00 . 2010-07-30 02:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-07-30 02:00 . 2010-07-30 02:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-30 02:00 . 2010-04-29 11:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-07-29 23:41 . 2010-08-02 15:38 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-07-29 23:41 . 2010-08-02 15:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-07-29 23:21 . 2010-07-29 23:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-07-29 12:35 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-02 20:55 . 2010-01-13 16:05 85402 ----a-w- c:\windows\system32\perfc00C.dat 2010-08-02 20:55 . 2010-01-13 16:05 511636 ----a-w- c:\windows\system32\perfh00C.dat 2010-08-01 00:17 . 2010-01-30 14:38 -------- d-----w- c:\documents and settings\Zaz'\Application Data\vlc 2010-07-30 16:12 . 2010-03-06 01:56 -------- d-----w- c:\documents and settings\Zaz'\Application Data\Orbit 2010-07-30 15:13 . 2010-07-30 15:11 146 ----a-w- c:\documents and settings\Administrateur.ZAVIETKA\Local Settings\Application Data\fusioncache.dat 2010-07-30 08:49 . 2009-11-21 18:14 -------- d-----w- c:\documents and settings\All Users\Application Data\PIXELA 2010-07-30 08:49 . 2009-10-28 13:55 -------- d-----w- c:\program files\PIXELA 2010-07-30 08:49 . 2009-01-13 16:59 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-07-30 08:47 . 2009-10-28 13:48 -------- d-----w- c:\program files\Canon 2010-07-30 08:47 . 2009-10-27 17:16 -------- d-----w- c:\program files\Google 2010-07-30 08:43 . 2010-04-11 18:32 -------- d-----w- c:\documents and settings\Zaz'\Application Data\Western Digital 2010-07-29 23:21 . 2009-05-21 17:15 -------- d-----w- c:\program files\Alwil Software 2010-07-28 17:40 . 2010-01-21 09:23 -------- d-----w- c:\program files\DOSBox-0.73 2010-07-26 17:24 . 2009-10-27 17:19 -------- d-----w- c:\documents and settings\Zaz'\Application Data\Skype 2010-07-07 14:58 . 2010-01-30 14:38 -------- d-----w- c:\documents and settings\Zaz'\Application Data\dvdcss 2010-06-14 14:31 . 2010-01-13 15:20 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-08 23:50 . 2010-01-25 19:46 -------- d-----w- c:\documents and settings\Zaz'\Application Data\uTorrent 2010-06-08 07:47 . 2009-01-13 17:17 -------- d-----w- c:\program files\Java 2010-06-08 07:33 . 2010-01-25 19:48 -------- d-----w- c:\program files\uTorrent 2010-06-01 08:43 . 2010-02-02 15:35 24248 ---ha-w- c:\windows\system32\mlfcache.dat 2010-05-27 09:25 . 2010-05-27 09:25 503808 ----a-w- c:\documents and settings\Zaz'\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-584e1516-n\msvcp71.dll 2010-05-27 09:25 . 2010-05-27 09:25 499712 ----a-w- c:\documents and settings\Zaz'\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-584e1516-n\jmc.dll 2010-05-27 09:25 . 2010-05-27 09:25 348160 ----a-w- c:\documents and settings\Zaz'\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-584e1516-n\msvcr71.dll 2010-05-27 09:25 . 2010-05-27 09:25 61440 ----a-w- c:\documents and settings\Zaz'\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4e98fec2-n\decora-sse.dll 2010-05-27 09:25 . 2010-05-27 09:25 12800 ----a-w- c:\documents and settings\Zaz'\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4e98fec2-n\decora-d3d.dll 2010-05-06 10:33 . 2010-01-13 16:05 916480 ----a-w- c:\windows\system32\wininet.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072] "AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-12-04 114688] "AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-12-17 622592] "AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-21 94208] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] "RTHDCPL"="RTHDCPL.EXE" [2008-09-18 16855040] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-9-2 604776] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\iTunes\\iTunesHelper.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [30/07/2010 18:53 108289] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys --> c:\windows\system32\DRIVERS\wdcsam.sys [?] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/01/2010 18:50 691696] . Contenu du dossier 'Tâches planifiées' 2010-07-29 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2010-08-02 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Envoyer à Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html . - - - - ORPHELINS SUPPRIMES - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe AddRemove-RealAlt_is1 - c:\program files\Video Convert Master\codec\real\unins000.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-03 01:20 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . Heure de fin: 2010-08-03 01:23:23 ComboFix-quarantined-files.txt 2010-08-02 23:23 Avant-CF: 11 975 446 528 octets libres Après-CF: 12 045 414 400 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect - - End Of File - - 8D2B8B9B2535913762AD6175D37D88B4 Qu'en est-il ? Cordialement Coolix Cordialement Coolix
  9. Coolix
    Bonsoir, Ci joint les rapports, a priori tout n'a pas été résolu, j'ai toujours une ouverture intempestive d'onglet sous firefox Mbam log info rsit log rsit Quel est ton avis sur ces résultats? Merci Cordialement Coolix
  10. Coolix
    Bonjour, Je me suis rendu compte qu'un truc pas sympa s'était installé sur mes deux ordi...et en plus sur mes disques durs externes... J'avais avast qui ma trouvé quelquechose mais je n'arrivais pas a m'en débarasser, j'ai supprimer avast et installé antivir qui lui ne me trouve rien du tout... Pourtant, des que j'insere un disque externe un fichier autorun s'installe, et meme parfois un fichier bizarre dans lequel je n'ai pas acces aux deux autres fichiers (i386 et nvi quelquechose). J'ai également des ouvertures de pages intempestives sur firefox vers des sites comme "workinghabit.com" J'ai également spybot search & destroy qui me trouve un trojan autorun mais qui a priori n'arrive pas a l'enlever. Voila, je remercie d'avance la personne qui pourra m'aider, ca commence a bien me faire ... ce truc Ci dessous un scan hijack Cordialement Coolix Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:59:04, on 31/07/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\EeePC\ACPI\AsTray.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe C:\Program Files\EeePC\ACPI\AsEPCMon.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Zaz'\Bureau\HiJackThis.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: ImageMixer 3 SE Camera Monitor Ver.4.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: SuperHybridEngine.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://srv07.admin.over-blog.com/fdata/iu/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242922962478 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242922950072 O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 10238 bytes
×
×
  • Créer...