petite analyse de mon pc svp

Section d'analyse de rapports et de désinfection : malwares en tous genre et autres indésirables. Demandes de nettoyage uniquement. Prise en charge restreinte : équipe spécialisée.

Modérateur: Modérateurs

Règles du forum :arrow: Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles).
:arrow: Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications).
:arrow: Un topic par machine, chacun crée le sien. ;)

Re: petite analyse de mon pc svp

Messagepar xeolutyl » 10 Jan 2009 22:34

voilà les rapports :

Logfile of random's system information tool 1.05 (written by random/random)
Run by User at 2009-01-10 22:32:23
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 11 GB (8%) free of 146 GB
Total RAM: 2046 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:32:36, on 10/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\MouseDrv.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Program Files\Satsuki Decoder Pack\MPC\mplayerc.exe
C:\Users\User\Downloads\RSIT(2).exe
C:\Program Files\Trend Micro\HijackThis\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV4\maxtv.exe
O8 - Extra context menu item: &T&élécharger &avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &T&élécharger tout avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &T&élécharger toute vidéo avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSIF8F8.tmp
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10482 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-15 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-07-18 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-15 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
VeriSoft Access Manager - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll [2006-11-21 71192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-10-09 729088]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-09 4390912]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"CognizanceTS"=c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll [2003-12-22 17920]
"WireLessMouse"=C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe [2007-03-06 212992]
"KMCONFIG"=C:\Program Files\Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-04 13556256]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-04 92704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"BitComet"=C:\Program Files\BitComet\BitComet.exe [2008-11-12 2511672]

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MaxTV.lnk - C:\Program Files\DMV\MaxTV4\maxtv.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{130666a1-aeb3-11dd-b54b-001a6bad5509}]
shell\AutoRun\command - RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\usbsecure.exe
shell\open\command - RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\usbsecure.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{26ea6dd3-a76a-11dd-8a51-001a6bad5509}]
shell\AutoRun\command - RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\usbsecure.exe
shell\open\command - RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\usbsecure.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e2b4623-78b7-11dd-9ba4-001a6bad5509}]
shell\AutoRun\command - G:\win32\autoplay.exe


======File associations======

.reg - open - regedit.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-01-10 22:07:46 ----D---- C:\ProgramData\Azureus
2009-01-10 22:07:42 ----D---- C:\Users\User\AppData\Roaming\Azureus
2009-01-10 22:07:42 ----D---- C:\Program Files\AskBarDis
2009-01-10 22:07:09 ----D---- C:\Program Files\Vuze
2009-01-10 19:41:55 ----A---- C:\Windows\system32\WS2Fix.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\VCCLSID.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\VACFix.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\swxcacls.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\swsc.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\swreg.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\SrchSTS.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\Process.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\o4Patch.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\IEDFix.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\IEDFix.C.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\dumphive.exe
2009-01-10 19:41:55 ----A---- C:\Windows\system32\404Fix.exe
2009-01-10 14:06:07 ----D---- C:\Users\User\AppData\Roaming\SystemRequirementsLab
2009-01-07 16:58:05 ----D---- C:\Program Files\Super Internet TV
2009-01-05 22:08:58 ----D---- C:\Program Files\Encyclopédie Médicale Française
2009-01-05 22:08:12 ----A---- C:\Windows\IsUn040c.exe
2009-01-03 14:21:36 ----D---- C:\Program Files\Ubisoft
2009-01-03 10:09:46 ----RHD---- C:\Users\User\AppData\Roaming\SecuROM
2009-01-03 09:56:17 ----A---- C:\Windows\system32\CmdLineExt.dll
2009-01-03 09:56:00 ----A---- C:\Windows\system32\XAudio2_1.dll
2009-01-03 09:56:00 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2009-01-03 09:55:58 ----A---- C:\Windows\system32\xactengine3_1.dll
2009-01-03 09:55:58 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2009-01-03 09:55:58 ----A---- C:\Windows\system32\D3DX9_38.dll
2009-01-03 09:55:58 ----A---- C:\Windows\system32\d3dx10_38.dll
2009-01-03 09:55:58 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2009-01-03 09:55:57 ----A---- C:\Windows\system32\XAudio2_0.dll
2009-01-03 09:55:57 ----A---- C:\Windows\system32\xactengine3_0.dll
2009-01-03 09:55:57 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2009-01-03 09:55:56 ----A---- C:\Windows\system32\xactengine2_10.dll
2009-01-03 09:55:56 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-01-03 09:55:56 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-01-03 09:55:56 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-01-03 09:55:54 ----A---- C:\Windows\system32\d3dx9_36.dll
2009-01-03 09:55:54 ----A---- C:\Windows\system32\d3dx10_36.dll
2009-01-03 09:55:54 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2009-01-03 09:55:53 ----A---- C:\Windows\system32\xactengine2_9.dll
2009-01-03 09:55:53 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-01-03 09:55:53 ----A---- C:\Windows\system32\d3dx10_35.dll
2009-01-03 09:55:53 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2009-01-03 09:55:52 ----A---- C:\Windows\system32\xactengine2_8.dll
2009-01-03 09:55:52 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2009-01-03 09:55:51 ----A---- C:\Windows\system32\d3dx10_34.dll
2009-01-03 09:55:51 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2009-01-03 09:55:49 ----A---- C:\Windows\system32\xinput1_3.dll
2009-01-03 09:55:49 ----A---- C:\Windows\system32\d3dx9_34.dll
2009-01-03 09:55:48 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-01-03 09:55:47 ----A---- C:\Windows\system32\d3dx10_33.dll
2009-01-03 09:55:47 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2009-01-03 09:55:45 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-01-03 09:55:44 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-01-03 09:55:44 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-01-03 09:55:44 ----A---- C:\Windows\system32\d3dx10.dll
2009-01-03 09:55:42 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-01-03 09:55:41 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-01-03 09:55:41 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-01-03 09:55:39 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-01-03 09:55:38 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-01-03 09:55:37 ----A---- C:\Windows\system32\xinput1_2.dll
2009-01-03 09:55:37 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-01-03 09:55:36 ----A---- C:\Windows\system32\xinput1_1.dll
2009-01-03 09:55:36 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-01-03 09:55:19 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-01-03 09:55:19 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-01-03 09:55:19 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-01-03 09:55:18 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-01-03 09:55:16 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-01-03 09:55:15 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-01-03 09:55:14 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-01-03 09:55:13 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-01-03 09:55:11 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-01-03 09:53:18 ----A---- C:\Windows\system32\pbsvc.exe
2009-01-02 19:15:03 ----D---- C:\Program Files\VirtualDubMOD
2009-01-02 10:28:40 ----D---- C:\ProgramData\NVIDIA
2009-01-01 11:44:09 ----HDC---- C:\RD4B335D2AF9F44185AFC417F8D8D4B473DR
2009-01-01 08:36:47 ----D---- C:\Program Files\Happyneuron
2009-01-01 08:31:54 ----D---- C:\ProgramData\BVRP Software
2008-12-31 09:06:11 ----D---- C:\Program Files\Bonjour
2008-12-29 07:39:21 ----D---- C:\Program Files\uTorrent
2008-12-20 15:39:13 ----D---- C:\Program Files\Sudoku
2008-12-20 10:49:09 ----D---- C:\ProgramData\Avira
2008-12-20 10:49:09 ----D---- C:\Program Files\Avira
2008-12-19 18:56:53 ----A---- C:\Windows\_MSRSTRT.EXE
2008-12-18 16:27:07 ----A---- C:\Windows\system32\mshtml.dll
2008-12-18 10:14:43 ----D---- C:\Users\User\AppData\Roaming\Thunderbird
2008-12-18 10:13:30 ----D---- C:\Program Files\Mozilla Thunderbird 3 Beta 1
2008-12-15 10:48:10 ----A---- C:\Windows\system32\javaws.exe
2008-12-15 10:48:10 ----A---- C:\Windows\system32\javaw.exe
2008-12-15 10:48:10 ----A---- C:\Windows\system32\java.exe
2008-12-15 10:48:10 ----A---- C:\Windows\system32\deploytk.dll
2008-12-15 09:50:12 ----D---- C:\Program Files\Secunia
2008-12-12 23:36:45 ----D---- C:\ProgramData\SpeedBit
2008-12-12 23:36:40 ----D---- C:\Program Files\DAP
2008-12-12 17:11:41 ----A---- C:\Windows\system32\tzres.dll
2008-12-12 13:28:05 ----A---- C:\Windows\system32\gdi32.dll
2008-12-12 13:28:02 ----A---- C:\Windows\explorer.exe
2008-12-12 13:27:57 ----A---- C:\Windows\system32\shell32.dll
2008-12-12 13:27:48 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-12 13:27:47 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-12 13:27:40 ----A---- C:\Windows\system32\urlmon.dll
2008-12-12 13:27:39 ----A---- C:\Windows\system32\wininet.dll
2008-12-12 13:27:39 ----A---- C:\Windows\system32\mstime.dll
2008-12-12 13:27:39 ----A---- C:\Windows\system32\ieframe.dll
2008-12-12 13:27:38 ----A---- C:\Windows\system32\iertutil.dll
2008-12-12 13:27:37 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-12 13:27:33 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-12 13:27:33 ----A---- C:\Windows\system32\mf.dll
2008-12-12 13:27:32 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-12 13:27:32 ----A---- C:\Windows\system32\logagent.exe
2008-12-12 11:18:16 ----A---- C:\Windows\system32\dns-sd.exe
2008-12-12 11:11:46 ----A---- C:\Windows\system32\dnssd.dll
2008-12-11 18:43:39 ----D---- C:\Users\User\AppData\Roaming\Apple Computer
2008-12-11 18:43:15 ----DC---- C:\Windows\system32\DRVSTORE
2008-12-11 18:43:15 ----A---- C:\Windows\system32\GEARAspi.dll
2008-12-11 18:42:44 ----D---- C:\Program Files\iPod
2008-12-11 18:42:42 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-11 18:42:42 ----D---- C:\Program Files\iTunes
2008-12-11 18:41:08 ----D---- C:\Program Files\QuickTime
2008-12-11 18:41:07 ----D---- C:\ProgramData\Apple Computer
2008-12-11 18:40:34 ----D---- C:\Program Files\Apple Software Update
2008-12-11 18:39:13 ----D---- C:\ProgramData\Apple
2008-12-11 18:39:13 ----D---- C:\Program Files\Common Files\Apple

