|
| |||||||
| S'inscrire | Site Spy | Liste des membres | Faire un don | Recherche | Aujourd'hui, les postes | Marquer les forums comme lus | Forum Rules |
 |
 |
| | Thread Tools |
|
#1
6 novembre 2008, 02:16
| |||
| |||
| Virus: iexplore.exe que processus système Je n'arrive pas à fermer iexplore.exe, même quand il n'y a pas ouvert l'explorateur windows. Annonces toujours pop up de temps en temps. J'entends aussi la voix ad / bruits en arrière-plan. Il est gênant et je pense que la performance du système a ralenti. S'il vous plaît, aidez. Ceci est mon log HijackThis: Logfile de HijackThis v1.99.1 Scan sauvé à 4:15:28 AM, le 11.6.2008 Plate-forme: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Running processes: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe C: \ WINDOWS \ Explorer.EXE C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe C: \ WINDOWS \ RTHDCPL.EXE C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe C: \ WINDOWS \ system32 \ RUNDLL32.EXE C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe C: \ PROGRA ~ 1 \ Common ~ 1 \ Nokia \ MPAPI \ MPAPI3s.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ WINDOWS \ System32 \ PSIService.exe C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe C: \ Program Files \ Common Files \ PCSuite \ Services \ ServiceLayer.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashmaisv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Winamp \ winamp.exe C: \ Program Files \ Real \ RealPlayer \ RealPlay.exe C: \ WINDOWS \ system32 \ s1S8Dh6X.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ HijackThis \ HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E) - C: \ Program Files \ easyMule \ modules \ IE2EM.dll O2 - BHO: RealPlayer Téléchargez et Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file) O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName O4 - HKLM \ .. \ Run: [Ai Nap] "C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe" O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Program Files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" O4 - HKLM \ .. \ Run: [Cpu Level Up help] C: \ Program Files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe O4 - HKLM \ .. \ Run: [ASUS Energy Saving] "C: \ Program Files \ ASUS \ Ai Suite \ EnergySaving \ PwSave.exe" O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM \ .. \ Run: [Alcmtr] alcmtr.exe O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe"-osboot O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / startup O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe O4 - HKCU \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKCU \ .. \ Run: [\ \ MING3 \ EPSON Stylus C120 Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATIC CA.EXE / FU "C: \ DOCUME ~ 1 \ MKJ \ LOCALS ~ 1 \ Temp \ E_S13.tmp "/ EF" HKCU " O4 - HKCU \ .. \ Run: [PcSync] C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog O8 - Extra menu item: Add to Google Photos Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200 O8 - Extra du menu contextuel: Télécharger par easyMule - C: \ Program Files \ easyMule \ IE2EM.htm O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing) O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O10 - Unknown file dans Winsock LSP: c: \ program files \ bonjour \ mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International * O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://www.update.microsoft.com/wind...?1224821007296 O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1224825458984 O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL O20 - Winlogon Notify: dimsntfy -% SystemRoot% \ System32 \ dimsntfy.dll (file missing) O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv.exe O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C: \ Program Files \ Alwil Software \ Avast4 \ ashmaisv.exe "/ service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe "/ service (file missing) O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: ProtexisLicensing - Unknown owner - C: \ WINDOWS \ System32 \ PSIService.exe O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ Common Files \ PCSuite \ Services \ ServiceLayer.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe |
|
#2
6 novembre 2008, 09:37
| |||
| |||
| Virus: iexplore.exe que processus système Télécharger CCleaner Slim et de l'enregistrer sur votre bureau. Lorsque le fichier a été sauvegardé, allez sur votre bureau et double-cliquez sur ccsetupxxx_slim.exe Suivez les instructions pour installer le programme. Terminez l'installation puis:
---------- Maintenant, installez la nouvelle version du logiciel HijackThis et d'envoyer le log de celui-ci. Télécharger TrendMicro HijackThis.exe (HJT) pour le bureau.
__________________  |
|
#3
6e novembre 2008, 16:19
| |||
| |||
| Virus: iexplore.exe que processus système J'ai couru le CCleaner et réinstallé la nouvelle version du logiciel HijackThis. Logfile de Trend Micro HijackThis v2.0.2 Scan sauvé à 6:18:15 PM, le 11.6.2008 Plate-forme: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe C: \ WINDOWS \ Explorer.EXE C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe C: \ WINDOWS \ RTHDCPL.EXE C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe C: \ WINDOWS \ system32 \ RUNDLL32.EXE C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ WINDOWS \ System32 \ PSIService.exe C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe C: \ Program Files \ Common Files \ PCSuite \ Services \ ServiceLayer.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashmaisv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ s1S8Dh6X.exe C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ acrord32.exe C: \ PROGRA ~ 1 \ Common ~ 1 \ PCSuite \ DATALA ~ 1 \ DATALA ~ 1.EXE C: \ WINDOWS \ system32 \ conime.exe C: \ Program Files \ CCleaner \ CCleaner.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ WINDOWS \ system32 \ Wuauclt.