Aller au contenu

jgui9

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    22

  • Inscription

  • Dernière visite

  • Jours gagnés

    1

 Type de contenu 

Tout ce qui a été posté par jgui9

  1. jgui9
    ---- 23.09.12 - 15h00 ---- rapport combofix je suis désemparé quelqu'un peu m'aider??? ComboFix 12-09-23.02 - julien 23/09/2012 14:33:31.1.4 - x86 Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3317.1291 [GMT 2:00] Lancé depuis: c:\users\Julien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1YCXUAP\ComboFix.exe AV: BitDefender Antivirus *Enabled/Updated* {982ADE23-275B-0766-37C5-DE01A484098E} FW: BitDefender Pare-feu *Enabled* {A0115F06-6D34-063E-1C9A-77345A574EF5} SP: BitDefender Antispyware *Enabled/Updated* {234B3FC7-0161-08E8-0D75-E573DF034333} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\$recycle.bin\S-1-5-18\$b8cc9d1737a94bbb38a340a3da7fa67f\n c:\$recycle.bin\S-1-5-21-3264778301-409837951-1310877394-1112\$b8cc9d1737a94bbb38a340a3da7fa67f\n c:\users\Julien\AppData\Local\assembly\tmp c:\windows\assembly\GAC\Desktop.ini . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-08-23 au 2012-09-23 )))))))))))))))))))))))))))))))))))) . . 2012-09-23 12:40 . 2012-09-23 12:43 -------- d-----w- c:\users\Julien\AppData\Local\temp 2012-09-23 12:40 . 2012-09-23 12:40 -------- d-----w- c:\users\sbs\AppData\Local\temp 2012-09-23 12:40 . 2012-09-23 12:40 -------- d-----w- c:\users\Guiberteau\AppData\Local\temp 2012-09-23 12:40 . 2012-09-23 12:40 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-09-23 12:12 . 2011-12-01 14:07 909728 ----a-w- c:\windows\system32\drivers\pctEFA.sys 2012-09-23 12:12 . 2011-12-01 14:07 342168 ----a-w- c:\windows\system32\drivers\pctDS.sys 2012-09-23 12:12 . 2012-02-24 08:31 107864 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys 2012-09-23 12:12 . 2012-02-24 08:31 253352 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2012-09-23 12:12 . 2011-11-14 13:12 331880 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2012-09-23 12:12 . 2011-11-14 13:12 162584 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2012-09-23 12:12 . 2012-02-24 08:36 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys 2012-09-23 12:12 . 2012-02-24 08:35 17848 ----a-w- c:\windows\system32\drivers\pctBTFix.sys 2012-09-23 12:12 . 2012-02-24 08:37 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2012-09-23 12:12 . 2012-09-23 12:30 -------- d-----w- c:\program files\PC Tools Security 2012-09-23 12:12 . 2012-09-23 12:14 -------- d-----w- c:\program files\Common Files\PC Tools 2012-09-23 12:12 . 2012-09-23 12:12 -------- d-----w- c:\programdata\PC Tools 2012-09-23 12:07 . 2012-09-23 12:15 -------- d-----w- c:\users\Julien\AppData\Roaming\GetRightToGo 2012-09-23 09:19 . 2012-09-23 09:34 -------- d-----w- c:\users\Julien\AppData\Roaming\Wise Registry Cleaner 2012-09-23 09:19 . 2012-09-23 09:19 -------- d-----w- c:\program files\Wise 2012-09-23 08:19 . 2012-09-23 08:19 110080 ----a-r- c:\users\Julien\AppData\Roaming\Microsoft\Installer\{ADAFC0B4-FC15-45D9-BAB3-BC7A8829D0C4}\IconCF33A0CE.exe 2012-09-23 08:19 . 2012-09-23 08:19 110080 ----a-r- c:\users\Julien\AppData\Roaming\Microsoft\Installer\{ADAFC0B4-FC15-45D9-BAB3-BC7A8829D0C4}\IconF7A21AF7.exe 2012-09-23 08:19 . 2012-09-23 08:19 110080 ----a-r- c:\users\Julien\AppData\Roaming\Microsoft\Installer\{ADAFC0B4-FC15-45D9-BAB3-BC7A8829D0C4}\IconD7F16134.exe 2012-09-23 08:19 . 2012-09-23 08:19 -------- d-----w- C:\sh4ldr 2012-09-23 08:19 . 2012-09-23 08:19 -------- d-----w- c:\program files\Enigma Software Group 2012-09-23 08:19 . 2012-09-23 09:34 -------- d-----w- c:\windows\ADAFC0B4FC1545D9BAB3BC7A8829D0C4.TMP 2012-09-23 08:19 . 2012-09-23 09:34 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2012-09-23 07:30 . 2012-09-23 07:56 -------- d-----w- c:\users\Julien\AppData\Local\ElevatedDiagnostics 2012-09-22 06:15 . 