======List of files/folders modified in the last 1 months======

2009-01-10 22:32:35 ----D---- C:\Windows\Prefetch
2009-01-10 22:32:27 ----D---- C:\Windows\temp
2009-01-10 22:07:46 ----HD---- C:\ProgramData
2009-01-10 22:07:42 ----RD---- C:\Program Files
2009-01-10 20:48:35 ----D---- C:\Windows\tracing
2009-01-10 19:41:55 ----D---- C:\Windows\System32
2009-01-10 19:41:51 ----D---- C:\Program Files\Mozilla Firefox
2009-01-10 19:12:45 ----D---- C:\bitcomet download
2009-01-10 15:29:38 ----D---- C:\Users\User\AppData\Roaming\uTorrent
2009-01-10 09:16:45 ----D---- C:\Windows\inf
2009-01-10 09:16:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-01-10 08:04:44 ----SHD---- C:\System Volume Information
2009-01-08 21:44:21 ----D---- C:\Windows\Minidump
2009-01-08 21:44:21 ----D---- C:\WINDOWS
2009-01-08 16:01:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-08 16:01:37 ----D---- C:\Windows\system32\drivers
2009-01-07 17:13:30 ----AD---- C:\ProgramData\TEMP
2009-01-03 14:35:50 ----RSD---- C:\Windows\assembly
2009-01-03 14:35:00 ----SHD---- C:\Windows\Installer
2009-01-03 14:35:00 ----HD---- C:\Config.Msi
2009-01-03 14:33:58 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-01-03 14:21:35 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-02 19:33:07 ----D---- C:\Windows\Tasks
2009-01-02 10:17:06 ----D---- C:\Windows\system32\catroot
2009-01-02 10:14:49 ----D---- C:\Windows\system32\catroot2
2009-01-01 11:46:30 ----D---- C:\Windows\system32\config
2008-12-31 07:37:25 ----SD---- C:\Users\User\AppData\Roaming\Microsoft
2008-12-30 12:47:11 ----D---- C:\Windows\system32\Tasks
2008-12-29 22:43:24 ----D---- C:\Users\User\AppData\Roaming\Pro Cycling Manager 2008
2008-12-25 15:41:42 ----D---- C:\Windows\system32\WDI
2008-12-23 21:15:09 ----D---- C:\Program Files\Common Files
2008-12-18 23:03:57 ----D---- C:\Users\User\AppData\Roaming\SolidDocuments
2008-12-18 23:01:19 ----D---- C:\Users\User\AppData\Roaming\Image Zone Express
2008-12-18 16:27:37 ----D---- C:\Windows\winsxs
2008-12-15 10:47:36 ----D---- C:\Program Files\Java
2008-12-12 17:48:36 ----D---- C:\Windows\rescache
2008-12-12 17:29:55 ----D---- C:\Windows\system32\fr-FR
2008-12-12 17:29:55 ----D---- C:\Windows\AppPatch
2008-12-12 17:29:55 ----D---- C:\Program Files\Windows Mail
2008-12-12 17:16:23 ----D---- C:\ProgramData\Microsoft Help
2008-12-11 18:41:53 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2008-09-18 3468904]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-04-08 54272]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-03-28 140424]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-07-18 19456]
R3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-07-18 29184]
R3 btwaudio;Périphérique audio Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2007-01-02 78128]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-01-02 80688]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-01-02 16560]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-12 1747936]
R3 KMWDFilter;KMWDFilter; \??\C:\Windows\System32\Drivers\KMWDFilter.SYS [2008-03-22 17024]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-04 7606688]
R3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-19 49664]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-10-09 981504]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\Windows\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\Windows\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
S3 arz7jgh3;arz7jgh3; C:\Windows\system32\drivers\arz7jgh3.sys []
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-07-18 220160]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2008-11-18 7808]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-04-23 262243]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Mouse Driver\KMWDSrv.exe [2008-03-28 208896]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-04 203296]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-09-16 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-01-03 107832]
R2 SCPDFV4ReadSpool;SolidConverterPDFv4ReadSpool; C:\Windows\Installer\MSIF8F8.tmp [2008-11-04 189688]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2008-09-18 304528]
S2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-04-23 106593]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-18 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []

-----------------EOF-----------------
xeolutyl
Libellulien Junior
Libellulien Junior
 
Messages: 185
Inscription: 07 Nov 2008 14:44

Re: petite analyse de mon pc svp

Messagepar Falkra » 10 Jan 2009 22:38

Il y a un problème là, mes modifs ne passent pas et ne sont pas appliquées par ton PC.

Le logiciel qui suit n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.
Ne pas utiliser en dehors de ce cas de figure ou seul : dangereux.

Télécharge combofix.exe de sUBs et sauvegarde le sur ton bureau (et pas ailleurs).
  • Assure toi que tous les programmes sont fermés avant de commencer.
  • Double-clique combofix.exe afin de l'exécuter.
  • Clique sur "Oui" au message de Limitation de Garantie qui s'affiche.
  • Si on te propose de redémarrer parc qu'un rootkit a été trouvé, fais-le.
  • On va te proposer de télécharger et installer la console de récupération, clique sur "Oui" au message, autorise le téléchargement dans ton firewall si demandé, puis accepte le message de contrat utilisateur final.
  • Le bureau disparaît, c'est normal, et il va revenir.
  • Ne ferme pas la fenêtre qui s'ouvre, tu te retrouverais avec un bureau vide.
  • Lorsque l'analyse sera terminée, un rapport apparaîtra.
  • Copie-colle ce rapport dans ta prochaine réponse.
    Le rapport se trouve dans : C:\Combofix.txt (si jamais).
Avatar de l’utilisateur
Falkra
Admin libellules.ch
Admin libellules.ch
 
Messages: 25882
Inscription: 30 Jan 2005 13:44
Localisation: 127.0.0.1

Re: petite analyse de mon pc svp

Messagepar xeolutyl » 11 Jan 2009 11:28

ComboFix 09-01-10.03 - User 2009-01-11 10:50:31.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2046.1206 [GMT 1:00]
Lancé depuis: c:\users\User\Downloads\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\404Fix.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-11 au 2009-01-11 ))))))))))))))))))))))))))))))))))))
.