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E) - C: \ Program Files \ easyMule \ modules \ IE2EM.dll O2 - BHO: RealPlayer Téléchargez et Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file) O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName O4 - HKLM \ .. \ Run: [Ai Nap] "C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe" O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Program Files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" O4 - HKLM \ .. \ Run: [Cpu Level Up help] C: \ Program Files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe O4 - HKLM \ .. \ Run: [ASUS Energy Saving] "C: \ Program Files \ ASUS \ Ai Suite \ EnergySaving \ PwSave.exe" O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM \ .. \ Run: [Alcmtr] alcmtr.exe O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe"-osboot O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / startup O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe O4 - HKCU \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKCU \ .. \ Run: [\ \ MING3 \ EPSON Stylus C120 Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATIC CA.EXE / FU "C: \ DOCUME ~ 1 \ MKJ \ LOCALS ~ 1 \ Temp \ E_S13.tmp "/ EF" HKCU " O4 - HKCU \ .. \ Run: [PcSync] C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2009] C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe / S O4 - HKUS \ S-1-5-19 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ System32 \ CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ System32 \ CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ System32 \ CTFMON.EXE (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ System32 \ CTFMON.EXE (User 'Default user') O8 - Extra menu item: Add to Google Photos Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200 O8 - Extra du menu contextuel: Télécharger par easyMule - C: \ Program Files \ easyMule \ IE2EM.htm O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O15 - ESC Trusted Zone: http:// *. update.microsoft.com O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://www.update.microsoft.com/wind...?1224821007296 O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1224825458984 O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv.exe O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashmaisv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: ProtexisLicensing - Unknown owner - C: \ WINDOWS \ System32 \ PSIService.exe O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ Common Files \ PCSuite \ Services \ ServiceLayer.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe -- Fin de file - 7422 bytes Quelle est la prochaine étape? Merci pour votre aide. |
|
#4
6 novembre 2008, 16:53
| |||
| |||
| Virus: iexplore.exe que processus système Pour scanner des fichiers suspects S'il vous plaît aller à VirSCAN.org FREE scan en ligne de services (Si plus d'un fichier scanné besoins, ils doivent être fait séparément et les journaux affichés pour chacun) 1. Copiez et collez le fichier suivant dans le chemin Pour scanner des fichiers suspects case sur le haut de la page. Code: C: \ WINDOWS \ system32 \ s1S8Dh6X.exe 3. Presse Ctrl + V sur le clavier (les deux en même temps) pour coller le chemin du fichier dans la fenêtre. 4. Cliquez sur le Envoyer bouton. Cela effectuer une analyse sur plusieurs moteurs de scan de virus différents. Votre dossier sera peut-être entrés dans une file d'attente qui prend normalement moins d'une minute pour effacer. Important: Attendez que tous les moteurs d'analyse à compléter. 5. Une fois le balayage est terminé faites défiler vers le bas et cliquez sur le Copier dans le Presse-papiers bouton. Cela vous permettra de copier le lien du rapport dans le Presse-papiers. 6. Collez le contenu du Presse-papiers dans votre prochaine réponse.
__________________ |
|
#5
6e novembre 2008, 17:19
| |||
| |||
| Virus: iexplore.exe que processus système Voici le presse-papiers pour le fichier d'informations sur s1S8Dh6X.exe. Informations sur les fichiers Nom du fichier: s1S8Dh6X.exeFile Taille: 62464 byteFile Type: PE32 exécutable pour MS Windows (GUI) Intel 80386 32-bitMD5: 895f4e2eed5a30e317460e66989042d0SHA1: 8d133ba222ce2d511ff28d900586e79041a8b4cfScanner résultats des résultats du scanner: Scanner à 8% (3 / 39) a malware! Time: 2008 / 11/06 19:15:08 (EST)Scanner  Moteur de VerSig VerDate de SigRésultat du scanHeurea-squared4.0.0.232008.11.032008-11-03--1.832AhnLab V32008.11.07.012008.11.072008-11-07-- 0.987AntiVir7.9.0.267.1.0.492008-11-06-- 1.503Antiy2.0.1820081106.15602992008-11-06-- 0.122Arcavir1.0.52008110611442008-11-06-- 1.227Authentium5.1.12008110611422008-11-06-- 1.367AVAST! 3.0.1081106-02008-11-06-- 0.725AVG7.5.52.442270.9.0/17722008-11-06Clicker.TXO 1.691BitDefender7.60825.20709477.217192008-11-07-- 3.401CA (FEP) 9.0.0.14331.6.61952008-11-06-- 7.230ClamAV0.9485842008-11-07-- 0.021Comodo2.112.0.0.6992008-11-06-- 0.422CP Secure1.1.0.7152008.11.062008-11-06-- 6.447Dr.Web4.44.0.91702008.11.062008-11-06-- 3.465ewido4.0.0.22008.11.062008-11-06-- 3.024F-Prot4.4.4.56200811062008-11-06-- 1.293F-Secure5.51.61002008.11.06.112008-11-06-- 3.681Fortinet2.81-3.1179.6922008-11-06-- 0.215GData19.1393/19.94200811072008-11-07-- 2.739IkarusT3.1.01.452008.11.06.718072008-11-06-- 3.517JiangMin11.0.7062008.11.062008-11-06-- 1.312Kaspersky5.5.102008.11.062008-11-06-- 0.034KingSoft2008.9.8.182008.11.6.202008-11-06-- 0.690McAfee5.3.0054262008-11-06-- 2.352Microsoft1.41042008.11.072008-11-07-- 8.785mks_vir2.012008.11.062008-11-06-- 2.720Norman5.93.015.93.002008-11-06-- 5.480nProtect2008-11-06.0023828662008-11-06-- 5.379Panda9.05.012008.11.062008-11-06-- 3.744Quick Heal9.502008.09.122008-09-12-- 2.520Rising20.021.02.32.002008-11-06-- 3.054Sophos2.80.04.352008-11-07Mal / EncPk-CZ 1.881Sunbelt3.1.1783.223742008-11-04-- 1.058Symantec1.3.0.2420081106.0042008-11-06Infostealer 0.046The Hacker6.3.1.1v001432008-11-06-- 0.445Trend Micro8.700-10045.642.172008-11-06-- 0.028VBA323.12.8.920081106.17172008-11-06-- 1.390ViRobot200811052008.11.052008-11-05-- 0.398VirusBuster4.5.11.1010.90.27/6712492008-11-06-- 0.876Thanks |
|
#6
6 novembre 2008, 17:30
| |||
| |||
| Virus: iexplore.exe que processus système |
|
#7
6 novembre 2008, 17:39
| |||
| |||
| Virus: iexplore.exe que processus système Télécharger ComboFix par SUBS de l'un des liens ci-dessous. Assurez-vous haut mettre à la Desktop. Lien # 1 Link # 2 ** Note: Il est important de le sauvegarder directement sur votre bureau Fermez tous les navigateurs Web. (Firefox, Internet Explorer, etc) avant de lancer ComboFix. Momentanément désactiver ton antivirus, Et tout antispyware protection en temps réel avant effectuer une analyse. Cliquez sur ce lien pour voir la liste des programmes de sécurité qui doit être désactivé et comment les désactiver. Double-cliquez sur combofix.exe et suivre les instructions. Pour Windows XP Systèmes d'installer la console de récupération: - Si vous utilisez Windows XP et n'avez pas déjà installé la console de récupération, s'il vous plaît vous assurer que votre connexion Internet est active (si possible) et cliquez sur Oui. - Si pour une raison quelconque, votre connexion à Internet ne fonctionne pas sur Non. -- Si vous n'utilisez pas Windows XP, vous ne serez pas invité. - Lorsque vous êtes invité à accepter le CLUF click OK. - Accepter le CLUF de Microsoft (Cliquez Oui). - Quand on vous dit que le RC est correctement installé sur OUI de poursuivre l'analyse des programmes malveillants. Lorsque vous avez terminé ComboFix va produire un journal pour vous. Publier le ComboFix log dans votre prochaine réponse. Important: Ne pas ComboFix clic de souris, la fenêtre en cours d'exécution. Cela mai à cause de décrochage. N'oubliez pas de réactiver votre antivirus et antispyware protection ComboFix est terminée.
