PC infecté
Dernière réponse : dans Sécurité
Mon PC est lent et avast me trouve un virus et trojan
j ai fait un scan en ligne avec kaspersky il est en cours
Pouvez vous m'aider
j ai lu dans une discution que la personne avait le meme probleme que moi et moi aussi j ai dans progrmme files un dossier INTEL
j ai fait un scan en ligne avec kaspersky il est en cours
Pouvez vous m'aider
j ai lu dans une discution que la personne avait le meme probleme que moi et moi aussi j ai dans progrmme files un dossier INTEL
Autres pages sur : infecte
Lassé par la pub ? Créez un compte
Rapport kaspersky
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, May 20, 2008 4:20:46 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 20/05/2008
Kaspersky Anti-Virus database records: 787903
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
T:\
Z:\
Scan Statistics:
Total number of scanned objects: 80190
Number of viruses found: 6
Number of infected objects: 19
Number of suspicious objects: 0
Duration of the scan process: 02:35:41
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\791576950ebfab18ffae65fe78f04804_317f7cfe-190a-4e83-b1c9-595527d33e6e Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Application Data\QSPMShare Object is locked skipped
C:\Documents and Settings\lionel 2\Application Data\Teleca\Telecalib\Logging\Application logs\SpecificUSB_log.txt Object is locked skipped
C:\Documents and Settings\lionel 2\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Historique\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Historique\History.IE5\MSHist012008052020080521\index.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\iecCBE.tmp Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\JET3BBA.tmp Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\UNDB595A.ac$ Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\UNDO.ac$ Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\~DFF93D.tmp Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\~effc28\~efe2.tmp Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Mes documents\08 04 32 128\Documents graphiques\Vic Zonage indice C.dwg Object is locked skipped
C:\Documents and Settings\lionel 2\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\lionel 2\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\selfdef.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program Files\RealVNC\VNC4\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\Program Files\RealVNC\VNC4\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\Program Files\RealVNC\VNC4\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\Program Files\RealVNC\VNC4\wm_hooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP1\change.log Object is locked skipped
C:\Temp\nEzts0230.exe/data0002 Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\Temp\nEzts0230.exe/data0003 Infected: Trojan-Downloader.Win32.Small.vrq skipped
C:\Temp\nEzts0230.exe/data0004 Infected: not-a-virus:AdWare.Win32.ZenoSearch.bg skipped
C:\Temp\nEzts0230.exe/data0005/stream/data0007/stream/Script Infected: Trojan.NSIS.StartPage.c skipped
C:\Temp\nEzts0230.exe/data0005/stream/data0007/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\Temp\nEzts0230.exe/data0005/stream/data0007 Infected: Trojan.NSIS.StartPage.c skipped
C:\Temp\nEzts0230.exe/data0005/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\Temp\nEzts0230.exe/data0005 Infected: Trojan.NSIS.StartPage.c skipped
C:\Temp\nEzts0230.exe NSIS: infected - 8 skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Antivirus.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\emL1\roEbdll2.exe/stream/data0007/stream/Script Infected: Trojan.NSIS.StartPage.c skipped
C:\WINDOWS\SYSTEM32\emL1\roEbdll2.exe/stream/data0007/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\WINDOWS\SYSTEM32\emL1\roEbdll2.exe/stream/data0007 Infected: Trojan.NSIS.StartPage.c skipped
C:\WINDOWS\SYSTEM32\emL1\roEbdll2.exe/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\WINDOWS\SYSTEM32\emL1\roEbdll2.exe NSIS: infected - 4 skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\SYSTEM32\logXv01\logXv011065.exe Infected: Trojan-Downloader.Win32.VB.enh skipped
C:\WINDOWS\SYSTEM32\SPOOL\PRINTERS\FP00000.SHD Object is locked skipped
C:\WINDOWS\SYSTEM32\SPOOL\PRINTERS\FP00000.SPL Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_778.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan was interrupted by user!