2009-01-10 22:07 . 2009-01-11 10:16 <REP> d-------- c:\users\User\AppData\Roaming\Azureus
2009-01-10 22:07 . 2009-01-10 22:07 <REP> d-------- c:\users\All Users\Azureus
2009-01-10 22:07 . 2009-01-10 22:07 <REP> d-------- c:\programdata\Azureus
2009-01-10 22:07 . 2009-01-10 22:07 <REP> d-------- c:\program files\Vuze
2009-01-10 22:07 . 2009-01-10 22:07 <REP> d-------- c:\program files\AskBarDis
2009-01-10 14:06 . 2009-01-10 14:06 <REP> d-------- c:\users\User\AppData\Roaming\SystemRequirementsLab
2009-01-07 16:58 . 2009-01-07 16:58 <REP> d-------- c:\program files\Super Internet TV
2009-01-05 22:08 . 2009-01-05 22:08 <REP> d-------- c:\program files\Encyclopédie Médicale Française
2009-01-05 22:08 . 1997-05-29 16:26 316,416 --a------ c:\windows\IsUn040c.exe
2009-01-03 14:21 . 2009-01-03 14:21 <REP> d-------- c:\program files\Ubisoft
2009-01-03 10:09 . 2009-01-03 10:09 <REP> dr-h----- c:\users\User\AppData\Roaming\SecuROM
2009-01-03 09:56 . 2008-05-30 14:19 507,400 --a------ c:\windows\System32\XAudio2_1.dll
2009-01-03 09:56 . 2009-01-03 09:56 107,888 --a------ c:\windows\System32\CmdLineExt.dll
2009-01-03 09:56 . 2008-05-30 14:17 65,032 --a------ c:\windows\System32\XAPOFX1_0.dll
2009-01-03 09:53 . 2009-01-03 14:33 2,250,024 --a------ c:\windows\System32\pbsvc.exe
2009-01-02 19:15 . 2009-01-02 19:17 <REP> d-------- c:\program files\VirtualDubMOD
2009-01-02 10:28 . 2009-01-02 10:28 <REP> d-------- c:\users\All Users\NVIDIA
2009-01-02 10:28 . 2009-01-02 10:28 <REP> d-------- c:\programdata\NVIDIA
2009-01-02 10:16 . 2009-01-10 14:06 27,744 --a------ c:\users\All Users\nvModes.dat
2009-01-02 10:16 . 2009-01-10 14:06 27,744 --a------ c:\programdata\nvModes.dat
2009-01-01 11:44 . 2009-01-01 11:51 <REP> d--h-c--- C:\RD4B335D2AF9F44185AFC417F8D8D4B473DR
2009-01-01 08:36 . 2009-01-01 08:36 <REP> d-------- c:\program files\Happyneuron
2009-01-01 08:31 . 2009-01-01 08:31 <REP> d-------- c:\users\All Users\BVRP Software
2009-01-01 08:31 . 2009-01-01 08:31 <REP> d-------- c:\programdata\BVRP Software
2008-12-31 09:06 . 2008-12-31 09:06 <REP> d-------- c:\program files\Bonjour
2008-12-29 07:39 . 2008-12-29 07:39 <REP> d-------- c:\program files\uTorrent
2008-12-20 15:39 . 2008-12-20 18:53 <REP> d-------- c:\program files\Sudoku
2008-12-20 10:49 . 2008-12-20 10:49 <REP> d-------- c:\users\All Users\Avira
2008-12-20 10:49 . 2008-12-20 10:49 <REP> d-------- c:\programdata\Avira
2008-12-20 10:49 . 2008-12-20 10:49 <REP> d-------- c:\program files\Avira
2008-12-19 18:56 . 2008-12-19 18:56 2,560 --a------ c:\windows\_MSRSTRT.EXE
2008-12-18 10:14 . 2008-12-18 10:14 <REP> d-------- c:\users\User\AppData\Roaming\Thunderbird
2008-12-18 10:14 . 2008-12-18 10:14 0 --a------ c:\windows\nsreg.dat
2008-12-18 10:13 . 2008-12-18 10:14 <REP> d-------- c:\program files\Mozilla Thunderbird 3 Beta 1
2008-12-15 10:48 . 2008-12-15 10:47 410,984 --a------ c:\windows\System32\deploytk.dll
2008-12-15 09:50 . 2008-12-15 09:50 <REP> d-------- c:\program files\Secunia
2008-12-12 23:36 . 2008-12-19 18:56 <REP> d-------- c:\users\All Users\SpeedBit
2008-12-12 23:36 . 2008-12-19 18:56 <REP> d-------- c:\programdata\SpeedBit
2008-12-12 23:36 . 2008-12-19 18:59 <REP> d-------- c:\program files\DAP
2008-12-12 17:11 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll
2008-12-12 13:28 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe
2008-12-12 13:28 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll
2008-12-12 11:18 . 2008-12-12 11:18 87,336 --a------ c:\windows\System32\dns-sd.exe
2008-12-12 11:11 . 2008-12-12 11:11 61,440 --a------ c:\windows\System32\dnssd.dll
2008-12-11 18:43 . 2008-12-11 18:43 <REP> d----c--- c:\windows\System32\DRVSTORE
2008-12-11 18:43 . 2008-12-11 18:43 <REP> d-------- c:\users\User\AppData\Roaming\Apple Computer
2008-12-11 18:43 . 2008-04-17 13:12 107,368 --a------ c:\windows\System32\GEARAspi.dll
2008-12-11 18:43 . 2008-04-17 13:12 15,464 --a------ c:\windows\System32\drivers\GEARAspiWDM.sys
2008-12-11 18:42 . 2008-12-11 18:43 <REP> d-------- c:\users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-11 18:42 . 2008-12-11 18:43 <REP> d-------- c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-11 18:42 . 2008-12-11 18:43 <REP> d-------- c:\program files\iTunes
2008-12-11 18:42 . 2008-12-11 18:42 <REP> d-------- c:\program files\iPod
2008-12-11 18:41 . 2008-12-11 18:42 <REP> d-------- c:\users\All Users\Apple Computer
2008-12-11 18:41 . 2008-12-11 18:42 <REP> d-------- c:\programdata\Apple Computer
2008-12-11 18:41 . 2008-12-11 18:41 <REP> d-------- c:\program files\QuickTime
2008-12-11 18:40 . 2008-12-11 18:40 <REP> d-------- c:\program files\Apple Software Update
2008-12-11 18:39 . 2008-12-11 18:39 <REP> d-------- c:\users\All Users\Apple
2008-12-11 18:39 . 2008-12-11 18:39 <REP> d-------- c:\programdata\Apple
2008-12-11 18:39 . 2008-12-11 18:42 <REP> d-------- c:\program files\Common Files\Apple