__________________ |
|
#8
6 novembre 2008, 17:57
| |||
| |||
| Virus: iexplore.exe que processus système Log ComboFix ComboFix 08-11-05.02 - MKJ 2008-11-06 19:51:34.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1033.18.3144 [GMT -5:00] Du: c: \ documents and settings \ MKJ \ Desktop \ ComboFix.exe . Créée à partir de ((((((((((((((((((((((((( Files 2008-10-07 au 2008-11-07 ))))))))))) )))))))))))))))))))) . 2008-11-06 18:15. 2008-11-06 18:15 d -------- <DIR> c: \ program files \ CCleaner 2008-11-06 03:51. 2008-11-06 03:51 d -------- <DIR> c: \ program files \ Trend Micro 2008-11-06 03:22. 2008-11-06 03:22 <DIR> d -------- C: \ Program Files \ Alwil Software 2008-11-06 02:10. 2008-11-06 02:10 d -------- <DIR> c: \ program files \ assemblées référence 2008-11-06 02:07. 2008-11-06 02:07 <DIR> dr-h ----- C: \ AHCache 2008-11-05 23:11. 2008-11-06 02:12 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Uniblue 2008-11-05 22:05. 2008-11-05 22:05 d -------- <DIR> c: \ documents and settings \ Administrateur \ Application Data \ Malwarebytes 2008-11-05 22:04. 2008-11-05 22:04 d -------- <DIR> c: \ documents and settings \ Administrateur 2008-11-05 16:34. 2008-11-05 16:34 d -------- <DIR> c: \ program files \ Xanga Uploader 2008-11-05 16:34. 2008-11-05 16:34 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \. Xuploader 2008-11-05 16:08. 2008-11-05 16:08 d -------- <DIR> c: \ program files \ Malwarebytes' Anti-Malware 2008-11-05 16:08. 2008-11-05 16:08 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Malwarebytes 2008-11-05 16:08. 2008-11-05 16:08 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ Malwarebytes 2008-11-05 16:08. 2008-10-22 16:10 38.496 - a ------ c: \ windows \ system32 \ drivers \ mbamswissarmy.sys 2008-11-05 16:08. 2008-10-22 16:10 15.504 - a ------ c: \ windows \ system32 \ drivers \ mbam.sys 2008-11-05 15:38. 2008-11-05 15:38 62.464 - a ------ c: \ windows \ system32 \ s1S8Dh6X.exe 2008-11-01 16:18. 2008-11-01 16:18 d -------- <DIR> c: \ windows \ system32 \ Iosubsys 2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- C: \ Program Files \ Google 2008-10-28 02:00. 2008-10-28 02:00 <DIR> d -------- C: \ Program Files \ MSXML 4.0 2008-10-28 01:19. 2008-10-28 01:19 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Nokia 2008-10-28 01:19. 2008-10-28 01:19 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Datalayer 2008-10-28 01:18. 2008-10-30 05:43 d -------- <DIR> c: \ documents and settings \ MKJ \ Phone Browser 2008-10-28 00:55. 2008-10-28 00:55 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ DivX 2008-10-28 00:54. 2008-10-28 00:54 d -------- <DIR> c: \ program files \ Windows Media Components 2008-10-28 00:54. 2005-06-10 09:43 73.728 - a ------ c: \ windows \ system32 \ ISUSPM.cpl 2008-10-28 00:50. 2008-10-28 00:50 d -------- <DIR> c: \ program files \ DIFX 2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ Nokia 2008-10-28 00:50. 2008-10-28 00:58 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ PC Suite 2008-10-28 00:50. 2008-10-28 00:58 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ PC Suite 2008-10-28 00:50. 2008-10-28 00:50 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ Downloaded Installations 2008-10-28 00:50. 2006-05-29 07:26 127.488 - a ------ c: \ windows \ system32 \ drivers \ nmwcd.sys 2008-10-28 00:50. 2006-05-29 07:26 50.688 - a ------ c: \ windows \ system32 \ nmwcdcls.dll 2008-10-28 00:50. 2006-05-29 07:26 30.720 - a ------ c: \ windows \ system32 \ nmwcdcocls.dll 2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ c: \ windows \ system32 \ drivers \ nmwcdcm.sys 2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ c: \ windows \ system32 \ drivers \ nmwcdcj.sys 2008-10-28 00:50. 2006-05-29 07:26 8.704 - a ------ c: \ windows \ system32 \ drivers \ nmwcdc.sys 2008-10-28 00:50. 2006-05-29 07:26 4.608 - a ------ c: \ windows \ system32 \ nmwcdlog.dll 2008-10-28 00:49. 2008-10-28 00:49 d -------- <DIR> c: \ windows \ Downloaded Installations 2008-10-28 00:49. 2008-10-28 00:51 d -------- <DIR> c: \ program files \ Nokia 2008-10-28 00:49. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ PCSuite 2008-10-27 23:54. 2008-10-27 23:54 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ EPSON 2008-10-27 21:55. 2008-10-27 21:55 d -------- <DIR> c: \ program files \ Ventrilo 2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard 2008-10-27 21:55. 2008-10-27 21:56 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Ventrilo 2008-10-27 21:13. 2008-11-06 19:50 160.100 - a ------ c: \ windows \ system32 \ nvapps.xml 2008-10-27 21:05. 2008-11-05 16:09 <DIR> da ------ c: \ documents and settings \ All Users \ Application Data \ TEMP 2008-10-26 23:48. 2008-11-06 05:29 d -------- <DIR> c: \ program files \ easyMule 2008-10-26 13:53. 2008-10-26 13:53 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Viewpoint 2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ Program Files \ iPod 2008-10-25 19:37. 2008-10-25 19:37 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Apple Computer 2008-10-25 19:37. 2008-04-17 12:12 107.368 - a ------ c: \ windows \ system32 \ GEARAspi.dll 2008-10-25 19:37. 2008-04-17 12:12 15.464 - a ------ c: \ windows \ system32 \ drivers \ GEARAspiWDM.sys 2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ QuickTime 2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ Program Files \ iTunes 2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Bonjour 2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Apple Software Update 2008-10-25 19:36. 