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, May 20, 2008 4:20:46 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 20/05/2008
Kaspersky Anti-Virus database records: 787903
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
T:\
Z:\
Scan Statistics:
Total number of scanned objects: 80190
Number of viruses found: 6
Number of infected objects: 19
Number of suspicious objects: 0
Duration of the scan process: 02:35:41
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\791576950ebfab18ffae65fe78f04804_317f7cfe-190a-4e83-b1c9-595527d33e6e Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Application Data\QSPMShare Object is locked skipped
C:\Documents and Settings\lionel 2\Application Data\Teleca\Telecalib\Logging\Application logs\SpecificUSB_log.txt Object is locked skipped
C:\Documents and Settings\lionel 2\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Historique\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Historique\History.IE5\MSHist012008052020080521\index.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\iecCBE.tmp Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\JET3BBA.tmp Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\UNDB595A.ac$ Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\UNDO.ac$ Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\~DFF93D.tmp Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temp\~effc28\~efe2.tmp Object is locked skipped
C:\Documents and Settings\lionel 2\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\lionel 2\Mes documents\08 04 32 128\Documents graphiques\Vic Zonage indice C.dwg Object is locked skipped
C:\Documents and Settings\lionel 2\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\lionel 2\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\selfdef.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\Program Files\RealVNC\VNC4\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\Program Files\RealVNC\VNC4\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\Program Files\RealVNC\VNC4\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\Program Files\RealVNC\VNC4\wm_hooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP1\change.log Object is locked skipped
C:\Temp\nEzts0230.exe/data0002 Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\Temp\nEzts0230.exe/data0003 Infected: Trojan-Downloader.Win32.Small.vrq skipped
C:\Temp\nEzts0230.exe/data0004 Infected: not-a-virus:AdWare.Win32.ZenoSearch.bg skipped
C:\Temp\nEzts0230.exe/data0005/stream/data0007/stream/Script Infected: Trojan.NSIS.StartPage.c skipped
C:\Temp\nEzts0230.exe/data0005/stream/data0007/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\Temp\nEzts0230.exe/data0005/stream/data0007 Infected: Trojan.NSIS.StartPage.c skipped
C:\Temp\nEzts0230.exe/data0005/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\Temp\nEzts0230.exe/data0005 Infected: Trojan.NSIS.StartPage.c skipped
C:\Temp\nEzts0230.exe NSIS: infected - 8 skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Antivirus.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\emL1\roEbdll2.exe/stream/data0007/stream/Script Infected: Trojan.NSIS.StartPage.c skipped
C:\WINDOWS\SYSTEM32\emL1\roEbdll2.exe/stream/data0007/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\WINDOWS\SYSTEM32\emL1\roEbdll2.exe/stream/data0007 Infected: Trojan.NSIS.StartPage.c skipped
C:\WINDOWS\SYSTEM32\emL1\roEbdll2.exe/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\WINDOWS\SYSTEM32\emL1\roEbdll2.exe NSIS: infected - 4 skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\SYSTEM32\logXv01\logXv011065.exe Infected: Trojan-Downloader.Win32.VB.enh skipped
C:\WINDOWS\SYSTEM32\SPOOL\PRINTERS\FP00000.SHD Object is locked skipped
C:\WINDOWS\SYSTEM32\SPOOL\PRINTERS\FP00000.SPL Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_778.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan was interrupted by user!
Rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:01:32, on 20/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\tsnpstd3.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\lionel 2\Mes documents\HIJACKTHIS\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {5F664B78-B4FE-49C7-8EDC-3565EEEB1E42} - C:\WINDOWS\system32\jkkICtsQ.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {F9DF827A-8FA7-48A3-B268-CA4DB563EA40} - C:\WINDOWS\system32\hgGyyvss.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Gsp] C:\Program Files\MagicIp\Gsp.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [BMa77f4114] Rundll32.exe "C:\WINDOWS\system32\thrqnojg.dll",s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background
O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6693F7C-5020-48C7-BABC-1381D3193747}: NameServer = 193.252.19.3,193.252.19.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFFEC35F-A49F-4B0D-BD6E-367097B04C1F}: NameServer = 80.10.246.2,193.252.19.4
O20 - Winlogon Notify: hgGyyvss - C:\WINDOWS\SYSTEM32\hgGyyvss.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
--
End of file - 10300 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:01:32, on 20/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\tsnpstd3.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\lionel 2\Mes documents\HIJACKTHIS\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {5F664B78-B4FE-49C7-8EDC-3565EEEB1E42} - C:\WINDOWS\system32\jkkICtsQ.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {F9DF827A-8FA7-48A3-B268-CA4DB563EA40} - C:\WINDOWS\system32\hgGyyvss.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Gsp] C:\Program Files\MagicIp\Gsp.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [BMa77f4114] Rundll32.exe "C:\WINDOWS\system32\thrqnojg.dll",s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background
O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6693F7C-5020-48C7-BABC-1381D3193747}: NameServer = 193.252.19.3,193.252.19.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFFEC35F-A49F-4B0D-BD6E-367097B04C1F}: NameServer = 80.10.246.2,193.252.19.4
O20 - Winlogon Notify: hgGyyvss - C:\WINDOWS\SYSTEM32\hgGyyvss.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
--
End of file - 10300 bytes
rapport Combofix
ComboFix 08-05-19.4 - lionel 2 2008-05-20 16:42:17.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.189 [GMT 1:00]
Endroit: C:\Documents and Settings\lionel 2\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\AntiSpywareMaster
C:\WINDOWS\cookies.ini
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\dksixrbo.ini
C:\WINDOWS\SYSTEM32\ifnracvs.ini
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\SYSTEM32\QstCIkkj.ini
C:\WINDOWS\SYSTEM32\QstCIkkj.ini2
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-20 to 2008-05-20 ))))))))))))))))))))))))))))))))))))
.