2009-08-31 15:20 462848 ----a-w- c:\windows\system32\ApiCtlPlan2.ocx 2012-09-22 06:15 . 1998-07-12 22:00 89600 ----a-w- c:\windows\system32\CMCTLFR.DLL 2012-09-22 06:15 . 1997-08-22 00:02 475168 ----a-w- c:\windows\system32\sstabs32.ocx 2012-09-21 14:13 . 2012-09-23 09:34 -------- d-----w- c:\users\Julien\vp5 2012-09-21 14:13 . 2012-09-21 14:13 -------- d-----w- C:\stilog 2012-09-21 13:41 . 2012-09-21 13:41 -------- d-----w- c:\program files\Target Skills 2012-09-21 13:41 . 2012-09-21 13:41 -------- d-----w- c:\users\Julien\AppData\Roaming\InstallShield 2012-09-21 13:19 . 2012-09-22 09:16 -------- d-----w- c:\users\Julien\AppData\Roaming\Media Finder 2012-09-21 09:51 . 2012-09-21 09:51 -------- d-----w- c:\users\Julien\.PlanningForce_Portfolio_Planner 2012-09-21 09:51 . 2012-09-21 09:51 -------- d-----w- c:\users\Julien\.eclipse 2012-09-21 09:32 . 2012-09-21 09:32 -------- d-----w- c:\program files\XLS-Planning FREE 2012-09-20 09:56 . 2012-09-20 09:56 -------- d-----w- c:\users\Julien\AppData\Local\rocherdigital 2012-09-20 09:56 . 2012-09-23 07:07 -------- d-----w- c:\program files\LocationSaisonniere 2012-09-19 09:41 . 2012-09-19 09:41 -------- d-----w- c:\users\Julien\siptapi 2012-09-19 07:49 . 2012-08-21 11:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-09-19 07:48 . 2012-09-19 07:49 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2012-09-19 07:48 . 2012-09-19 07:48 -------- d-----w- c:\program files\iPod 2012-09-19 07:48 . 2012-09-19 07:49 -------- d-----w- c:\program files\iTunes 2012-09-13 16:43 . 2012-09-13 16:43 -------- d-----w- c:\users\Julien\AppData\Local\Microsoft Corporation 2012-09-13 16:43 . 2012-09-23 12:39 -------- d-----w- c:\users\Julien\AppData\Local\assembly 2012-09-13 07:26 . 2012-09-13 07:19 10752 ----a-w- c:\windows\system32\KOAZ8S_L.DLL 2012-09-12 16:40 . 2012-09-12 16:40 -------- d-----w- c:\users\Julien\AppData\Local\Edisys 2012-09-12 16:35 . 2011-09-22 15:18 73064 ----a-w- c:\windows\system32\perf-MSSQL$MSSMLBIZ-sqlctr10.3.5500.0.dll 2012-09-12 02:22 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-09-12 02:22 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys 2012-09-12 02:22 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-09-12 02:22 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys 2012-09-12 02:22 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-09-12 02:22 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll 2012-09-10 16:22 . 2012-09-10 16:22 -------- d-----w- c:\program files\Microsoft Small Business 2012-09-10 16:22 . 2012-09-10 16:22 -------- d-----w- c:\program files\Microsoft Chart Controls 2012-09-10 16:21 . 2009-03-31 04:57 50200 ----a-w- c:\windows\system32\perf-SQLAgent$MSSMLBIZ-sqlagtctr10.1.2531.0.dll 2012-09-10 09:05 . 2012-09-10 09:05 -------- d-----w- C:\OutlookAttachments 2012-09-10 09:04 . 2012-09-10 09:04 -------- d-----w- c:\program files\Outlook Attachment Remover 2012-09-09 08:55 . 2012-09-14 06:06 -------- d-----w- c:\program files\Olifax 2012-09-09 08:44 . 2012-09-09 08:44 -------- d-----w- C:\Olifax 2012-09-09 08:41 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll 2012-09-05 08:59 . 2012-09-05 09:00 -------- d-----w- c:\users\Julien\AppData\Roaming\Voxmobili 2012-09-05 08:59 . 2012-09-05 08:59 -------- d-----w- c:\program files\PC Sync 2012-09-05 08:59 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll 2012-09-05 08:59 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll 2012-09-05 08:59 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll 2012-09-05 08:59 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll 2012-09-05 08:59 . 2005-04-03 20:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe 2012-09-05 08:58 . 2012-09-05 08:58 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll 2012-09-05 08:58 . 2012-09-05 08:58 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll 2012-09-05 08:58 . 