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-11 09:02 --------- d-----w c:\users\User\AppData\Roaming\uTorrent
2009-01-08 15:01 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-01-07 16:13 --------- d---a-w c:\programdata\TEMP
2009-01-05 21:08 --------- d-----w c:\program files\Encyclopédie Médicale Française
2009-01-04 17:38 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-04 17:38 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-03 13:34 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-01-03 13:34 22,328 ----a-w c:\users\User\AppData\Roaming\PnkBstrK.sys
2009-01-03 13:33 107,832 ----a-w c:\windows\System32\PnkBstrB.exe
2009-01-03 13:21 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-31 23:39 27,240 ----a-w c:\users\User\AppData\Roaming\nvModes.dat
2008-12-29 21:43 --------- d-----w c:\users\User\AppData\Roaming\Pro Cycling Manager 2008
2008-12-18 22:03 --------- d-----w c:\users\User\AppData\Roaming\SolidDocuments
2008-12-18 22:01 --------- d-----w c:\users\User\AppData\Roaming\Image Zone Express
2008-12-15 09:47 --------- d-----w c:\program files\Java
2008-12-12 16:29 --------- d-----w c:\program files\Windows Mail
2008-12-12 16:16 --------- d-----w c:\programdata\Microsoft Help
2008-12-04 15:35 --------- d-----w c:\program files\Common Files\HP
2008-12-04 15:34 --------- d-----w c:\program files\HP
2008-12-04 15:04 --------- d-----w c:\users\User\AppData\Roaming\Printer Info Cache
2008-12-01 10:24 --------- d-----w c:\program files\BitComet
2008-12-01 09:48 --------- d-----w c:\programdata\eMule
2008-12-01 09:40 --------- d-----w c:\program files\OpenOffice.org 3
2008-11-30 18:59 --------- d-----w c:\programdata\79a7c93
2008-11-20 18:52 --------- d-----w c:\programdata\Roxio
2008-11-18 13:36 7,808 ----a-w c:\windows\system32\drivers\psi_mf.sys
2008-11-17 15:29 --------- d-----w c:\programdata\Yahoo!
2008-11-17 15:27 --------- d-----w c:\program files\Yahoo!
2008-11-17 14:40 3,668,480 ----a-w c:\windows\system32\drivers\NETw5v32.sys
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll
2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll
2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe
2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll
2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll
2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll
2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll
2008-10-16 13:08 162,064 ----a-w c:\windows\System32\wuwebv.dll
2008-10-16 12:56 31,232 ----a-w c:\windows\System32\wuapp.exe
2008-10-16 04:47 827,392 ----a-w c:\windows\System32\wininet.dll
2008-07-22 22:40 174 --sha-w c:\program files\desktop.ini
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-12-09 18:40 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2008-11-12 2511672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 729088]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"CognizanceTS"="c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll" [2003-12-22 17920]
"WireLessMouse"="c:\program files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe" [2007-03-06 212992]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-09 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=APSHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{4D299392-1501-489F-B8A4-BE2390105666}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{2B8086C9-DF45-436B-84F9-CA6304A21ED3}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{5343604F-01F3-4759-9F6F-E9F1D1A5C736}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"TCP Query User{5F0AC951-1883-4836-8DEC-0BAA5F7354A5}c:\\kav\\kav7.0\\french\\setup.exe"= UDP:c:\kav\kav7.0\french\setup.exe:Programme d'installation de Kaspersky Anti-Virus 7.0
"UDP Query User{E1AF09CE-3B55-4C96-8DBC-82E833C66F44}c:\\kav\\kav7.0\\french\\setup.exe"= TCP:c:\kav\kav7.0\french\setup.exe:Programme d'installation de Kaspersky Anti-Virus 7.0
"TCP Query User{D0C07E36-261D-4CFA-87B6-9EC1C70E076C}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{FD09AEDE-8F9F-4A70-879A-4DF04E788705}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{F726E9C1-D1D8-456F-9AFC-977D73747C50}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{74C0C97D-F099-4D1C-BF9A-74DBDFA26271}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{7FB77E8A-01A7-45C3-97BD-D200BFB5AD14}c:\\program files\\cyanide\\[demo] pro cycling manager - season 2008\\pcmdemo.exe"= UDP:c:\program files\cyanide\[demo] pro cycling manager - season 2008\pcmdemo.exe:pcm
"UDP Query User{CC5FF14C-48FC-40F6-BB6C-A810F5F4F611}c:\\program files\\cyanide\\[demo] pro cycling manager - season 2008\\pcmdemo.exe"= TCP:c:\program files\cyanide\[demo] pro cycling manager - season 2008\pcmdemo.exe:pcm
"{E6A82CF9-E430-468A-A27C-59E5FD142565}"= UDP:23338:bit comet
"{EE3FB14F-EF03-4F2F-88E7-D0F8ECC62D72}"= TCP:23338:bit comet
"{F26197E5-4F67-49B6-8BBA-AFDB44899C60}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{A83297F5-94B4-4284-B103-F18DFC978F27}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{46D7C298-C535-4639-8951-17AB291F9904}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{02A32DAC-5F11-4C08-B38C-5F9CFECA724F}c:\\gtr2\\gtr2.exe"= UDP:c:\gtr2\gtr2.exe:GTR2 - FIA GT Racing Game
"UDP Query User{8FD206B5-4F8C-47AF-9E8F-92855D3100E2}c:\\gtr2\\gtr2.exe"= TCP:c:\gtr2\gtr2.exe:GTR2 - FIA GT Racing Game
"{FF2363CB-BF6B-4991-A4D4-51367E32735D}"= UDP:62441:emule
"{6E5CBA49-6498-4DEB-AF65-BF115710F625}"= TCP:62451:emule
"TCP Query User{86E83AD9-E46E-4055-B469-95794CCCB2E6}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{20A260CC-EA99-4599-8029-932C18C016BA}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{29863867-5C91-498E-BBE0-821063E14168}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{9091D461-6B3B-40D4-94FD-6CAF7EB74325}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{E1D531AD-9ADF-4EE8-9999-27E07468417D}c:\\users\\user\\appdata\\local\\temp\\rar$ex11.781\\emule hardstyle xs\\emule.exe"= UDP:c:\users\user\appdata\local\temp\rar$ex11.781\emule hardstyle xs\emule.exe:emule.exe
"UDP Query User{1BEF88A7-ABBA-423C-AE98-E0B5E3981A55}c:\\users\\user\\appdata\\local\\temp\\rar$ex11.781\\emule hardstyle xs\\emule.exe"= TCP:c:\users\user\appdata\local\temp\rar$ex11.781\emule hardstyle xs\emule.exe:emule.exe
"TCP Query User{4BB2FCBF-8AE5-4FD4-8B3D-4DEF7383B6F1}c:\\neo mule 4.55\\emule.exe"= UDP:c:\neo mule 4.55\emule.exe:eMule
"UDP Query User{164D8E3F-2359-4774-ADF3-52BDE0832A73}c:\\neo mule 4.55\\emule.exe"= TCP:c:\neo mule 4.55\emule.exe:eMule
"{7589FA87-6562-4C3C-B401-84F22045E88D}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{63B11798-0775-4BB7-B25A-3354F725C70F}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{012E6245-F58A-4E7C-9702-2056C7D0C9F6}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{8EC44073-B2E3-4089-AB38-E42EECD1A88B}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{C7BD7376-27A4-4157-84F0-ACEA9052C93A}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{A6FEFF39-5146-43ED-989D-05F777DFBB82}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{1F5D2047-BDD6-458A-B823-BD0F7A68AEE5}"= UDP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"{F9080A73-6581-48F2-B71D-133849223F2C}"= TCP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"{09C23C43-5D8C-4A96-8A1B-C79EE09903CE}"= UDP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"{10FB6C93-091B-485B-911B-4355FB2799B3}"= TCP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"TCP Query User{61765654-5BFA-439B-A8ED-9E238D518769}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{1137AC97-8038-4715-A790-E08A592B63E6}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{CFC542F0-DCD7-4A84-A390-6530C1684441}"= UDP:c:\program files\Cyanide\Pro Cycling Manager - Season 2008\PCM.exe:Pro Cycling Manager - Season 2008
"{7FBA0C33-E357-444E-89AF-8964DF2CC42A}"= TCP:c:\program files\Cyanide\Pro Cycling Manager - Season 2008\PCM.exe:Pro Cycling Manager - Season 2008
"{1DE2965E-2A8D-43FA-AB32-774D7FEE113F}"= UDP:c:\program files\Cyanide\Pro Cycling Manager - Season 2008\Autorun\Exe\Autorun.exe:Pro Cycling Manager - Season 2008 - AutoRun
"{7E162258-66E2-4D2A-A141-31365035B986}"= TCP:c:\program files\Cyanide\Pro Cycling Manager - Season 2008\Autorun\Exe\Autorun.exe:Pro Cycling Manager - Season 2008 - AutoRun
"TCP Query User{AE378EDC-8F39-44DC-B64E-AD7DCC4732B9}c:\\program files\\dmv\\maxtv4\\maxtv.exe"= UDP:c:\program files\dmv\maxtv4\maxtv.exe:maxtv
"UDP Query User{4E7FA085-89CD-43F6-A2CA-C6FA6D5766AA}c:\\program files\\dmv\\maxtv4\\maxtv.exe"= TCP:c:\program files\dmv\maxtv4\maxtv.exe:maxtv
"TCP Query User{0DAF26DC-87A1-4A98-92C3-C2A2C9D64CCA}c:\\program files\\dmv\\maxtv4\\core\\maxtv_xul.exe"= UDP:c:\program files\dmv\maxtv4\core\maxtv_xul.exe:maxtv_xul
"UDP Query User{9198A96C-A57C-4AF2-9522-3A42D47B90E6}c:\\program files\\dmv\\maxtv4\\core\\maxtv_xul.exe"= TCP:c:\program files\dmv\maxtv4\core\maxtv_xul.exe:maxtv_xul
"{471B2E3B-6BB5-40BF-9C1E-316617255999}"= UDP:c:\users\User\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{8430482D-826F-41C5-BB5B-9D9181ECC6D8}"= TCP:c:\users\User\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"TCP Query User{51E4EF6F-85F2-41DD-8048-610B978E4594}c:\\users\\user\\desktop\\emule.exe"= UDP:c:\users\user\desktop\emule.exe:emule.exe
"UDP Query User{DA94BCA2-927C-4AB8-BC65-E2738F341088}c:\\users\\user\\desktop\\emule.exe"= TCP:c:\users\user\desktop\emule.exe:emule.exe
"TCP Query User{DD1237DB-F45C-4809-8AFA-0B900EF1ADD9}c:\\neo mule\\emule.exe"= UDP:c:\neo mule\emule.exe:eMule
"UDP Query User{38D341C6-5B01-4B36-9C79-E8FD995D4622}c:\\neo mule\\emule.exe"= TCP:c:\neo mule\emule.exe:eMule
"{FBF0AE2A-9EAA-45D4-8094-DB18A20F81F1}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{EE8969A4-38CD-4879-B57B-F9F454F58568}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{260CD5FA-64AE-47C3-97E1-83365517BEC0}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{A2359CD2-0070-4023-8E9F-C3628346B3CA}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{764C2D4D-DC3E-4A8A-80A5-2648B3BBAEDB}"= UDP:6346:shareaza
"{26374E58-D0FF-4445-A52D-83E5630A5B20}"= TCP:6346:shareaza
"{F20C756E-9653-49FA-B90E-93F7C00153EF}"= UDP:6346:sahreaza
"{76664662-D8C1-4ACA-807D-2C44702F2F63}"= TCP:6346:shareaza
"TCP Query User{2EDDAC66-01FE-435D-BBFC-45D92BEE081C}c:\\program files\\cyanide\\pro cycling manager - season 2008\\pcm.exe"= UDP:c:\program files\cyanide\pro cycling manager - season 2008\pcm.exe:pcm
"UDP Query User{7E6CEE15-5344-48A1-9327-92FEAFAA8F8A}c:\\program files\\cyanide\\pro cycling manager - season 2008\\pcm.exe"= TCP:c:\program files\cyanide\pro cycling manager - season 2008\pcm.exe:pcm
"{EE43F3B3-9AEB-4E34-8771-B1C1D4AA4F0E}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{5840C2AD-98C0-4506-AC0B-F2E5B5575AD7}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{1EDD1EF5-FF67-4A24-BC8A-22AC3E7AB9E4}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{8C2811B4-0E63-4072-8C62-11611DF56F54}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{F25C0109-86AD-4CEE-AC58-E5CF59921E79}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{F058C4BB-69E2-4B84-BC97-9C664C83FDFA}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"{EE704F2D-6ECC-4BA2-9691-22A114DA51DB}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{DFC6AB1D-4226-45A2-AB7D-D7CD8D9686B7}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{FAC298F4-8063-47FA-AEF7-D4A8245B17AF}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{39EE7C5D-08D2-40A3-846D-2F8FC044D968}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{79A2C805-9263-4898-8748-8EE541AFE3F8}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur
"{BF2FE3CE-5DC0-4A51-9052-70C22E3260AB}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur
"{98E6B4C6-7F27-444A-9B08-69E2D30C75EF}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{6C6D2105-6F95-475A-83A1-CB38AD9279B6}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{0C3A3119-849A-41B2-BAA6-E969CA25F154}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{C5C8064F-E6BE-4F68-A3DB-1B8252AE926C}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{B9242672-61DD-4E95-BDB2-0294DE6FCF41}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur
"{E3AC075A-506D-4D19-A7E7-CCF46C77A3E1}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur
"{BF8C96BF-9EBD-46FB-AF03-7A6C440CD187}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{EDAD98C7-46D9-4111-BA30-7606D1A9E388}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{CE213197-D421-4BE2-883C-63AB82FDEFAF}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{F7108BC8-4923-4D59-95BC-1D60F063E633}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{BDD2A697-F98C-4672-9A5F-2244F8538684}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{CF45B7C1-72C4-453E-9BE5-B316D8424AF5}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{51932F7D-66F0-437B-B78E-DC9A28560B57}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{9538F85A-8114-4BCD-85BB-37AC19F11417}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)