2008-05-20 13:21 . 2008-05-20 13:21 <REP> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-05-20 13:21 . 2008-05-20 13:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-19 16:41 . 2008-05-19 16:41 109,807 --a------ C:\WINDOWS\BMa77f4114.xml
2008-05-19 15:08 . 2008-05-19 15:08 <REP> d-------- C:\WINDOWS\report
2008-05-19 15:07 . 2008-05-19 15:06 35,947,425 --a------ C:\WINDOWS\LPT$VPN.283
2008-05-19 15:06 . 2008-05-19 15:06 <REP> d-------- C:\WINDOWS\AU_Backup
2008-05-19 15:06 . 2008-05-19 15:06 1,952,563 --a------ C:\WINDOWS\tsc.ptn
2008-05-19 15:06 . 2008-05-19 15:06 1,213,784 --a------ C:\WINDOWS\vsapi32.dll
2008-05-19 15:06 . 2008-05-19 15:06 333,576 --a------ C:\WINDOWS\TSC.exe
2008-05-19 15:06 . 2008-05-19 15:06 91,744 --a------ C:\WINDOWS\BPMNT.dll
2008-05-19 15:06 . 2008-05-19 15:06 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2008-05-19 15:06 . 2008-05-19 15:08 823 --a------ C:\WINDOWS\tsc.ini
2008-05-19 15:05 . 2008-05-19 15:06 35,947,425 --a------ C:\WINDOWS\VPTNFILE.283
2008-05-19 14:55 . 2008-05-19 15:06 <REP> d-------- C:\WINDOWS\AU_Temp
2008-05-19 14:55 . 2008-05-19 14:55 <REP> d-------- C:\WINDOWS\AU_Log
2008-05-19 14:55 . 2008-05-19 14:55 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2008-05-19 14:55 . 2008-05-19 14:55 286,720 --a------ C:\WINDOWS\PATCH.EXE
2008-05-19 14:55 . 2008-05-19 14:55 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2008-05-19 14:55 . 2008-05-19 14:55 170 --a------ C:\WINDOWS\GetServer.ini
2008-05-19 10:38 . 2008-05-19 10:38 52,736 --a------ C:\WINDOWS\SYSTEM32\tuvWnmlj.dll
2008-05-19 10:36 . 2008-05-19 10:36 <REP> d-------- C:\WINDOWS\SYSTEM32\3056v
2008-05-19 10:36 . 2008-05-19 10:37 <REP> d-------- C:\Program Files\winvi
2008-05-19 10:35 . 2008-05-19 10:36 <REP> d-------- C:\WINDOWS\SYSTEM32\rDA
2008-05-19 10:35 . 2008-05-20 16:23 <REP> d-------- C:\Temp
2008-05-19 10:35 . 2008-05-19 10:35 52,736 --a------ C:\WINDOWS\SYSTEM32\hgGyyvss.dll
2008-05-15 11:19 . 2008-05-15 11:19 <REP> d-------- C:\Program Files\Picasa2
2008-05-05 14:03 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\NdisIP.sys
2008-05-05 14:03 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\ndisip.sys
2008-05-05 14:03 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.sys
2008-05-05 14:03 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\mstee.sys
2008-05-05 14:01 . 2004-08-04 00:55 91,648 --a------ C:\WINDOWS\SYSTEM32\kswdmcap.ax
2008-05-05 14:01 . 2004-08-04 00:55 91,648 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\kswdmcap.ax
2008-05-05 14:01 . 2004-08-04 00:55 61,952 --a------ C:\WINDOWS\SYSTEM32\kstvtune.ax
2008-05-05 14:01 . 2004-08-04 00:55 61,952 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\kstvtune.ax
2008-05-05 14:01 . 2004-08-04 00:54 54,784 --a------ C:\WINDOWS\SYSTEM32\vfwwdm32.dll
2008-05-05 14:01 . 2004-08-04 00:54 54,784 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\vfwwdm32.dll
2008-05-05 14:01 . 2004-08-04 00:55 43,008 --a------ C:\WINDOWS\SYSTEM32\ksxbar.ax
2008-05-05 14:01 . 2004-08-04 00:55 43,008 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\ksxbar.ax
2008-05-05 14:01 . 2004-08-04 00:55 28,672 --a------ C:\WINDOWS\SYSTEM32\vidcap.ax
2008-05-05 14:01 . 2004-08-04 00:55 28,672 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\vidcap.ax
2008-05-05 14:00 . 2008-05-05 14:00 <REP> d-------- C:\Program Files\Fichiers communs\snpstd3
2008-05-05 14:00 . 2006-09-26 13:46 10,218,624 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\snpstd3.sys
2008-05-05 14:00 . 2006-09-19 09:07 827,392 --a------ C:\WINDOWS\vsnpstd3.exe
2008-05-05 14:00 . 2006-09-26 09:13 270,336 --a------ C:\WINDOWS\tsnpstd3.exe
2008-05-05 14:00 . 2006-04-12 12:11 147,456 --a------ C:\WINDOWS\SYSTEM32\rsnpstd3.dll
2008-05-05 14:00 . 2006-12-05 14:18 94,208 --a------ C:\WINDOWS\amcap.exe
2008-05-05 14:00 . 2006-05-26 15:40 61,440 --a------ C:\WINDOWS\SYSTEM32\vsnpstd3.dll