2012-09-05 08:58 -------- d-----w- c:\users\Julien\AppData\Roaming\com.orange.widgetfax 2012-09-05 08:58 . 2012-09-05 08:58 -------- d-----w- c:\program files\Orange 2012-09-05 08:57 . 2012-09-05 09:00 -------- d-----w- c:\users\Julien\AppData\Roaming\Orange 2012-09-05 07:53 . 2012-09-05 07:53 -------- d-----w- c:\programdata\tpfmon 2012-09-05 07:53 . 2012-09-05 07:53 -------- d-----w- c:\program files\Axmapresse 2012-09-04 05:47 . 2012-09-04 05:47 -------- d-----w- c:\users\Julien\AppData\Roaming\Boole & Partners 2012-08-29 09:07 . 2012-08-29 09:07 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 2012-08-29 09:07 . 2012-08-29 09:07 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 2012-08-29 09:07 . 2012-08-29 09:07 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 2012-08-29 09:07 . 2012-08-29 09:07 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 2012-08-29 09:07 . 2012-08-29 09:07 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 2012-08-29 09:07 . 2012-08-29 09:07 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 2012-08-29 09:07 . 2012-08-29 09:07 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll 2012-08-29 09:07 . 2012-08-29 09:07 -------- d-----w- c:\program files\QuickTime . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-21 13:21 . 2012-04-05 05:31 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-21 13:21 . 2012-01-17 10:53 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-21 11:01 . 2011-07-27 08:13 106928 ----a-w- c:\windows\system32\GEARAspi.dll 2012-07-18 17:47 . 2012-08-15 17:31 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-07-09 11:42 . 2012-07-09 11:42 4547984 ----a-w- c:\windows\system32\usbaaplrc.dll 2012-07-09 11:42 . 2012-07-09 11:42 44032 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2012-07-04 21:14 . 2012-08-15 17:31 41984 ----a-w- c:\windows\system32\browcli.dll 2012-07-04 21:14 . 2012-08-15 17:31 102912 ----a-w- c:\windows\system32\browser.dll 2012-06-29 13:43 . 2010-06-24 10:33 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-06-29 00:16 . 2012-08-16 01:00 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-06-29 00:09 . 2012-08-16 01:00 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-06-29 00:08 . 2012-08-16 01:00 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-06-29 00:04 . 2012-08-16 01:00 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-06-29 00:00 . 2012-08-16 01:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-07-16 05:22 . 2012-06-13 12:28 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EyeOnFiles.exe"="c:\program files\HGMB\EyeOnFiles\EyeOnFiles.exe" [2011-09-21 5319680] "iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-07-27 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtDCpl.exe" [2010-10-04 2697832] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-04 1753192] "IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160] "IMSS"="c:\program files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2011-01-17 112152] "RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336] "PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-29 50472] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 71152] "BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2012-05-23 1200880] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776] . c:\users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Mes services pro.lnk - c:\program files\Orange\Mes services pro\Mes services pro.exe [2012-9-5 142336] OneNote 2010 - Capture d’écran et lancement.