R1 appdrv01;Application Driver (01);c:\windows\System32\drivers\appdrv01.sys [2008-09-18 3468904]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [2008-11-17 3668480]
R4 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [2008-07-22 21504]
R4 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [2008-07-22 21504]
R4 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [2008-03-28 208896]
R4 SCPDFV4ReadSpool;SolidConverterPDFv4ReadSpool;c:\windows\Installer\MSIF8F8.tmp [2008-11-04 189688]
S3 PSI;PSI;c:\windows\System32\drivers\psi_mf.sys [2008-11-18 7808]
S4 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e2b4623-78b7-11dd-9ba4-001a6bad5509}]
\shell\AutoRun\command - g:\win32\autoplay.exe
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ie/def ... .yahoo.com
IE: &T&élécharger &avec BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &T&élécharger tout avec BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &T&élécharger toute vidéo avec BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\papi4hhr.default\
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
FF - component: c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\papi4hhr.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - component: c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\papi4hhr.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\papi4hhr.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-11 11:19:15
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(756)
c:\program files\Bioscrypt\VeriSoft\bin\ASWLNPkg.dll
c:\program files\Bioscrypt\VeriSoft\bin\ItMsg.dll

- - - - - - - > 'Explorer.exe'(1336)
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\windows\System32\rundll32.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\program files\Bioscrypt\VeriSoft\Bin\asghost.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\System32\PnkBstrA.exe
c:\windows\System32\PnkBstrB.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\HP\QuickPlay\Kernel\TV\CLSched.exe
c:\windows\System32\conime.exe
c:\program files\Secunia\PSI\psi.exe
c:\windows\System32\rundll32.exe
c:\program files\Trust\Trust R-series Mouse And Keyboard\MouseDrv.exe
c:\program files\Mouse Driver\KMCONFIG.exe
c:\program files\Mouse Driver\KMProcess.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Heure de fin: 2009-01-11 11:24:48 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-11 10:24:44

Avant-CF: 9.690.079.232 octets libres
Après-CF: 9,285,107,712 octets libres

359 --- E O F --- 2009-01-08 20:57:17
xeolutyl
Libellulien Junior
Libellulien Junior
 
Messages: 185
Inscription: 07 Nov 2008 14:44

Re: petite analyse de mon pc svp

Messagepar Falkra » 11 Jan 2009 11:51

:!: Ce qui suit n'est que pour ta machine, et ta machine seulement.
Ne surtout pas utiliser sur une autre machine : dangereux.

  • Ouvre le Bloc-notes. Vérifie que dans le menu "Format", le "retour automatique à la ligne" est désactivé. Copie colle ceci dedans :
killall::

folder::
c:\program files\AskBarDis

registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=-

Firefox::
FireFox -: Profile - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\papi4hhr.default\
FireFox -: prefs.js: browser.search.selectedEngine

  • Sauvegarde cela comme fichier texte nommé CFScript, sur le bureau.
  • Fais un glisser/déposer de ce fichier CFscript sur le fichier ComboFix.exe comme sur la capture
Image
  • Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
  • Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

Ensuite ajoute un nouveau rapport HijackThis stp après ce rapport là.
Avatar de l’utilisateur
Falkra
Admin libellules.ch
Admin libellules.ch
 
Messages: 25882
Inscription: 30 Jan 2005 13:44
Localisation: 127.0.0.1

Re: petite analyse de mon pc svp

Messagepar xeolutyl » 11 Jan 2009 12:49

ok petit soucis est que combo se relance comme lors de la première fois ??? c'est normal ?
xeolutyl
Libellulien Junior
Libellulien Junior
 
Messages: 185
Inscription: 07 Nov 2008 14:44

Re: petite analyse de mon pc svp

Messagepar Falkra » 11 Jan 2009 14:03

Combofix va refaire une passe complète, mais en prenant en compte le fihcier que tu fais glisser sur son icône.
Avatar de l’utilisateur
Falkra
Admin libellules.ch
Admin libellules.ch
 
Messages: 25882
Inscription: 30 Jan 2005 13:44
Localisation: 127.0.0.1

Re: petite analyse de mon pc svp

Messagepar xeolutyl » 11 Jan 2009 15:00

ComboFix 09-01-10.03 - User 2009-01-11 14:30:19.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2046.1098 [GMT 1:00]
Lancé depuis: c:\users\User\Downloads\ComboFix.exe
Commutateurs utilisés :: c:\users\User\Desktop\CFScript.txt
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Settings\AskLogo.ico
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-11 au 2009-01-11 ))))))))))))))))))))))))))))))))))))
.

2009-01-10 22:07 . 2009-01-11 10:16 <REP> d-------- c:\users\User\AppData\Roaming\Azureus
2009-01-10 22:07 . 2009-01-10 22:07 <REP> d-------- c:\users\All Users\Azureus
2009-01-10 22:07 . 2009-01-10 22:07 <REP> d-------- c:\programdata\Azureus
2009-01-10 22:07 . 2009-01-10 22:07 <REP> d-------- c:\program files\Vuze
2009-01-10 14:06 . 2009-01-10 14:06 <REP> d-------- c:\users\User\AppData\Roaming\SystemRequirementsLab
2009-01-07 16:58 . 2009-01-07 16:58 <REP> d-------- c:\program files\Super Internet TV
2009-01-05 22:08 . 2009-01-05 22:08 <REP> d-------- c:\program files\Encyclopédie Médicale Française
2009-01-05 22:08 . 1997-05-29 16:26 316,416 --a------ c:\windows\IsUn040c.exe
2009-01-03 14:21 . 2009-01-03 14:21 <REP> d-------- c:\program files\Ubisoft
2009-01-03 10:09 . 2009-01-03 10:09 <REP> dr-h----- c:\users\User\AppData\Roaming\SecuROM
2009-01-03 09:56 . 2008-05-30 14:19 507,400 --a------ c:\windows\System32\XAudio2_1.dll
2009-01-03 09:56 . 2009-01-03 09:56 107,888 --a------ c:\windows\System32\CmdLineExt.dll
2009-01-03 09:56 . 2008-05-30 14:17 65,032 --a------ c:\windows\System32\XAPOFX1_0.dll
2009-01-03 09:53 . 2009-01-03 14:33 2,250,024 --a------ c:\windows\System32\pbsvc.exe
2009-01-02 19:15 . 2009-01-02 19:17 <REP> d-------- c:\program files\VirtualDubMOD
2009-01-02 10:28 . 2009-01-02 10:28 <REP> d-------- c:\users\All Users\NVIDIA
2009-01-02 10:28 . 2009-01-02 10:28 <REP> d-------- c:\programdata\NVIDIA
2009-01-02 10:16 . 2009-01-10 14:06 27,744 --a------ c:\users\All Users\nvModes.dat
2009-01-02 10:16 . 2009-01-10 14:06 27,744 --a------ c:\programdata\nvModes.dat
2009-01-01 11:44 . 2009-01-01 11:51 <REP> d--h-c--- C:\RD4B335D2AF9F44185AFC417F8D8D4B473DR
2009-01-01 08:36 . 2009-01-01 08:36 <REP> d-------- c:\program files\Happyneuron
2009-01-01 08:31 . 2009-01-01 08:31 <REP> d-------- c:\users\All Users\BVRP Software
2009-01-01 08:31 . 2009-01-01 08:31 <REP> d-------- c:\programdata\BVRP Software
2008-12-31 09:06 . 2008-12-31 09:06 <REP> d-------- c:\program files\Bonjour
2008-12-29 07:39 . 2008-12-29 07:39 <REP> d-------- c:\program files\uTorrent
2008-12-20 15:39 . 2008-12-20 18:53 <REP> d-------- c:\program files\Sudoku
2008-12-20 10:49 . 2008-12-20 10:49 <REP> d-------- c:\users\All Users\Avira
2008-12-20 10:49 . 2008-12-20 10:49 <REP> d-------- c:\programdata\Avira
2008-12-20 10:49 . 2008-12-20 10:49 <REP> d-------- c:\program files\Avira
2008-12-19 18:56 . 2008-12-19 18:56 2,560 --a------ c:\windows\_MSRSTRT.EXE
2008-12-18 10:14 . 2008-12-18 10:14 <REP> d-------- c:\users\User\AppData\Roaming\Thunderbird
2008-12-18 10:14 . 2008-12-18 10:14 0 --a------ c:\windows\nsreg.dat
2008-12-18 10:13 . 2008-12-18 10:14 <REP> d-------- c:\program files\Mozilla Thunderbird 3 Beta 1
2008-12-15 10:48 . 2008-12-15 10:47 410,984 --a------ c:\windows\System32\deploytk.dll
2008-12-15 09:50 . 2008-12-15 09:50 <REP> d-------- c:\program files\Secunia
2008-12-12 23:36 . 2008-12-19 18:56 <REP> d-------- c:\users\All Users\SpeedBit
2008-12-12 23:36 . 2008-12-19 18:56 <REP> d-------- c:\programdata\SpeedBit
2008-12-12 23:36 . 2008-12-19 18:59 <REP> d-------- c:\program files\DAP
2008-12-12 17:11 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll
2008-12-12 13:28 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe
2008-12-12 13:28 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll
2008-12-12 11:18 . 2008-12-12 11:18 87,336 --a------ c:\windows\System32\dns-sd.exe
2008-12-12 11:11 . 2008-12-12 11:11 61,440 --a------ c:\windows\System32\dnssd.dll
2008-12-11 18:43 . 2008-12-11 18:43 <REP> d----c--- c:\windows\System32\DRVSTORE
2008-12-11 18:43 . 2008-12-11 18:43 <REP> d-------- c:\users\User\AppData\Roaming\Apple Computer
2008-12-11 18:43 . 2008-04-17 13:12 107,368 --a------ c:\windows\System32\GEARAspi.dll
2008-12-11 18:43 . 2008-04-17 13:12 15,464 --a------ c:\windows\System32\drivers\GEARAspiWDM.sys
2008-12-11 18:42 . 2008-12-11 18:43 <REP> d-------- c:\users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-11 18:42 . 2008-12-11 18:43 <REP> d-------- c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-11 18:42 . 2008-12-11 18:43 <REP> d-------- c:\program files\iTunes
2008-12-11 18:42 . 2008-12-11 18:42 <REP> d-------- c:\program files\iPod
2008-12-11 18:41 . 2008-12-11 18:42 <REP> d-------- c:\users\All Users\Apple Computer
2008-12-11 18:41 . 2008-12-11 18:42 <REP> d-------- c:\programdata\Apple Computer
2008-12-11 18:41 . 2008-12-11 18:41 <REP> d-------- c:\program files\QuickTime
2008-12-11 18:40 . 2008-12-11 18:40 <REP> d-------- c:\program files\Apple Software Update
2008-12-11 18:39 . 2008-12-11 18:39 <REP> d-------- c:\users\All Users\Apple
2008-12-11 18:39 . 2008-12-11 18:39 <REP> d-------- c:\programdata\Apple
2008-12-11 18:39 . 2008-12-11 18:42 <REP> d-------- c:\program files\Common Files\Apple