2008-05-05 14:00 . 2005-11-23 13:55 53,248 --a------ C:\WINDOWS\SYSTEM32\csnpstd3.dll
2008-05-05 14:00 . 2006-12-05 14:18 20,480 --a------ C:\WINDOWS\CameraFixer.exe
2008-05-05 14:00 . 2004-02-27 17:36 15,498 --a------ C:\WINDOWS\snpstd3.ini
2008-05-05 14:00 . 2004-02-27 17:36 13,023 --a------ C:\WINDOWS\snpstd3.src
2008-04-23 07:06 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll
2008-04-23 07:06 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\SYSTEM32\muweb.dll
2008-04-23 07:06 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll.mui
2008-04-22 11:11 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\SYSTEM32\d3dx9_32.dll
2008-04-22 11:07 . 2008-04-22 11:07 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-22 11:07 . 2008-04-28 11:40 <REP> d-------- C:\Documents and Settings\lionel 2\Contacts
2008-04-22 10:48 . 2008-04-23 18:10 <REP> d-------- C:\Program Files\Windows Live
2008-04-22 10:48 . 2008-04-22 10:59 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-04-22 10:48 . 2008-04-22 10:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-21 16:09 . 2008-03-01 13:58 6,066,176 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
2008-04-21 16:09 . 2007-04-17 10:32 2,455,488 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dat
2008-04-21 16:09 . 2007-03-08 06:10 1,048,576 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll.mui
2008-04-21 16:09 . 2008-03-01 13:58 459,264 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\msfeeds.dll
2008-04-21 16:09 . 2008-03-01 13:58 383,488 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
2008-04-21 16:09 . 2008-03-01 13:58 267,776 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\iertutil.dll
2008-04-21 16:09 . 2008-03-01 13:58 63,488 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\icardie.dll
2008-04-21 16:09 . 2008-03-01 13:58 52,224 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\msfeedsbs.dll
2008-04-21 16:09 . 2008-02-22 11:00 13,824 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
2008-04-21 10:04 . 2008-04-22 08:01 <REP> d-------- C:\WINDOWS\SYSTEM32\fr-fr
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-20 12:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-19 10:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-19 10:39 --------- d-----w C:\Program Files\Google
2008-05-19 10:38 --------- d-----w C:\Program Files\denouvel
2008-05-19 10:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-14 09:47 --------- d-----w C:\Program Files\Autodesk Map 2004
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\SYSTEM32\mswstr10.dll
2008-03-25 04:51 621,344 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\SYSTEM32\msjint40.dll
2008-03-25 04:51 194,144 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\SYSTEM32\win32k.sys
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\win32k.sys
2008-03-01 17:28 3,591,680 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2008-02-29 08:57 625,664 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2008-02-29 08:56 70,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\SYSTEM32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\SYSTEM32\dnsrslvr.dll
2008-02-20 05:35 45,568 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\dnsrslvr.dll
2008-02-20 05:35 148,992 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\dnsapi.dll
1997-07-21 18:30 1,045,776 --sha-w C:\WINDOWS\SYSTEM32\Msjet35.dll
1997-06-23 02:00 123,664 --sha-w C:\WINDOWS\SYSTEM32\Msjint35.dll
1997-06-23 11:06 24,848 --sha-w C:\WINDOWS\SYSTEM32\Msjter35.dll
1997-06-23 11:06 252,176 --sha-w C:\WINDOWS\SYSTEM32\Msrd2x35.dll
1997-06-23 11:06 287,504 --sha-w C:\WINDOWS\SYSTEM32\Msxbse35.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5F664B78-B4FE-49C7-8EDC-3565EEEB1E42}]
C:\WINDOWS\system32\jkkICtsQ.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9DF827A-8FA7-48A3-B268-CA4DB563EA40}]