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264] PC Sync.lnk - c:\program files\PC Sync\Voxsync.exe [2012-9-5 696832] Serveur réseau.lnk - c:\program files\WIBUKEY\Server\WkSvMgr.exe [2011-7-27 3768320] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CANAL+ CANALSAT A LA DEMANDE] 2011-10-20 11:13 163992 ----a-w- c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool] 2010-11-17 09:35 514544 ----a-w- c:\program files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileDocuments] 2012-02-23 11:30 59240 ----a-w- c:\program files\Common Files\Apple\Internet Services\ubd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2011-07-27 13:48 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] R3 Arrakis3;BitDefender Serveur Arrakis;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x] R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x] R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x] R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [x] R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x] R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [x] R4 SQLAgent$MSSMLBIZ;Agent SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [x] S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [x] S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [x] S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [x] S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [x] S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x] S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [x] S2 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [x] S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files\Intel\Services\IPT\jhi_service.exe [x] S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [x] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c6232.sys [x] S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] S3 MEI;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [x] S3 Wibukey2;Wibukey2;c:\windows\system32\drivers\wibukey2.sys [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan . Contenu du dossier 'Tâches planifiées' . 2012-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 13:21] . 2012-09-23 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-07-27 07:26] . 2012-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-27 13:49] . 2012-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-27 13:49] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Settings,ProxyOverride = *.local IE: &Envoyer à OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll Trusted Zone: atos.net\*.aw Trusted Zone: atosorigin.com\*.aw Trusted Zone: geoportail.fr Trusted Zone: geoportail.gouv.fr Trusted Zone: atos.net\*.aw Trusted Zone: atosorigin.com\*.aw Trusted Zone: geoportail.fr Trusted Zone: geoportail.gouv.fr TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Julien\AppData\Roaming\Mozilla\Firefox\Profiles\cc4ddfhk.default\ FF - prefs.js: browser.startup.homepage - hxxp://maps.google.fr/ . - - - - ORPHELINS SUPPRIMES - - - - . Toolbar-Locked - (no file) . . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'Explorer.exe'(5892) c:\program files\NVIDIA Corporation\nView\nview.dll c:\program files\NVIDIA Corporation\nView\NVWRSFR.DLL c:\windows\system32\nvapi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe c:\program files\BitDefender\BitDefender 2010\vsserv.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\taskhost.exe c:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE c:\windows\system32\conhost.exe c:\program files\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe c:\windows\system32\conhost.exe c:\windows\system32\rundll32.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe c:\program files\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\windows\system32\sppsvc.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Heure de fin: 2012-09-23 14:49:25 - La machine a redémarré ComboFix-quarantined-files.txt 2012-09-23 12:49 . Avant-CF: 431 918 317 568 octets libres Après-CF: 431 819 939 840 octets libres . - - End Of File - - 47F3822584E17460082F533C382E5BA0 ---- 23.09.12 - 15h17 ---- ---- 23.09.12 - 15h20 ---- Merci d'avance pour votre aide.
×
×
  • Créer...