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-11 09:02 --------- d-----w c:\users\User\AppData\Roaming\uTorrent
2009-01-08 15:01 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-01-07 16:13 --------- d---a-w c:\programdata\TEMP
2009-01-05 21:08 --------- d-----w c:\program files\Encyclopédie Médicale Française
2009-01-04 17:38 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-04 17:38 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-03 13:34 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-01-03 13:34 22,328 ----a-w c:\users\User\AppData\Roaming\PnkBstrK.sys
2009-01-03 13:33 107,832 ----a-w c:\windows\System32\PnkBstrB.exe
2009-01-03 13:21 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-31 23:39 27,240 ----a-w c:\users\User\AppData\Roaming\nvModes.dat
2008-12-29 21:43 --------- d-----w c:\users\User\AppData\Roaming\Pro Cycling Manager 2008
2008-12-18 22:03 --------- d-----w c:\users\User\AppData\Roaming\SolidDocuments
2008-12-18 22:01 --------- d-----w c:\users\User\AppData\Roaming\Image Zone Express
2008-12-15 09:47 --------- d-----w c:\program files\Java
2008-12-12 16:29 --------- d-----w c:\program files\Windows Mail
2008-12-12 16:16 --------- d-----w c:\programdata\Microsoft Help
2008-12-04 15:35 --------- d-----w c:\program files\Common Files\HP
2008-12-04 15:34 --------- d-----w c:\program files\HP
2008-12-04 15:04 --------- d-----w c:\users\User\AppData\Roaming\Printer Info Cache
2008-12-01 10:24 --------- d-----w c:\program files\BitComet
2008-12-01 09:48 --------- d-----w c:\programdata\eMule
2008-12-01 09:40 --------- d-----w c:\program files\OpenOffice.org 3
2008-11-30 18:59 --------- d-----w c:\programdata\79a7c93
2008-11-20 18:52 --------- d-----w c:\programdata\Roxio
2008-11-18 13:36 7,808 ----a-w c:\windows\system32\drivers\psi_mf.sys
2008-11-17 15:29 --------- d-----w c:\programdata\Yahoo!
2008-11-17 15:27 --------- d-----w c:\program files\Yahoo!
2008-11-17 14:40 3,668,480 ----a-w c:\windows\system32\drivers\NETw5v32.sys
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll
2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll
2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe
2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll
2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll
2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll
2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll
2008-10-16 13:08 162,064 ----a-w c:\windows\System32\wuwebv.dll
2008-10-16 12:56 31,232 ----a-w c:\windows\System32\wuapp.exe
2008-10-16 04:47 827,392 ----a-w c:\windows\System32\wininet.dll
2008-07-22 22:40 174 --sha-w c:\program files\desktop.ini
.