2008-05-19 10:35 52736 --a------ C:\WINDOWS\system32\hgGyyvss.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"WinUpdater"="C:\Program Files\winvi\update.exe" [ ]
"WebSUpdater"="C:\Program Files\winvi\wupda.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-09-13 12:33 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 18:48 32881]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-10-06 22:10 344064]
"PRONoMgr.exe"="C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe" [2003-05-28 18:32 86016]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2004-09-27 12:52 610304]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 12:43 53248]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-02-22 18:16 98304]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-08-13 02:05 122939]
"UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2004-01-07 02:01 110592]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2004-09-15 02:01 86016]
"Gsp"="C:\Program Files\MagicIp\Gsp.exe" [2004-09-15 00:20 623616]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 00:19 79224]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [ ]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-03-30 13:24 185896]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17 159744]
"CameraFixer"="C:\WINDOWS\CameraFixer.exe" [2006-12-05 14:18 20480]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2006-09-26 09:13 270336]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2006-09-19 09:07 827392]
"BMa77f4114"="C:\WINDOWS\system32\thrqnojg.dll" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{F9DF827A-8FA7-48A3-B268-CA4DB563EA40}"= C:\WINDOWS\system32\hgGyyvss.dll [2008-05-19 10:35 52736]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hgGyyvss]
hgGyyvss.dll 2008-05-19 10:35 52736 C:\WINDOWS\SYSTEM32\hgGyyvss.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
C:\WINDOWS\system32\LgNotify.dll 2004-01-12 07:55 110592 C:\WINDOWS\SYSTEM32\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MpfService"=2 (0x2)
"MCVSRte"=2 (0x2)
"mcupdmgr.exe"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"C:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5900:TCP"= 5900:TCP:vnc
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 00:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 00:16]
S3 SE2Fbus;Sony Ericsson Device 047 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Fbus.sys [2006-11-10 10:55]
S3 SE2Fmdfl;Sony Ericsson Device 047 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Fmdfl.sys [2006-11-10 10:55]
S3 SE2Fmdm;Sony Ericsson Device 047 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Fmdm.sys [2006-11-10 10:55]
S3 SE2Fmgmt;Sony Ericsson Device 047 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Fmgmt.sys [2006-11-10 10:55]
S3 se2Fnd5;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (NDIS);C:\WINDOWS\system32\DRIVERS\se2Fnd5.sys [2006-11-10 10:55]
S3 SE2Fobex;Sony Ericsson Device 047 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Fobex.sys [2006-11-10 10:55]
S3 se2Funic;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (WDM);C:\WINDOWS\system32\DRIVERS\se2Funic.sys [2006-11-10 10:55]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{49eb6caf-a46c-11db-bfe4-0011436d60b2}]
\Shell\AutoRun\command - E:\LaunchU3.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2005-02-25 12:10:23 C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job"
ComboFix 08-05-19.4 - lionel 2 2008-05-20 16:42:17.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.189 [GMT 1:00]
Endroit: C:\Documents and Settings\lionel 2\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\AntiSpywareMaster
C:\WINDOWS\cookies.ini
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\dksixrbo.ini
C:\WINDOWS\SYSTEM32\ifnracvs.ini
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\SYSTEM32\QstCIkkj.ini
C:\WINDOWS\SYSTEM32\QstCIkkj.ini2
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-20 to 2008-05-20 ))))))))))))))))))))))))))))))))))))
.
