Aller au contenu

Fanoz

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    30

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Fanoz

  1. Fanoz
    Bonsoir, Voici le rapport de combofix ComboFix 10-09-12.04 - fanoz 13/09/2010 22:14:18.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1311 [GMT 2:00] Lancé depuis: c:\documents and settings\fanoz\Bureau\ComboFix.exe AV: McAfee AntiVirus et AntiSpyware *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\ARNAUD~1\LOCALS~1\Temp\clclean.0001.dir.0000\~df394b.tmp c:\docume~1\ARNAUD~1\LOCALS~1\Temp\sessmgr.exe c:\documents and settings\fanoz\Application Data\mqtgsvc.exe c:\documents and settings\fanoz\Local Settings\Application Data\Microsoft\ieudinit.exe c:\documents and settings\fanoz\Local Settings\Temp\clclean.0001.dir.0000\~df394b.tmp c:\windows\comrepl.exe c:\windows\ieudinit.exe c:\windows\mstsc.exe c:\windows\My.ini c:\windows\sessmgr.exe c:\windows\system\cmstp.exe c:\windows\system\rsvp.exe c:\windows\system32\Data c:\windows\system32\drivers\comrepl.exe c:\windows\system32\logs c:\windows\system32\logs\{02084FA7-ADD8-4108-8836-E16B17FD37E4}.log . ((((((((((((((((((((((((((((( Fichiers créés du 2010-08-13 au 2010-09-13 )))))))))))))))))))))))))))))))))))) . 2010-09-10 19:50 . 2010-09-10 19:50 -------- d-----w- c:\program files\iPod 2010-09-10 19:46 . 2010-09-10 19:47 -------- d-----w- c:\program files\QuickTime 2010-09-10 19:43 . 2010-09-10 19:43 -------- d-----w- c:\program files\Bonjour 2010-09-10 19:40 . 2010-09-10 19:40 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.0.0.68\SetupAdmin.exe 2010-09-01 02:38 . 2010-07-09 14:26 475136 ----a-w- c:\documents and settings\All Users\Application Data\Dell\RMC\RMCCreationInfo.exe 2010-09-01 02:38 . 2010-07-02 14:25 1118208 ------w- c:\documents and settings\All Users\Application Data\Dell\RMC\Libxml2.dll 2010-09-01 02:38 . 2010-07-02 14:25 60416 ----a-w- c:\documents and settings\All Users\Application Data\Dell\RMC\ZLib1.dll 2010-09-01 02:37 . 2010-08-17 18:10 372736 ------w- c:\documents and settings\All Users\Application Data\Dell\DSL\DSLCheck.exe 2010-08-25 19:51 . 2010-08-25 19:52 -------- d-----w- C:\da35e73114a6ec68195887 . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-12 14:36 . 2010-05-30 21:23 -------- d-----w- c:\documents and settings\fanoz\Application Data\XnView 2010-09-11 18:55 . 2010-07-23 19:22 -------- d-----w- c:\documents and settings\fanoz\Application Data\vlc 2010-09-10 19:51 . 2009-06-17 21:28 -------- d-----w- c:\program files\iTunes 2010-09-10 19:50 . 2009-05-17 19:13 -------- d-----w- c:\program files\Fichiers communs\Apple 2010-09-09 15:29 . 2009-03-21 17:53 -------- d-----w- c:\program files\Microsoft Silverlight 2010-09-07 18:57 . 2008-06-14 20:22 -------- d-----w- c:\program files\adslTV 2010-09-07 14:56 . 2007-11-06 21:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Dell 2010-08-25 19:52 . 2008-01-20 17:06 -------- d-----w- c:\program files\Windows Media Connect 2 2010-08-15 18:10 . 2007-01-29 23:13 66016 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-08-13 14:50 . 2010-08-13 14:50 -------- d-----w- c:\program files\Remove Empty Directories 2010-08-13 08:10 . 2005-09-01 05:53 85744 ----a-w- c:\windows\system32\perfc00C.dat 2010-08-13 08:10 . 2005-09-01 05:53 512206 ----a-w- c:\windows\system32\perfh00C.dat 2010-08-10 17:39 . 2007-11-02 20:26 50280 ---ha-w- c:\windows\system32\mlfcache.dat 2010-08-06 17:26 . 2010-08-06 17:26 -------- d-----w- c:\documents and settings\fanoz\Application Data\Malwarebytes 2010-08-06 17:25 . 2010-08-06 17:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-06 17:25 . 2010-08-06 17:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-06 06:11 . 2010-08-06 06:11 503808 ----a-w- c:\documents and settings\fanoz\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-210319c4-n\msvcp71.dll 2010-08-06 06:11 . 2010-08-06 06:11 61440 ----a-w- c:\documents and settings\fanoz\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1c6c57e2-n\decora-sse.dll 2010-08-06 06:11 . 2010-08-06 06:11 499712 ----a-w- c:\documents and settings\fanoz\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-210319c4-n\jmc.dll 2010-08-06 06:11 . 2010-08-06 06:11 348160 ----a-w- c:\documents and settings\fanoz\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-210319c4-n\msvcr71.dll 2010-08-06 06:11 . 2010-08-06 06:11 12800 ----a-w- c:\documents and settings\fanoz\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1c6c57e2-n\decora-d3d.dll 2010-08-02 19:35 . 2008-05-25 15:25 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-07-30 18:50 . 2010-07-30 18:48 -------- d-----w- c:\program files\XBMC 2010-07-30 18:50 . 