((((((((((((((((((((((((((((( snapshot@2009-01-11_11.23.08.80 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-01-11 10:19:10 155,648 ----a-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-01-11 13:42:54 155,648 ----a-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2009-01-11 10:19:10 151,552 ----a-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-01-11 13:42:54 151,552 ----a-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2009-01-11 09:38:56 11,376 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2890952810-2710814870-269491509-1000_UserData.bin
+ 2009-01-11 11:03:23 11,670 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2890952810-2710814870-269491509-1000_UserData.bin
- 2009-01-11 09:38:56 88,230 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-01-11 11:03:23 88,584 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-01-11 09:38:55 56,342 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-01-11 11:03:21 56,342 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2008-11-12 2511672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 729088]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"CognizanceTS"="c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll" [2003-12-22 17920]
"WireLessMouse"="c:\program files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe" [2007-03-06 212992]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-09 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=APSHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{4D299392-1501-489F-B8A4-BE2390105666}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{2B8086C9-DF45-436B-84F9-CA6304A21ED3}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{5343604F-01F3-4759-9F6F-E9F1D1A5C736}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"TCP Query User{5F0AC951-1883-4836-8DEC-0BAA5F7354A5}c:\\kav\\kav7.0\\french\\setup.exe"= UDP:c:\kav\kav7.0\french\setup.exe:Programme d'installation de Kaspersky Anti-Virus 7.0
"UDP Query User{E1AF09CE-3B55-4C96-8DBC-82E833C66F44}c:\\kav\\kav7.0\\french\\setup.exe"= TCP:c:\kav\kav7.0\french\setup.exe:Programme d'installation de Kaspersky Anti-Virus 7.0
"TCP Query User{D0C07E36-261D-4CFA-87B6-9EC1C70E076C}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{FD09AEDE-8F9F-4A70-879A-4DF04E788705}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{F726E9C1-D1D8-456F-9AFC-977D73747C50}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{74C0C97D-F099-4D1C-BF9A-74DBDFA26271}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{7FB77E8A-01A7-45C3-97BD-D200BFB5AD14}c:\\program files\\cyanide\\[demo] pro cycling manager - season 2008\\pcmdemo.exe"= UDP:c:\program files\cyanide\[demo] pro cycling manager - season 2008\pcmdemo.exe:pcm
"UDP Query User{CC5FF14C-48FC-40F6-BB6C-A810F5F4F611}c:\\program files\\cyanide\\[demo] pro cycling manager - season 2008\\pcmdemo.exe"= TCP:c:\program files\cyanide\[demo] pro cycling manager - season 2008\pcmdemo.exe:pcm
"{E6A82CF9-E430-468A-A27C-59E5FD142565}"= UDP:23338:bit comet
"{EE3FB14F-EF03-4F2F-88E7-D0F8ECC62D72}"= TCP:23338:bit comet
"{F26197E5-4F67-49B6-8BBA-AFDB44899C60}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{A83297F5-94B4-4284-B103-F18DFC978F27}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{46D7C298-C535-4639-8951-17AB291F9904}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{02A32DAC-5F11-4C08-B38C-5F9CFECA724F}c:\\gtr2\\gtr2.exe"= UDP:c:\gtr2\gtr2.exe:GTR2 - FIA GT Racing Game
"UDP Query User{8FD206B5-4F8C-47AF-9E8F-92855D3100E2}c:\\gtr2\\gtr2.exe"= TCP:c:\gtr2\gtr2.exe:GTR2 - FIA GT Racing Game
"{FF2363CB-BF6B-4991-A4D4-51367E32735D}"= UDP:62441:emule
"{6E5CBA49-6498-4DEB-AF65-BF115710F625}"= TCP:62451:emule
"TCP Query User{86E83AD9-E46E-4055-B469-95794CCCB2E6}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{20A260CC-EA99-4599-8029-932C18C016BA}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{29863867-5C91-498E-BBE0-821063E14168}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{9091D461-6B3B-40D4-94FD-6CAF7EB74325}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{E1D531AD-9ADF-4EE8-9999-27E07468417D}c:\\users\\user\\appdata\\local\\temp\\rar$ex11.781\\emule hardstyle xs\\emule.exe"= UDP:c:\users\user\appdata\local\temp\rar$ex11.781\emule hardstyle xs\emule.exe:emule.exe
"UDP Query User{1BEF88A7-ABBA-423C-AE98-E0B5E3981A55}c:\\users\\user\\appdata\\local\\temp\\rar$ex11.781\\emule hardstyle xs\\emule.exe"= TCP:c:\users\user\appdata\local\temp\rar$ex11.781\emule hardstyle xs\emule.exe:emule.exe
"TCP Query User{4BB2FCBF-8AE5-4FD4-8B3D-4DEF7383B6F1}c:\\neo mule 4.55\\emule.exe"= UDP:c:\neo mule 4.55\emule.exe:eMule
"UDP Query User{164D8E3F-2359-4774-ADF3-52BDE0832A73}c:\\neo mule 4.55\\emule.exe"= TCP:c:\neo mule 4.55\emule.exe:eMule
"{7589FA87-6562-4C3C-B401-84F22045E88D}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{63B11798-0775-4BB7-B25A-3354F725C70F}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{012E6245-F58A-4E7C-9702-2056C7D0C9F6}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{8EC44073-B2E3-4089-AB38-E42EECD1A88B}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{C7BD7376-27A4-4157-84F0-ACEA9052C93A}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{A6FEFF39-5146-43ED-989D-05F777DFBB82}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{1F5D2047-BDD6-458A-B823-BD0F7A68AEE5}"= UDP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"{F9080A73-6581-48F2-B71D-133849223F2C}"= TCP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"{09C23C43-5D8C-4A96-8A1B-C79EE09903CE}"= UDP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"{10FB6C93-091B-485B-911B-4355FB2799B3}"= TCP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"TCP Query User{61765654-5BFA-439B-A8ED-9E238D518769}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{1137AC97-8038-4715-A790-E08A592B63E6}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{CFC542F0-DCD7-4A84-A390-6530C1684441}"= UDP:c:\program files\Cyanide\Pro Cycling Manager - Season 2008\PCM.exe:Pro Cycling Manager - Season 2008
"{7FBA0C33-E357-444E-89AF-8964DF2CC42A}"= TCP:c:\program files\Cyanide\Pro Cycling Manager - Season 2008\PCM.exe:Pro Cycling Manager - Season 2008
"{1DE2965E-2A8D-43FA-AB32-774D7FEE113F}"= UDP:c:\program files\Cyanide\Pro Cycling Manager - Season 2008\Autorun\Exe\Autorun.exe:Pro Cycling Manager - Season 2008 - AutoRun
"{7E162258-66E2-4D2A-A141-31365035B986}"= TCP:c:\program files\Cyanide\Pro Cycling Manager - Season 2008\Autorun\Exe\Autorun.exe:Pro Cycling Manager - Season 2008 - AutoRun
"TCP Query User{AE378EDC-8F39-44DC-B64E-AD7DCC4732B9}c:\\program files\\dmv\\maxtv4\\maxtv.exe"= UDP:c:\program files\dmv\maxtv4\maxtv.exe:maxtv
"UDP Query User{4E7FA085-89CD-43F6-A2CA-C6FA6D5766AA}c:\\program files\\dmv\\maxtv4\\maxtv.exe"= TCP:c:\program files\dmv\maxtv4\maxtv.exe:maxtv
"TCP Query User{0DAF26DC-87A1-4A98-92C3-C2A2C9D64CCA}c:\\program files\\dmv\\maxtv4\\core\\maxtv_xul.exe"= UDP:c:\program files\dmv\maxtv4\core\maxtv_xul.exe:maxtv_xul
"UDP Query User{9198A96C-A57C-4AF2-9522-3A42D47B90E6}c:\\program files\\dmv\\maxtv4\\core\\maxtv_xul.exe"= TCP:c:\program files\dmv\maxtv4\core\maxtv_xul.exe:maxtv_xul
"{471B2E3B-6BB5-40BF-9C1E-316617255999}"= UDP:c:\users\User\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{8430482D-826F-41C5-BB5B-9D9181ECC6D8}"= TCP:c:\users\User\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"TCP Query User{51E4EF6F-85F2-41DD-8048-610B978E4594}c:\\users\\user\\desktop\\emule.exe"= UDP:c:\users\user\desktop\emule.exe:emule.exe
"UDP Query User{DA94BCA2-927C-4AB8-BC65-E2738F341088}c:\\users\\user\\desktop\\emule.exe"= TCP:c:\users\user\desktop\emule.exe:emule.exe
"TCP Query User{DD1237DB-F45C-4809-8AFA-0B900EF1ADD9}c:\\neo mule\\emule.exe"= UDP:c:\neo mule\emule.exe:eMule
"UDP Query User{38D341C6-5B01-4B36-9C79-E8FD995D4622}c:\\neo mule\\emule.exe"= TCP:c:\neo mule\emule.exe:eMule
"{FBF0AE2A-9EAA-45D4-8094-DB18A20F81F1}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{EE8969A4-38CD-4879-B57B-F9F454F58568}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{260CD5FA-64AE-47C3-97E1-83365517BEC0}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{A2359CD2-0070-4023-8E9F-C3628346B3CA}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{764C2D4D-DC3E-4A8A-80A5-2648B3BBAEDB}"= UDP:6346:shareaza
"{26374E58-D0FF-4445-A52D-83E5630A5B20}"= TCP:6346:shareaza
"{F20C756E-9653-49FA-B90E-93F7C00153EF}"= UDP:6346:sahreaza
"{76664662-D8C1-4ACA-807D-2C44702F2F63}"= TCP:6346:shareaza
"TCP Query User{2EDDAC66-01FE-435D-BBFC-45D92BEE081C}c:\\program files\\cyanide\\pro cycling manager - season 2008\\pcm.exe"= UDP:c:\program files\cyanide\pro cycling manager - season 2008\pcm.exe:pcm
"UDP Query User{7E6CEE15-5344-48A1-9327-92FEAFAA8F8A}c:\\program files\\cyanide\\pro cycling manager - season 2008\\pcm.exe"= TCP:c:\program files\cyanide\pro cycling manager - season 2008\pcm.exe:pcm
"{EE43F3B3-9AEB-4E34-8771-B1C1D4AA4F0E}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{5840C2AD-98C0-4506-AC0B-F2E5B5575AD7}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{1EDD1EF5-FF67-4A24-BC8A-22AC3E7AB9E4}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{8C2811B4-0E63-4072-8C62-11611DF56F54}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{F25C0109-86AD-4CEE-AC58-E5CF59921E79}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{F058C4BB-69E2-4B84-BC97-9C664C83FDFA}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"{EE704F2D-6ECC-4BA2-9691-22A114DA51DB}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{DFC6AB1D-4226-45A2-AB7D-D7CD8D9686B7}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{FAC298F4-8063-47FA-AEF7-D4A8245B17AF}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{39EE7C5D-08D2-40A3-846D-2F8FC044D968}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{79A2C805-9263-4898-8748-8EE541AFE3F8}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur
"{BF2FE3CE-5DC0-4A51-9052-70C22E3260AB}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur
"{98E6B4C6-7F27-444A-9B08-69E2D30C75EF}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{6C6D2105-6F95-475A-83A1-CB38AD9279B6}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{0C3A3119-849A-41B2-BAA6-E969CA25F154}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{C5C8064F-E6BE-4F68-A3DB-1B8252AE926C}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{B9242672-61DD-4E95-BDB2-0294DE6FCF41}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur
"{E3AC075A-506D-4D19-A7E7-CCF46C77A3E1}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur
"{BF8C96BF-9EBD-46FB-AF03-7A6C440CD187}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{EDAD98C7-46D9-4111-BA30-7606D1A9E388}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{CE213197-D421-4BE2-883C-63AB82FDEFAF}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{F7108BC8-4923-4D59-95BC-1D60F063E633}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{BDD2A697-F98C-4672-9A5F-2244F8538684}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{CF45B7C1-72C4-453E-9BE5-B316D8424AF5}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{51932F7D-66F0-437B-B78E-DC9A28560B57}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{9538F85A-8114-4BCD-85BB-37AC19F11417}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)