2008-10-25 19:36 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ Apple Computer 2008-10-25 19:36. 2008-10-25 19:37 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ () 3276BE95_AF08_429F_A64F_CA64CB79BCF6 2008-10-25 19:35. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Common Files \ Apple 2008-10-25 19:35. 2008-10-25 19:35 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ Apple 2008-10-24 18:11. 2007-07-30 18:19 271.224 - a ------ c: \ windows \ system32 \ mucltui.dll 2008-10-24 18:11. 2007-07-30 18:19 30.072 - a ------ c: \ windows \ system32 \ mucltui.dll.mui 2008-10-24 15:39. 2008-10-24 15:39 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ Blizzard 2008-10-24 14:24. 2008-10-24 14:24 d -------- <DIR> c: \ program files \ Real 2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ xing partagée 2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Fichiers communs \ Real 2008-10-24 14:07. 2008-10-24 14:07 d -------- <DIR> c: \ documents and settings \ MKJ \ Logs 2008-10-24 13:59. 2008-10-24 13:59 <DIR> d -------- C: \ Logs 2008-10-24 10:05. 2008-10-27 21:15 d -------- <DIR> c: \ windows \ nView 2008-10-24 10:05. 2008-01-10 01:30 442.368-ra ------ c: \ windows \ system32 \ nvusmb.exe 2008-10-24 10:05. 2008-03-06 15:23 442.368 - a ------ c: \ windows \ system32 \ NVUNINST.EXE 2008-10-24 10:05. 2008-03-19 04:04 442.368 - a ------ c: \ windows \ system32 \ nvudisp.exe 2008-10-24 10:05. 2007-09-27 22:32 356.352-ra ------ c: \ windows \ system32 \ nvusmu.exe 2008-10-24 10:05. 2008-01-03 17:26 17.737 - a ------ c: \ windows \ system32 \ nvdisp.nvu 2008-10-24 10:05. 2007-10-12 03:53 13312-ra ------ c: \ windows \ system32 \ drivers \ nvsmu.sys 2008-10-24 10:05. 2007-12-07 03:12 5.836 - a ------ c: \ windows \ system32 \ nvnrm.nvu 2008-10-24 10:05. 2008-01-16 17:17 3.948-ra ------ c: \ windows \ system32 \ drivers \ nvphy.bin 2008-10-24 10:05. 2007-12-07 01:34 2.016-ra ------ c: \ windows \ system32 \ nvsmb.nvu 2008-10-24 10:05. 2007-09-12 01:14 659-ra ------ c: \ windows \ system32 \ nvsmu.nvu 2008-10-24 10:04. 2008-10-23 22:44 35.647 - a ------ c: \ windows \ Ascd_log.ini . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2008-11-06 10:37 --------- d ----- wc: \ program files \ AIMTunes 2008-11-04 21:36 --------- d ----- wc: \ program files \ World of Warcraft 2008-10-28 05:55 --------- d ----- wc: \ Program Files \ Common Files \ Ulead Systems 2008-10-28 05:55 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ Ulead Systems 2008-10-28 05:54 --------- d ----- wc: \ program files \ Ulead Systems 2008-10-28 05:54 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Ulead Systems 2008-10-28 05:53 --------- d - h - wc: \ program files \ InstallShield Installation Information 2008-10-28 05:02 --------- d ----- wc: \ Program Files \ Fichiers communs \ Adobe 2008-10-24 19:24 499.712 ---- aw c: \ windows \ system32 \ msvcp71.dll 2008-10-24 19:24 348.160 ---- aw c: \ windows \ system32 \ msvcr71.dll 2008-10-24 14:51 --------- d ----- wc: \ program files \ microsoft frontpage 2008-10-24 07:55 --------- d ----- wc: \ program files \ MSN Messenger 2008-10-24 06:09 --------- d ----- wc: \ Program Files \ Microsoft CAPICOM 2.1.0.2 2008-10-24 05:44 --------- d ----- wc: \ Program Files \ Winamp 2008-10-24 05:44 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ Winamp 2008-10-24 05:40 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ acccore 2008-10-24 05:39 --------- d ----- wc: \ program files \ AIM6 2008-10-24 05:39 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL Downloads 2008-10-24 05:38 --------- d ----- wc: \ program files \ Point de vue 2008-10-24 05:38 --------- d ----- wc: \ Program Files \ Common Files \ AOL 2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Viewpoint 2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL OCP 2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL 2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ acccore 2008-10-24 05:32 --------- d ----- wc: \ Program Files \ Common Files \ Blizzard Entertainment 2008-10-24 05:20 --------- d ----- wc: \ program files \ Windows Media Connect 2 2008-10-24 05:10 --------- d ----- wc: \ program files \ DivX 2008-10-24 05:08 --------- d ----- wc: \ program files \ DefilerPak 2008-10-24 04:37 --------- d ----- wc: \ program files \ Realtek 2008-10-24 04:33 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Symantec 2008-10-24 04:18 --------- d ----- wc: \ Program Files \ Common Files \ Symantec Shared 2008-10-24 03:58 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ InstallShield 2008-10-24 03:57 --------- d ----- wc: \ Program Files \ Fichiers communs \ InstallShield 2008-10-24 03:54 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Corel 2008-10-24 03:33 --------- d ----- wc: \ program files \ ASUS 2008-10-24 03:08 315.392 ---- aw c: \ windows \ HideWin.exe 2008-10-24 03:08 --------- d ----- wc: \ program files \ profile 2008-10-24 00:18 2.302.017 ---- aw c: \ windows \ system32 \ GPhotos.scr 2008-09-23 22:46 245.408 ---- aw c: \ windows \ system32 \ unicows.dll 2008-09-15 12:12 1.846.400 ---- aw c: \ windows \ system32 \ Win32k.sys 2008-09-08 10:41 333.824 ---- aw c: \ windows \ system32 \ drivers \ Srv.sys 2008-08-29 14:18 87.336 ---- aw c: \ windows \ system32 \ dns-sd.exe 2008-08-29 13:53 61.440 ---- aw c: \ windows \ system32 \ dnssd.dll 2008-08-26 07:24 826.368 ---- aw c: \ windows \ system32 \ wininet.dll 2008-08-14 10:09 2.145.280 ---- aw c: \ windows \ system32 \ ntoskrnl.exe 2008-08-14 09:33 2.023.936 ---- aw c: \ windows \ system32 \ ntkrnlpa.