2010-07-30 18:48 -------- d-----w- c:\documents and settings\fanoz\Application Data\XBMC 2010-07-30 18:14 . 2010-07-30 18:14 -------- d-----w- c:\program files\FreeMi UPnP Media Server 2010-07-27 16:44 . 2010-07-27 16:44 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-07-27 16:44 . 2010-07-27 16:44 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-07-23 06:32 . 2008-01-25 22:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Zylom 2010-07-23 06:30 . 2010-01-29 19:02 -------- d-----w- c:\program files\McAfee 2010-07-21 06:23 . 2009-04-16 18:25 -------- d-----w- c:\program files\eMule 2010-07-19 19:40 . 2008-02-10 22:32 -------- d-----w- c:\documents and settings\fanoz\Application Data\FileZilla 2010-07-18 19:31 . 2007-03-31 20:57 -------- d-----w- c:\documents and settings\fanoz\Application Data\dvdcss 2010-07-16 06:56 . 2008-02-10 22:18 -------- d-----w- c:\program files\FileZilla FTP Client 2010-06-30 12:32 . 2005-09-01 05:53 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:25 . 2005-09-01 05:53 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2005-09-01 05:53 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2005-09-01 05:53 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2005-09-01 05:53 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-04-27 15:16 . 2010-04-13 18:05 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll 2007-11-08 19:03 . 2007-02-06 06:44 168 --sh--r- c:\windows\system32\5B56CF0460.sys 2006-05-03 09:06 . 2010-01-27 21:12 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-11-08 19:03 . 2007-02-06 06:44 7826 --sha-w- c:\windows\system32\KGyGaAvL.sys 2007-02-21 10:47 . 2010-01-27 21:12 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 . 2010-01-27 21:12 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 24576] "DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-28 395776] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "Google Update"="c:\documents and settings\fanoz\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-02 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552] "CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344] "MBMon"="CTMBHA.DLL" [2006-06-28 1355042] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "VoiceCenter"="c:\program files\Creative\VoiceCenter\AndreaVC.exe" [2006-02-16 1118208] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940] "ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952] "IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-10 44032] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-10-09 16384] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-24 1193848] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696] "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-04-13 47392] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-01 421160] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\fanoz\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^McAfee Security Scan Plus.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^fanoz^Menu Démarrer^Programmes^Démarrage^WinMySQLadmin.lnk] path=c:\documents and settings\fanoz\Menu Démarrer\Programmes\Démarrage\WinMySQLadmin.lnk backup=c:\windows\pss\WinMySQLadmin.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher] 2005-10-05 03:12 94208 ----a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] 2007-01-29 23:10 169984 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2008-09-02 20:24 133104 ----atw- c:\documents and settings\fanoz\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-09-01 06:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] 2007-05-28 08:14 528384 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2007-05-10 17:21 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"= "c:\\Program Files\\utorrent\\utorrent.exe"= "c:\\Program Files\\adslTV\\adslTV.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Documents and Settings\\fanoz\\Local Settings\\Application Data\\F4\\ClientUpdater\\Install.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\Empire Of Sports\\NetworkDiagnostic.exe"= "c:\\Program Files\\Empire Of Sports\\EmpireOfSports.exe"= "c:\\Documents and Settings\\fanoz\\Local Settings\\Application Data\\F4\\ClientUpdater\\ClientUpdater.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Spotify\\spotify.