2008-05-20 13:21 . 2008-05-20 13:21 <REP> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-05-20 13:21 . 2008-05-20 13:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-19 16:41 . 2008-05-19 16:41 109,807 --a------ C:\WINDOWS\BMa77f4114.xml
2008-05-19 15:08 . 2008-05-19 15:08 <REP> d-------- C:\WINDOWS\report
2008-05-19 15:07 . 2008-05-19 15:06 35,947,425 --a------ C:\WINDOWS\LPT$VPN.283
2008-05-19 15:06 . 2008-05-19 15:06 <REP> d-------- C:\WINDOWS\AU_Backup
2008-05-19 15:06 . 2008-05-19 15:06 1,952,563 --a------ C:\WINDOWS\tsc.ptn
2008-05-19 15:06 . 2008-05-19 15:06 1,213,784 --a------ C:\WINDOWS\vsapi32.dll
2008-05-19 15:06 . 2008-05-19 15:06 333,576 --a------ C:\WINDOWS\TSC.exe
2008-05-19 15:06 . 2008-05-19 15:06 91,744 --a------ C:\WINDOWS\BPMNT.dll
2008-05-19 15:06 . 2008-05-19 15:06 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2008-05-19 15:06 . 2008-05-19 15:08 823 --a------ C:\WINDOWS\tsc.ini
2008-05-19 15:05 . 2008-05-19 15:06 35,947,425 --a------ C:\WINDOWS\VPTNFILE.283
2008-05-19 14:55 . 2008-05-19 15:06 <REP> d-------- C:\WINDOWS\AU_Temp
2008-05-19 14:55 . 2008-05-19 14:55 <REP> d-------- C:\WINDOWS\AU_Log
2008-05-19 14:55 . 2008-05-19 14:55 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2008-05-19 14:55 . 2008-05-19 14:55 286,720 --a------ C:\WINDOWS\PATCH.EXE
2008-05-19 14:55 . 2008-05-19 14:55 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2008-05-19 14:55 . 2008-05-19 14:55 170 --a------ C:\WINDOWS\GetServer.ini
2008-05-19 10:38 . 2008-05-19 10:38 52,736 --a------ C:\WINDOWS\SYSTEM32\tuvWnmlj.dll
2008-05-19 10:36 . 2008-05-19 10:36 <REP> d-------- C:\WINDOWS\SYSTEM32\3056v
2008-05-19 10:36 . 2008-05-19 10:37 <REP> d-------- C:\Program Files\winvi
2008-05-19 10:35 . 2008-05-19 10:36 <REP> d-------- C:\WINDOWS\SYSTEM32\rDA
2008-05-19 10:35 . 2008-05-20 16:23 <REP> d-------- C:\Temp
2008-05-19 10:35 . 2008-05-19 10:35 52,736 --a------ C:\WINDOWS\SYSTEM32\hgGyyvss.dll
2008-05-15 11:19 . 2008-05-15 11:19 <REP> d-------- C:\Program Files\Picasa2
2008-05-05 14:03 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\NdisIP.sys
2008-05-05 14:03 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\ndisip.sys
2008-05-05 14:03 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.sys
2008-05-05 14:03 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\mstee.sys
2008-05-05 14:01 . 2004-08-04 00:55 91,648 --a------ C:\WINDOWS\SYSTEM32\kswdmcap.ax
2008-05-05 14:01 . 2004-08-04 00:55 91,648 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\kswdmcap.ax
2008-05-05 14:01 . 2004-08-04 00:55 61,952 --a------ C:\WINDOWS\SYSTEM32\kstvtune.ax
2008-05-05 14:01 . 2004-08-04 00:55 61,952 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\kstvtune.ax
2008-05-05 14:01 . 2004-08-04 00:54 54,784 --a------ C:\WINDOWS\SYSTEM32\vfwwdm32.dll
2008-05-05 14:01 . 2004-08-04 00:54 54,784 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\vfwwdm32.dll
2008-05-05 14:01 . 2004-08-04 00:55 43,008 --a------ C:\WINDOWS\SYSTEM32\ksxbar.ax
2008-05-05 14:01 . 2004-08-04 00:55 43,008 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\ksxbar.ax
2008-05-05 14:01 . 2004-08-04 00:55 28,672 --a------ C:\WINDOWS\SYSTEM32\vidcap.ax
2008-05-05 14:01 . 2004-08-04 00:55 28,672 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\vidcap.ax
2008-05-05 14:00 . 2008-05-05 14:00 <REP> d-------- C:\Program Files\Fichiers communs\snpstd3
2008-05-05 14:00 . 2006-09-26 13:46 10,218,624 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\snpstd3.sys
2008-05-05 14:00 . 2006-09-19 09:07 827,392 --a------ C:\WINDOWS\vsnpstd3.exe
2008-05-05 14:00 . 2006-09-26 09:13 270,336 --a------ C:\WINDOWS\tsnpstd3.exe
2008-05-05 14:00 . 2006-04-12 12:11 147,456 --a------ C:\WINDOWS\SYSTEM32\rsnpstd3.dll
2008-05-05 14:00 . 2006-12-05 14:18 94,208 --a------ C:\WINDOWS\amcap.exe
2008-05-05 14:00 . 2006-05-26 15:40 61,440 --a------ C:\WINDOWS\SYSTEM32\vsnpstd3.dll