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Note * empty entries & legit entrées par défaut ne sont pas indiquées REGEDIT4 [HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E)] 2008-10-23 02:37 147928 - a ------ c: \ program files \ easyMule \ modules \ IE2EM.dll [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curré ntVersion \ Run] "CTFMON.EXE" = "c: \ windows \ system32 \ ctfmon.exe" [2008-04-13 15360] "\ \ MING3 \ EPSON Stylus C120 Series "=" c: \ windows \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICCA.EXE "[2007-03-12 182272] "PcSync" = "c: \ program files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006-06-27 1449984] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "PHIME2002ASync" = "c: \ windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A" = "c: \ windows \ System32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004-08-04 455168] "Ai Nap" = "c: \ program files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe" [2008-01-28 1413120] "CPU Power Monitor" = "c: \ program files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008-01-09 627200] "Cpu Level Up help" = "c: \ program files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe" [2007-11-30 881152] "ASUS Energy Saving" = "c: \ program files \ ASUS \ Ai Suite \ EnergySaving \ PwSave.exe" [2008-01-28 1352704] "Ulead AutoDetector v2" = "C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe" [2006-11-29 90112] "TkBellExe" = "c: \ program files \ Fichiers communs \ Real \ Update_OB \ realsched.exe" [2008-10-24 185872] "QuickTime Task" = "c: \ program files \ QuickTime \ qttask.exe" [2008-09-06 413696] "iTunesHelper" = "c: \ program files \ iTunes \ iTunesHelper.exe" [2008-10-01 289576] "NvCplDaemon" = "c: \ windows \ system32 \ NvCpl.dll" [2008-01-03 13508608] "NvMediaCenter" = "c: \ windows \ system32 \ NvMcTray. Dll" [2008-01-03 86016] "Adobe Reader Speed Launcher" = "c: \ program files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792] "NSLauncher" = "c: \ program files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006-11-28 2658304] "avast!" = "c: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp. exe" [2008-07-19 78008] "RTHDCPL" = "RTHDCPL.EXE" [2008-05-07 C: \ Windows \ RTHDCPL.exe] "nwiz" = "nwiz.exe" [2008-01-03 c: \ windows \ system32 \ nwiz.exe] [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run] "CTFMON.EXE" = "c: \ windows \ System32 \ CTFMON.EXE" [2008-04-13 15360] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ drivers32] "msacm.dvacm" = c: \ progra ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ Vio \ Dvacm.acm "msacm.divxa32" = DivXa32.acm "msacm.ulmp3acm" = c: \ progra ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm "msacm.mpegacm" = c: \ progra ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnet3.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnet3 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnet3 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx30SP1setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx30SP1setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx30SP1setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ StandardProfile \ AuthorizedApplications \ List] "% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" = "c: \ \ Program Files \ \ AIM6 \ \ aim6.exe" = "c: \ \ Program Files \ \ World of Warcraft \ \ WoW-2.3.0-enus-downloader.exe" = "c: \ \ Program Files \ \ MSN Messenger \ \ msnmsgr.exe" = "c: \ \ Program Files \ \ MSN Messenger \ \ livecall.exe" = "c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" = "c: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "c: \ \ Program Files \ \ easyMule \ \ emule.exe" = [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ StandardProfile \ GloballyOpenPorts \ List] "3724: TCP" = 3724: TCP: Blizzard Downloader: 3724 "12178: TCP" = 12178: TCP: BitComet 12178 TCP "12178: UDP" = 12178: UDP: BitComet 12178 UDP R1 aswSP; avast! Self Protection; c: \ windows \ system32 \ drivers \ aswSP.sys [2008-07-19 78416] R2 aswFsBlk; aswFsBlk; c: \ windows \ system32 \ drivers \ aswF sBlk.sys [2008-07-19 20560] R2 Viewpoint Manager Service; Viewpoint Manager Service; c: \ program files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652] R3 NVHDA; Service pour NVIDIA High Definition Audio Driver c: \ windows \ system32 \ drivers \ nvhda32.sys [2008-05-04 38560] . Contenu de la "Tâches planifiées" dossier 2008-11-01 c: \ windows \ Tasks \ AppleSoftwareUpdate.job - C: \ program files \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 11:34] 2008-11-06 c: \ windows \ Tasks \ At1.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At10.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At11.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At12.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At13.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At14.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At15.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At16.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At17.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At18.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At19.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At2.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-07 c: \ windows \ Tasks \ At20.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At21.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At22.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At23.