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"= "c:\\Program Files\\Fichiers communs\\McAfee\\McSvcHost\\McSvHost.exe"= "c:\\Program Files\\HomePlayer\\HomePlayer.exe"= "c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "10421:UDP"= 10421:UDP:SingleClick Discovery Protocol "10426:UDP"= 10426:UDP:SingleClick ICC "13537:TCP"= 13537:TCP:BitComet 13537 TCP "13537:UDP"= 13537:UDP:BitComet 13537 UDP "27164:TCP"= 27164:TCP:BitComet 27164 TCP "27164:UDP"= 27164:UDP:BitComet 27164 UDP R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [13/04/2010 20:05 82952] R2 Apache2.2;Apache2.2;c:\mariage\xampplite\apache\bin\httpd.exe [24/04/2010 16:00 29416] R2 hnmwrlspkt;HomeNet Manager Wireless Protocol;c:\windows\system32\drivers\hnm_wrls_pkt.sys [14/07/2006 03:01 13824] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [29/01/2010 21:04 88176] R2 McMPFSvc;Service McAfee Personal Firewall;"c:\program files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [13/04/2010 20:05 271480] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [13/04/2010 20:05 271480] R2 mfefire;McAfee Firewall Core Service;c:\program files\Fichiers communs\McAfee\SystemCore\mfefire.exe [13/04/2010 20:05 188136] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Fichiers communs\McAfee\SystemCore\mfevtps.exe [13/04/2010 20:05 141792] R2 wsppkt;Wireless Security Protocol;c:\windows\system32\drivers\wsp_pkt.sys [14/07/2006 03:02 13696] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [13/04/2010 20:05 55456] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [13/04/2010 20:05 312616] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [13/04/2010 20:05 88480] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 14:49 227232] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [13/04/2010 20:05 88480] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [13/04/2010 20:05 83496] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [07/04/2008 19:51 717296] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mfeavfk01 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contenu du dossier 'Tâches planifiées' 2010-09-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-99119568-3180119901-878157194-1005Core.job - c:\documents and settings\fanoz\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 20:24] 2010-09-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-99119568-3180119901-878157194-1005UA.job - c:\documents and settings\fanoz\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 20:24] 2010-09-13 c:\windows\Tasks\User_Feed_Synchronization-{19712C74-BDA3-4EC6-B880-C8C89890678B}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = local;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 DPF: {DF9C24D1-030E-49ED-5EB5-D6610086C313} - hxxp://www.superstarracing.net/miniclip/ChatRepublicPlayer.cab FF - ProfilePath - c:\documents and settings\fanoz\Application Data\Mozilla\Firefox\Profiles\fl4rlnez.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - component: c:\documents and settings\fanoz\Application Data\Mozilla\Firefox\Profiles\fl4rlnez.default\extensions\twitternotifier@naan.net\platform\WINNT\components\nsTwitterFoxSign.dll FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll FF - plugin: c:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll FF - plugin: c:\documents and settings\fanoz\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: c:\program files\Virtools\3D Life Player\npvirtools.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-nwiz - nwiz.exe HKU-Default-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe HKLM-Explorer_Run-ComRepl - c:\windows\System32\drivers\comrepl.exe HKLM-Explorer_Run-Mstsc - c:\windows\mstsc.exe HKLM-Explorer_Run-CmSTP - c:\windows\System\cmstp.exe HKLM-Explorer_Run-IEudinit - c:\windows\ieudinit.exe HKU-Default-Explorer_Run-ComRepl - c:\windows\comrepl.exe MSConfigStartUp-AppleSyncNotifier - c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-13 22:20 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Heure de fin: 2010-09-13 22:22:25 ComboFix-quarantined-files.txt 2010-09-13 20:22 Avant-CF: 95 502 241 792 octets libres Après-CF: 95 620 407 296 octets libres - - End Of File - - 36654A3479BF076F20988F49CF117B0C
  2. Fanoz
    le Firewall de Mcafee m'informe qu'un programme sur mon ordinateur tente d'accéder à Internet. Ce programme se nomme TODO: et est situé au même endroit que le cheval de troie. C:\Documents and Settings\fanoz\Local Settings\Temp\~temp\hmml109\csrss.exe Je le bloque toujours mais il revient. Que faire ? Merci d'avance
  3. Fanoz
    Et bien non, le problème est revenue Le cheval de Troie est mis en quarantaine par McAfee dans le dossier: C:\Documents and Settings\fanoz\Local Settings\Temp\~temp\spcrupl02\smss.exe. Il l'est même dans d'autres dossiers. Ca change assez souvent. Je ne suis pas sûr d'avoir désactiver totalement Mcafee pendant le scan de MBAM. Pensez-vous que cela ait pu jouer ? Merci d'avance pour votre aide !