2008-05-05 14:00 . 2005-11-23 13:55 53,248 --a------ C:\WINDOWS\SYSTEM32\csnpstd3.dll
2008-05-05 14:00 . 2006-12-05 14:18 20,480 --a------ C:\WINDOWS\CameraFixer.exe
2008-05-05 14:00 . 2004-02-27 17:36 15,498 --a------ C:\WINDOWS\snpstd3.ini
2008-05-05 14:00 . 2004-02-27 17:36 13,023 --a------ C:\WINDOWS\snpstd3.src
2008-04-23 07:06 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll
2008-04-23 07:06 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\SYSTEM32\muweb.dll
2008-04-23 07:06 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll.mui
2008-04-22 11:11 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\SYSTEM32\d3dx9_32.dll
2008-04-22 11:07 . 2008-04-22 11:07 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-22 11:07 . 2008-04-28 11:40 <REP> d-------- C:\Documents and Settings\lionel 2\Contacts
2008-04-22 10:48 . 2008-04-23 18:10 <REP> d-------- C:\Program Files\Windows Live
2008-04-22 10:48 . 2008-04-22 10:59 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-04-22 10:48 . 2008-04-22 10:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-21 16:09 . 2008-03-01 13:58 6,066,176 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
2008-04-21 16:09 . 2007-04-17 10:32 2,455,488 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dat
2008-04-21 16:09 . 2007-03-08 06:10 1,048,576 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll.mui
2008-04-21 16:09 . 2008-03-01 13:58 459,264 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\msfeeds.dll
2008-04-21 16:09 . 2008-03-01 13:58 383,488 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
2008-04-21 16:09 . 2008-03-01 13:58 267,776 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\iertutil.dll
2008-04-21 16:09 . 2008-03-01 13:58 63,488 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\icardie.dll
2008-04-21 16:09 . 2008-03-01 13:58 52,224 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\msfeedsbs.dll
2008-04-21 16:09 . 2008-02-22 11:00 13,824 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
2008-04-21 10:04 . 2008-04-22 08:01 <REP> d-------- C:\WINDOWS\SYSTEM32\fr-fr
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-20 12:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-19 10:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-19 10:39 --------- d-----w C:\Program Files\Google
2008-05-19 10:38 --------- d-----w C:\Program Files\denouvel
2008-05-19 10:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-14 09:47 --------- d-----w C:\Program Files\Autodesk Map 2004
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\SYSTEM32\mswstr10.dll
2008-03-25 04:51 621,344 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\SYSTEM32\msjint40.dll
2008-03-25 04:51 194,144 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\SYSTEM32\win32k.sys
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\win32k.sys
2008-03-01 17:28 3,591,680 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2008-02-29 08:57 625,664 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2008-02-29 08:56 70,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\SYSTEM32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\SYSTEM32\dnsrslvr.dll
2008-02-20 05:35 45,568 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\dnsrslvr.dll
2008-02-20 05:35 148,992 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\dnsapi.dll
1997-07-21 18:30 1,045,776 --sha-w C:\WINDOWS\SYSTEM32\Msjet35.dll
1997-06-23 02:00 123,664 --sha-w C:\WINDOWS\SYSTEM32\Msjint35.dll
1997-06-23 11:06 24,848 --sha-w C:\WINDOWS\SYSTEM32\Msjter35.dll
1997-06-23 11:06 252,176 --sha-w C:\WINDOWS\SYSTEM32\Msrd2x35.dll
1997-06-23 11:06 287,504 --sha-w C:\WINDOWS\SYSTEM32\Msxbse35.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5F664B78-B4FE-49C7-8EDC-3565EEEB1E42}]
C:\WINDOWS\system32\jkkICtsQ.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9DF827A-8FA7-48A3-B268-CA4DB563EA40}]