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At24.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At3.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At4.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At5.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At6.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At7.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At8.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] 2008-11-06 c: \ windows \ Tasks \ At9.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38] . - - - - ORPHELINS REMOVED - - - -- HKCU-Run-Uniblue RegistryBooster 2009 - c: \ program files \ Uniblue \ RegistryBooster \ RegistryBooster.exe MSConfigStartUp-Uniblue RegistryBooster 2009 - c: \ program files \ Uniblue \ RegistryBooster \ RegistryBooster.exe . Supplementary Scan ------- ------- . R0 -: HKCU-Main, Start Page = environ: blank R1 -: HKCU-Internet Settings, ProxyOverride = *. local O8 -: Add to Google Photos Screensa & ver - c: \ windows \ system32 \ GPhotos.scr/200 O8 -: Télécharger par easyMule - c: \ program files \ easyMule \ IE2EM.htm . ************************************************** ************************ catchme 0.3.1367 W2K/XP/Vista - rootkit / stealth malware detector par Gmer, http://www.gmer.net Rootkit scan 2008-11-06 19:54:20 Windows 5.1.2600 Service Pack 3 NTFS scanning processus cachés ... scanning hidden autostart entries ... de balayage des fichiers cachés ... scan effectué avec succès les fichiers cachés: 0 ************************************************** ************************ . Délai: 2008-11-06 19:54:45 ComboFix-quarantaine-files.txt 2008-11-07 00:54:42 Pre-Run: 41621639168 octets libres Post-Run: 41699291136 octets libres 396 --- EOF --- 2008-10-28 07:00:21 |
|
#9
6 novembre 2008, 18:28
| |||
| |||
| Virus: iexplore.exe que processus système Note: les instructions ci-dessous ont été créées spécifiquement pour cet utilisateur. Si vous n'êtes pas cet utilisateur, NE PAS suivre ces instructions, sous peine d'endommager le fonctionnement de votre système Supprimer ces fichiers / dossiers, comme suit: 1. Aller à Démarrer > Courir > Type Notepad.exe et cliquez sur OK pour ouvrir le Bloc-notes. Il devoir être Bloc-notes, Wordpad pas. 2. Copiez le texte ci-dessous dans la case code en mettant en lumière tout le texte et en appuyant sur Ctrl + C Code: Killall:: File:: c: \ windows \ system32 \ s1S8Dh6X.exe c: \ windows \ Tasks \ At1.job c: \ windows \ Tasks \ At10.job C: \ Windows \ Tasks \ At11.job c: \ windows \ Tasks \ At12.job C: \ Windows \ Tasks \ At13.job C: \ Windows \ Tasks \ At14.job C: \ Windows \ Tasks \ At15.job C: \ Windows \ Tasks \ At16.job C: \ Windows \ Tasks \ At17.job C: \ Windows \ Tasks \ At18.job C: \ Windows \ Tasks \ At19.job C: \ Windows \ Tasks \ At2.job c: \ windows \ Tasks \ At20.job C: \ Windows \ Tasks \ At21.job C: \ Windows \ Tasks \ At22.job C: \ Windows \ Tasks \ At23.job C: \ Windows \ Tasks \ At24.job C: \ Windows \ Tasks \ At3.job c: \ windows \ Tasks \ At4.job c: \ windows \ Tasks \ At5.job c: \ windows \ Tasks \ At6.job c: \ windows \ Tasks \ At7.job c: \ windows \ Tasks \ At8.job c: \ windows \ Tasks \ At9.job 4. Ensuite, cliquez sur Fichier > Sauver 5. Nom du fichier CFScript.txt - Enregistrez le fichier sur votre bureau 6. Ensuite, faites glisser le CFScript (maintenez enfoncé le bouton gauche tout en faisant glisser le fichier) et déposez-le (la libération du bouton gauche de la souris) dans ComboFix.exe comme vous le voyez sur la capture d'écran ci-dessous. Important: Exécutez cette instruction attentivement!  ComboFix va commencer à exécuter, il suffit de suivre les instructions. Après un redémarrage (dans le cas où il demande de redémarrer l'ordinateur), il va produire un journal pour vous. Post que log (Combofix.txt) dans votre prochaine réponse. Note: Ne pas ComboFix clic de souris, la fenêtre en cours d'exécution. Cette mai cause votre système de gel
__________________ |
|
#10
6 novembre 2008, 18:37
| |||
| |||
| Virus: iexplore.exe que processus système Log ComboFix ComboFix 08-11-05.02 - MKJ 2008-11-06 20:31:01.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1033.18.2458 [GMT -5:00] Du: c: \ documents and settings \ MKJ \ Desktop \ ComboFix.exe Interrupteurs de commande utilisés:: c: \ documents and settings \ MKJ \ Desktop \ CFScript.txt * Création d'un nouveau point de restauration FILE:: c: \ windows \ system32 \ s1S8Dh6X.exe c: \ windows \ Tasks \ At1.job c: \ windows \ Tasks \ At10.job c: \ windows \ Tasks \ At11.job c: \ windows \ Tasks \ At12.job c: \ windows \ Tasks \ At13.job c: \ windows \ Tasks \ At14.job c: \ windows \ Tasks \ At15.job c: \ windows \ Tasks \ At16.job c: \ windows \ Tasks \ At17.job c: \ windows \ Tasks \ At18.job c: \ windows \ Tasks \ At19.job c: \ windows \ Tasks \ At2.job c: \ windows \ Tasks \ At20.job c: \ windows \ Tasks \ At21.job c: \ windows \ Tasks \ At22.job c: \ windows \ Tasks \ At23.job c: \ windows \ Tasks \ At24.job c: \ windows \ Tasks \ At3.job c: \ windows \ Tasks \ At4.job c: \ windows \ Tasks \ At5.job c: \ windows \ Tasks \ At6.job c: \ windows \ Tasks \ At7.job c: \ windows \ Tasks \ At8.job c: \ windows \ Tasks \ At9.job . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))) )))))))))))))))))))))))))))))))))))))))) . c: \ windows \ system32 \ s1S8Dh6X.exe c: \ windows \ Tasks \ At1.job c: \ windows \ Tasks \ At10.job c: \ windows \ Tasks \ At11.job c: \ windows \ Tasks \ At12.job c: \ windows \ Tasks \ At13.job c: \ windows \ Tasks \ At14.job c: \ windows \ Tasks \ At15.job c: \ windows \ Tasks \ At16.job c: \ windows \ Tasks \ At17.job c: \ windows \ Tasks \ At18.job c: \ windows \ Tasks \ At19.job c: \ windows \ Tasks \ At2.job c: \ windows \ Tasks \ At20.job c: \ windows \ Tasks \ At21.job c: \ windows \ Tasks \ At22.job c: \ windows \ Tasks \ At23.job c: \ windows \ Tasks \ At24.job c: \ windows \ Tasks \ At3.job c: \ windows \ Tasks \ At4.job c: \ windows \ Tasks \ At5.job c: \ windows \ Tasks \ At6.job c: \ windows \ Tasks \ At7.job c: \ windows \ Tasks \ At8.job c: \ windows \ Tasks \ At9.job . Créée à partir de ((((((((((((((((((((((((( Files 2008-10-07 au 2008-11-07 ))))))))))) )))))))))))))))))))) . 2008-11-06 18:15. 2008-11-06 18:15 d -------- <DIR> c: \ program files \ CCleaner 2008-11-06 03:51. 2008-11-06 03:51 d -------- <DIR> c: \ program files \ Trend Micro 2008-11-06 03:22. 2008-11-06 03:22 <DIR> d -------- C: \ Program Files \ Alwil Software 2008-11-06 02:10. 2008-11-06 02:10 d -------- <DIR> c: \ program files \ assemblées référence 2008-11-06 02:07. 2008-11-06 02:07 <DIR> dr-h ----- C: \ AHCache 2008-11-05 23:11. 2008-11-06 02:12 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Uniblue 2008-11-05 22:05. 2008-11-05 22:05 d -------- <DIR> c: \ documents and settings \ Administrateur \ Application Data \ Malwarebytes 2008-11-05 22:04. 2008-11-05 22:04 d -------- <DIR> c: \ documents and settings \ Administrateur 2008-11-05 16:34. 2008-11-05 16:34 d -------- <DIR> c: \ program files \ Xanga Uploader 2008-11-05 16:34. 2008-11-05 16:34 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \. Xuploader 2008-11-05 16:08. 2008-11-05 16:08 d -------- <DIR> c: \ program files \ Malwarebytes' Anti-Malware 2008-11-05 16:08. 2008-11-05 16:08 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Malwarebytes 2008-11-05 16:08. 2008-11-05 16:08 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ Malwarebytes 2008-11-05 16:08. 2008-10-22 16:10 38.496 - a ------ c: \ windows \ system32 \ drivers \ mbamswissarmy.sys 2008-11-05 16:08. 2008-10-22 16:10 15.504 - a ------ c: \ windows \ system32 \ drivers \ mbam.sys 2008-11-01 16:18. 2008-11-01 16:18 d -------- <DIR> c: \ windows \ system32 \ Iosubsys 2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- C: \ Program Files \ Google 2008-10-28 02:00. 2008-10-28 02:00 <DIR> d -------- C: \ Program Files \ MSXML 4.0 2008-10-28 01:19. 2008-10-28 01:19 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Nokia 2008-10-28 01:19. 2008-10-28 01:19 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Datalayer 2008-10-28 01:18. 2008-10-30 05:43 d -------- <DIR> c: \ documents and settings \ MKJ \ Phone Browser 2008-10-28 00:55. 2008-10-28 00:55 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ DivX 2008-10-28 00:54. 2008-10-28 00:54 d -------- <DIR> c: \ program files \ Windows Media Components 2008-10-28 00:54. 2005-06-10 09:43 73.728 - a ------ c: \ windows \ system32 \ ISUSPM.cpl 2008-10-28 00:50. 2008-10-28 00:50 d -------- <DIR> c: \ program files \ DIFX 2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ Nokia 2008-10-28 00:50. 2008-10-28 00:58 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ PC Suite 2008-10-28 00:50. 2008-10-28 00:58 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ PC Suite 2008-10-28 00:50. 2008-10-28 00:50 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ Downloaded Installations 2008-10-28 00:50. 2006-05-29 07:26 127.488 - a ------ c: \ windows \ system32 \ drivers \ nmwcd.sys 2008-10-28 00:50. 2006-05-29 07:26 50.688 - a ------ c: \ windows \ system32 \ nmwcdcls.dll 2008-10-28 00:50. 2006-05-29 07:26 30.720 - a ------ c: \ windows \ system32 \ nmwcdcocls.dll 2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ c: \ windows \ system32 \ drivers \ nmwcdcm.sys 2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ c: \ windows \ system32 \ drivers \ nmwcdcj.sys 2008-10-28 00:50. 2006-05-29 07:26 8.704 - a ------ c: \ windows \ system32 \ drivers \ nmwcdc.sys 2008-10-28 00:50. 2006-05-29 07:26 4.608 - a ------ c: \ windows \ system32 \ nmwcdlog.dll 2008-10-28 00:49. 2008-10-28 00:49 d -------- <DIR> c: \ windows \ Downloaded Installations 2008-10-28 00:49. 2008-10-28 00:51 d -------- <DIR> c: \ program files \ Nokia 2008-10-28 00:49. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ PCSuite 2008-10-27 23:54. 2008-10-27 23:54 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ EPSON 2008-10-27 21:55. 2008-10-27 21:55 d -------- <DIR> c: \ program files \ Ventrilo 2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard 2008-10-27 21:55. 2008-10-27 21:56 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Ventrilo 2008-10-27 21:13. 2008-11-06 20:34 160.100 - a ------ c: \ windows \ system32 \ nvapps.xml 2008-10-27 21:05. 2008-11-05 16:09 <DIR> da ------ c: \ documents and settings \ All Users \ Application Data \ TEMP 2008-10-26 23:48. 2008-11-06 05:29 d -------- <DIR> c: \ program files \ easyMule 2008-10-26 13:53. 2008-10-26 13:53 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Viewpoint 2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ Program Files \ iPod 2008-10-25 19:37. 2008-10-25 19:37 d -------- <DIR> c: \ documents and settings \ MKJ \ Application Data \ Apple Computer 2008-10-25 19:37. 2008-04-17 12:12 107.368 - a ------ c: \ windows \ system32 \ GEARAspi.dll 2008-10-25 19:37. 2008-04-17 12:12 15.464 - a ------ c: \ windows \ system32 \ drivers \ GEARAspiWDM.sys 2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ QuickTime 2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ Program Files \ iTunes 2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Bonjour 2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Apple Software Update 2008-10-25 19:36. 