R1 appdrv01;Application Driver (01);c:\windows\System32\drivers\appdrv01.sys [2008-09-18 3468904]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [2008-11-17 3668480]
R3 PSI;PSI;c:\windows\System32\drivers\psi_mf.sys [2008-11-18 7808]
R4 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [2008-07-22 21504]
R4 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [2008-07-22 21504]
R4 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [2008-03-28 208896]
R4 SCPDFV4ReadSpool;SolidConverterPDFv4ReadSpool;c:\windows\Installer\MSIF8F8.tmp [2008-11-04 189688]
S4 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e2b4623-78b7-11dd-9ba4-001a6bad5509}]
\shell\AutoRun\command - g:\win32\autoplay.exe
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ie/def ... .yahoo.com
IE: &T&élécharger &avec BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &T&élécharger tout avec BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &T&élécharger toute vidéo avec BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\papi4hhr.default\
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
FF - component: c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\papi4hhr.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - component: c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\papi4hhr.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\papi4hhr.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-11 14:42:57
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(752)
c:\program files\Bioscrypt\VeriSoft\bin\ASWLNPkg.dll
c:\program files\Bioscrypt\VeriSoft\bin\ItMsg.dll

- - - - - - - > 'Explorer.exe'(5400)
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
c:\program files\Bioscrypt\VeriSoft\Bin\asghost.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\System32\PnkBstrA.exe
c:\windows\System32\PnkBstrB.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\System32\iashost.exe
c:\program files\HP\QuickPlay\Kernel\TV\CLSched.exe
c:\program files\Secunia\PSI\psi.exe
c:\windows\System32\conime.exe
c:\program files\Trust\Trust R-series Mouse And Keyboard\MouseDrv.exe
c:\windows\System32\rundll32.exe
c:\program files\Mouse Driver\KMCONFIG.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\Mouse Driver\KMProcess.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Heure de fin: 2009-01-11 14:48:17 - La machine a redémarré [User]
ComboFix-quarantined-files.txt 2009-01-11 13:48:14
ComboFix2.txt 2009-01-11 10:24:49

Avant-CF: 7.713.243.136 octets libres
Après-CF: 7,062,859,776 octets libres

357 --- E O F --- 2009-01-08 20:57:17
xeolutyl
Libellulien Junior
Libellulien Junior
 
Messages: 185
Inscription: 07 Nov 2008 14:44

Re: petite analyse de mon pc svp

Messagepar xeolutyl » 11 Jan 2009 15:04

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:02:40, on 11/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Windows\system32\conime.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\MouseDrv.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV4\maxtv.exe
O8 - Extra context menu item: &T&élécharger &avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &T&élécharger tout avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &T&élécharger toute vidéo avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSIF8F8.tmp
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9351 bytes
xeolutyl
Libellulien Junior
Libellulien Junior
 
Messages: 185
Inscription: 07 Nov 2008 14:44

Re: petite analyse de mon pc svp

Messagepar Falkra » 11 Jan 2009 15:11

Ca a fait le boulot. Est-ce que c'est mieux ?
Avatar de l’utilisateur
Falkra
Admin libellules.ch
Admin libellules.ch
 
Messages: 25882
Inscription: 30 Jan 2005 13:44
Localisation: 127.0.0.1

Re: petite analyse de mon pc svp

Messagepar xeolutyl » 11 Jan 2009 15:20

oui ca va mieux un grand merci falkra :supers:
xeolutyl
Libellulien Junior
Libellulien Junior
 
Messages: 185
Inscription: 07 Nov 2008 14:44

Re: petite analyse de mon pc svp

Messagepar Falkra » 11 Jan 2009 15:22

Désinstalle combofix : entre combofix /u dans la boite exécuter du menu démarrer.
Après cela, efface ce dossier s'il existe encore.
C:\QooBox


Il faut bien garder ton système et les logiciels à jour pour éviter les vulnérabilités.
PSI de Secunia peut t'y aider. https://psi.secunia.com/
JavaRa peut t'y aider pour Java : http://raproducts.org/
Tu peux protéger ta navigation avec Firefox et le sécuriser :
http://www.libellules.ch/securiser_firefox_1.php

Voici un peu de lecture, une compilation de conseils pour éviter une réinfection et sécuriser la machine.

Un petit point sur les risques du P2P en matière de sécurité logicielle (par Ogu) :
Image (clique sur l'image).

Plus d'infos dans la FAQ sécurité du site.

N'hésite pas à poser des questions, cette partie est aussi importante que la désinfection.

Tu peux marquer résolu dans le titre, (en éditant le premier post, le titre devient modifiable).
Avatar de l’utilisateur
Falkra
Admin libellules.ch
Admin libellules.ch
 
Messages: 25882
Inscription: 30 Jan 2005 13:44
Localisation: 127.0.0.1

Re: petite analyse de mon pc svp

Messagepar xeolutyl » 29 Jan 2009 22:03

bonsoir Falkra,

voilà je repost un log , car mon pc m'énnerve ses temps ci , je m'explique il est lent sur mozilla, quand je suis sur msn et que quelqu'un se connecte et que la fenetre se ferme c'est au ralenti , il agit comme si il y avait un cd dedans au niveau bruit alors qu'il n'y a rien dedans

je ne sais pas ce qu'il a , peut être tourne t il trop ou infection j'aimerais juste être sur hihhi ---> de mande à un spécialiste en la matière

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:03:22, on 29/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\MouseDrv.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.turkojan.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV4\maxtv.exe
O8 - Extra context menu item: &T&élécharger &avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &T&élécharger tout avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &T&élécharger toute vidéo avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSIF8F8.tmp
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9928 bytes
xeolutyl
Libellulien Junior
Libellulien Junior
 
Messages: 185
Inscription: 07 Nov 2008 14:44

Re: petite analyse de mon pc svp

Messagepar Falkra » 29 Jan 2009 22:05

Ton rapport ne montre rien d'anormal, en tout cas.
Avatar de l’utilisateur
Falkra
Admin libellules.ch
Admin libellules.ch
 
Messages: 25882
Inscription: 30 Jan 2005 13:44
Localisation: 127.0.0.1

Re: petite analyse de mon pc svp

Messagepar xeolutyl » 29 Jan 2009 22:10

ok petit coup de chauffe alors???
xeolutyl
Libellulien Junior
Libellulien Junior
 
Messages: 185
Inscription: 07 Nov 2008 14:44

Re: petite analyse de mon pc svp

Messagepar Falkra » 29 Jan 2009 22:15

Possible, mais plus rare.

Everest te dira, pour les températures, jette un oeil :
http://www.lavalys.com/
Avatar de l’utilisateur
Falkra
Admin libellules.ch
Admin libellules.ch
 
Messages: 25882
Inscription: 30 Jan 2005 13:44
Localisation: 127.0.0.1

Re: petite analyse de mon pc svp

Messagepar xeolutyl » 17 Mai 2009 21:24

bonsoir Falkra , la suite de ce poste tombe bien , car après l'écran bleu 2mois après écran noir la carte LCD ou je sais aps trop qu'ils m'ont dit au magasin qui était out ...

là j'ai récupéré mon pc donc je remet un petit post car autant garder les bonnes habitudes... et puis vu que c'est bien fait raison de plus :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:08:40, on 17/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Program Files\Trust\Trust R-series Mouse And Keyboard\MouseDrv.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SndVol.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV4\maxtv.exe
O8 - Extra context menu item: &T&élécharger &avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &T&élécharger tout avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &T&élécharger toute vidéo avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10289 bytes
xeolutyl
Libellulien Junior
Libellulien Junior
 
Messages: 185
Inscription: 07 Nov 2008 14:44

Re: petite analyse de mon pc svp

Messagepar Falkra » 17 Mai 2009 22:27

Hé bé.

Le rapport est ok en tout cas, et ne montre pas d'infection active.
Avatar de l’utilisateur
Falkra
Admin libellules.ch
Admin libellules.ch
 
Messages: 25882
Inscription: 30 Jan 2005 13:44
Localisation: 127.0.0.1

Re: petite analyse de mon pc svp

Messagepar xeolutyl » 18 Mai 2009 15:54

oki merci

Mais ma connexion internet est très même trop lente genre pour ouvrir une page ou regarder une vidéo

est ce que ca peut venir d'outils malveillants invisible ??? ou alors mon quotas FAI qui est out mais comment le voir ?je suis chez euphonynet
xeolutyl
Libellulien Junior
Libellulien Junior
 
Messages: 185
Inscription: 07 Nov 2008 14:44

Re: petite analyse de mon pc svp

Messagepar Falkra » 18 Mai 2009 16:27

Vois ici, notamment pour la partie internet, et dis moi ce que ça donne :
http://www.libellules.ch/tuto_pc_rame.php
Avatar de l’utilisateur
Falkra
Admin libellules.ch
Admin libellules.ch
 
Messages: 25882
Inscription: 30 Jan 2005 13:44
Localisation: 127.0.0.1

Re: petite analyse de mon pc svp

Messagepar xeolutyl » 18 Mai 2009 17:23

non tjrs aussi lent

mais si qq1 chez moi à télécharger est-ce possible que le quota de téléchargement soi déjà utilisé et que ça fasse tt ralentir??
xeolutyl
Libellulien Junior
Libellulien Junior
 
Messages: 185
Inscription: 07 Nov 2008 14:44

PrécédenteSuivante

Retourner vers Désinfections et demandes d'analyse

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 0 invités