2008-05-19 10:35 52736 --a------ C:\WINDOWS\system32\hgGyyvss.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"WinUpdater"="C:\Program Files\winvi\update.exe" [ ]
"WebSUpdater"="C:\Program Files\winvi\wupda.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-09-13 12:33 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 18:48 32881]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-10-06 22:10 344064]
"PRONoMgr.exe"="C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe" [2003-05-28 18:32 86016]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2004-09-27 12:52 610304]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 12:43 53248]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-02-22 18:16 98304]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-08-13 02:05 122939]
"UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2004-01-07 02:01 110592]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2004-09-15 02:01 86016]
"Gsp"="C:\Program Files\MagicIp\Gsp.exe" [2004-09-15 00:20 623616]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 00:19 79224]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [ ]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-03-30 13:24 185896]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17 159744]
"CameraFixer"="C:\WINDOWS\CameraFixer.exe" [2006-12-05 14:18 20480]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2006-09-26 09:13 270336]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2006-09-19 09:07 827392]
"BMa77f4114"="C:\WINDOWS\system32\thrqnojg.dll" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{F9DF827A-8FA7-48A3-B268-CA4DB563EA40}"= C:\WINDOWS\system32\hgGyyvss.dll [2008-05-19 10:35 52736]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hgGyyvss]
hgGyyvss.dll 2008-05-19 10:35 52736 C:\WINDOWS\SYSTEM32\hgGyyvss.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
C:\WINDOWS\system32\LgNotify.dll 2004-01-12 07:55 110592 C:\WINDOWS\SYSTEM32\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MpfService"=2 (0x2)
"MCVSRte"=2 (0x2)
"mcupdmgr.exe"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"C:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5900:TCP"= 5900:TCP:vnc
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 00:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 00:16]
S3 SE2Fbus;Sony Ericsson Device 047 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Fbus.sys [2006-11-10 10:55]
S3 SE2Fmdfl;Sony Ericsson Device 047 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Fmdfl.sys [2006-11-10 10:55]
S3 SE2Fmdm;Sony Ericsson Device 047 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Fmdm.sys [2006-11-10 10:55]
S3 SE2Fmgmt;Sony Ericsson Device 047 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Fmgmt.sys [2006-11-10 10:55]
S3 se2Fnd5;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (NDIS);C:\WINDOWS\system32\DRIVERS\se2Fnd5.sys [2006-11-10 10:55]
S3 SE2Fobex;Sony Ericsson Device 047 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Fobex.sys [2006-11-10 10:55]
S3 se2Funic;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (WDM);C:\WINDOWS\system32\DRIVERS\se2Funic.sys [2006-11-10 10:55]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{49eb6caf-a46c-11db-bfe4-0011436d60b2}]
\Shell\AutoRun\command - E:\LaunchU3.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2005-02-25 12:10:23 C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job"
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumPc infecté par trojan
- ForumComment savoir si mon pc est infecté
- ForumMon pc est-il infecte
- ForumPc infecte ou pc nettoye
- ForumPc infecte par ver et trojan -
- ForumMon pc est infecte par plusieurs virus
- ForumPc infecte rapport malware avec infections
- ForumMon pc est infecte par spyware
- ForumMon pc infecte par un virus
- ForumPc portable infecte
- Voir plus