  4. Fanoz
    Merci pour ton aide, Voici le 2nd rapport : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4399 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 06/08/2010 23:10:11 mbam-log-2010-08-06 (23-10-11).txt Type d'examen: Examen complet (C:\|) Elément(s) analysé(s): 296650 Temps écoulé: 2 heure(s), 3 minute(s), 24 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 8 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 10 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cmstp (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\spool (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\spool (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mqtgsvc (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ieudinit (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\esent utl (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\dllhst (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\clipsrv (Trojan.Downloader) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\Save (Adware.WhenU) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Documents and Settings\Arnaud Nicolas\Mes documents\u98.exe (Adware.UltraReach) -> Quarantined and deleted successfully. C:\Program Files\Save\ffext.mod (Adware.WhenU) -> Quarantined and deleted successfully. C:\Documents and Settings\Arnaud Nicolas\Application Data\sessmgr.exe (Trojan.Zaplo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\cmstp.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\spoolsv.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\mqtgsvc.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system\comrepl.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system\ieudinit.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Arnaud Nicolas\Local Settings\Temp\esentutl.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Arnaud Nicolas\Local Settings\Application Data\clipsrv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
  5. Fanoz
    Bonjour, Mcafee me détecte le trojan Artemis. Il semble le supprimer mais il revient toujours. Il semble situer dans le fichier csrss.exe Voici mon rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:45:48, on 05/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System\rsvp.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\stsystra.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\DOCUME~1\ARNAUD~1\LOCALS~1\Temp\clclean.0001 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Dell Support\DSAgnt.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Documents and Settings\Arnaud Nicolas\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe C:\mariage\xampplite\apache\bin\httpd.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\mariage\xampplite\apache\bin\httpd.exe C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe C:\mariage\xampplite\mysql\bin\mysqld.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe C:\Program Files\iTunes\iTunes.exe c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Arnaud Nicolas\Mes documents\Téléchargements\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll F3 - REG:win.ini: load=C:\WINDOWS\System\rsvp.exe F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: (no name) - {7418E5F5-0E48-4144-8F92-5CA791C82396} - (no file) O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Fichiers communs\McAfee\SystemCore\ScriptSn.20100518204556.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {DE713078-8012-4B75-92BA-398D4642A64B} - (no file) O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Arnaud Nicolas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKLM\..\Policies\Explorer\Run: [Esent Utl] C:\DOCUME~1\ARNAUD~1\LOCALS~1\Temp\esentutl.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [DllHst] C:\DOCUME~1\ARNAUD~1\LOCALS~1\Temp\dllhst3g.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [MqtgSVC] C:\WINDOWS\mqtgsvc.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [spool] C:\WINDOWS\System32\drivers\spoolsv.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [CmSTP] C:\WINDOWS\System32\drivers\cmstp.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [ClipSrv] C:\DOCUME~1\ARNAUD~1\LOCALS~1\APPLIC~1\clipsrv.exe /waitservice O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [spool] C:\WINDOWS\System32\drivers\spoolsv.exe /waitservice (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [spool] C:\WINDOWS\System32\drivers\spoolsv.exe /waitservice (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {A573D71B-951B-4BAD-B8CC-708AE84769C9} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O16 - DPF: {DF9C24D1-030E-49ED-5EB5-D6610086C313} - http://www.superstarracing.net/miniclip/ChatRepublicPlayer.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apache2.2 - Apache Software Foundation - C:\mariage\xampplite\apache\bin\httpd.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Service McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe O23 - Service: MySQL - MySQL AB - C:\mariage\xampplite\mysql\bin\mysqld.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- End of file - 16568 bytes Pouvez vous m'aider à l'éradiquer ? merci d'avance !
×
×
  • Créer...