2008-10-25 19:36 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ Apple Computer 2008-10-25 19:36. 2008-10-25 19:37 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ () 3276BE95_AF08_429F_A64F_CA64CB79BCF6 2008-10-25 19:35. 2008-10-25 19:36 <DIR> d -------- C: \ Program Files \ Common Files \ Apple 2008-10-25 19:35. 2008-10-25 19:35 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ Apple 2008-10-24 18:11. 2007-07-30 18:19 271.224 - a ------ c: \ windows \ system32 \ mucltui.dll 2008-10-24 18:11. 2007-07-30 18:19 30.072 - a ------ c: \ windows \ system32 \ mucltui.dll.mui 2008-10-24 15:39. 2008-10-24 15:39 d -------- <DIR> c: \ documents and settings \ All Users \ Application Data \ Blizzard 2008-10-24 14:24. 2008-10-24 14:24 d -------- <DIR> c: \ program files \ Real 2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ xing partagée 2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Fichiers communs \ Real 2008-10-24 14:07. 2008-10-24 14:07 d -------- <DIR> c: \ documents and settings \ MKJ \ Logs 2008-10-24 13:59. 2008-10-24 13:59 <DIR> d -------- C: \ Logs 2008-10-24 10:05. 2008-10-27 21:15 d -------- <DIR> c: \ windows \ nView 2008-10-24 10:05. 2008-01-10 01:30 442.368-ra ------ c: \ windows \ system32 \ nvusmb.exe 2008-10-24 10:05. 2008-03-06 15:23 442.368 - a ------ c: \ windows \ system32 \ NVUNINST.EXE 2008-10-24 10:05. 2008-03-19 04:04 442.368 - a ------ c: \ windows \ system32 \ nvudisp.exe 2008-10-24 10:05. 2007-09-27 22:32 356.352-ra ------ c: \ windows \ system32 \ nvusmu.exe 2008-10-24 10:05. 2008-01-03 17:26 17.737 - a ------ c: \ windows \ system32 \ nvdisp.nvu 2008-10-24 10:05. 2007-10-12 03:53 13312-ra ------ c: \ windows \ system32 \ drivers \ nvsmu.sys 2008-10-24 10:05. 2007-12-07 03:12 5.836 - a ------ c: \ windows \ system32 \ nvnrm.nvu 2008-10-24 10:05. 2008-01-16 17:17 3.948-ra ------ c: \ windows \ system32 \ drivers \ nvphy.bin 2008-10-24 10:05. 2007-12-07 01:34 2.016-ra ------ c: \ windows \ system32 \ nvsmb.nvu 2008-10-24 10:05. 2007-09-12 01:14 659-ra ------ c: \ windows \ system32 \ nvsmu.nvu 2008-10-24 10:04. 2008-10-23 22:44 35.647 - a ------ c: \ windows \ Ascd_log.ini . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2008-11-06 10:37 --------- d ----- wc: \ program files \ AIMTunes 2008-11-04 21:36 --------- d ----- wc: \ program files \ World of Warcraft 2008-10-28 05:55 --------- d ----- wc: \ Program Files \ Common Files \ Ulead Systems 2008-10-28 05:55 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ Ulead Systems 2008-10-28 05:54 --------- d ----- wc: \ program files \ Ulead Systems 2008-10-28 05:54 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Ulead Systems 2008-10-28 05:53 --------- d - h - wc: \ program files \ InstallShield Installation Information 2008-10-28 05:02 --------- d ----- wc: \ Program Files \ Fichiers communs \ Adobe 2008-10-24 19:24 499.712 ---- aw c: \ windows \ system32 \ msvcp71.dll 2008-10-24 19:24 348.160 ---- aw c: \ windows \ system32 \ msvcr71.dll 2008-10-24 14:51 --------- d ----- wc: \ program files \ microsoft frontpage 2008-10-24 07:55 --------- d ----- wc: \ program files \ MSN Messenger 2008-10-24 06:09 --------- d ----- wc: \ Program Files \ Microsoft CAPICOM 2.1.0.2 2008-10-24 05:44 --------- d ----- wc: \ Program Files \ Winamp 2008-10-24 05:44 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ Winamp 2008-10-24 05:40 --------- d ----- wc: \ documents and settings \ MKJ \ Application Data \ acccore 2008-10-24 05:39 --------- d ----- wc: \ program files \ AIM6 2008-10-24 05:39 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL Downloads 2008-10-24 05:38 --------- d ----- wc: \ program files \ Point de vue 2008-10-24 05:38 --------- d ----- wc: \ Program Files \ Common Files \ AOL 2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Viewpoint 2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL OCP 2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ AOL 2008-10-24 05:38 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ acccore 2008-10-24 05:32 --------- d ----- wc: \ Program Files \ Common Files \ Blizzard Entertainment 2008-10-24 05:20 --------- d ----- wc: \ program files \ Windows Media Connect 2 2008-10-24 05:10 --------- d ----- wc: \ program files \ DivX 2008-10-24 05:08 --------- d ----- wc: \ program files \ DefilerPak 2008-10-24 04:37 --------- d ----- wc: \ program files \ Realtek 2008-10-24 04:33 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Symantec 2008-10-24 04:18 --------- d ----- wc: \ Program Files \ Common Files \ Symantec Shared 2008-10-24 03:58 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ InstallShield 2008-10-24 03:57 --------- d ----- wc: \ Program Files \ Fichiers communs \ InstallShield 2008-10-24 03:54 --------- d ----- wc: \ documents and settings \ All Users \ Application Data \ Corel 2008-10-24 03:33 --------- d ----- wc: \ program files \ ASUS 2008-10-24 03:08 315.392 ---- aw c: \ windows \ HideWin.exe 2008-10-24 03:08 --------- d ----- wc: \ program files \ profile 2008-10-24 00:18 2.302.017 ---- aw c: \ windows \ system32 \ GPhotos.scr 2008-09-23 22:46 245.408 ---- aw c: \ windows \ system32 \ unicows.dll 2008-09-15 12:12 1.846.400 ---- aw c: \ windows \ system32 \ Win32k.sys 2008-09-08 10:41 333.824 ---- aw c: \ windows \ system32 \ drivers \ Srv.sys 2008-08-29 14:18 87.336 ---- aw c: \ windows \ system32 \ dns-sd.exe 2008-08-29 13:53 61.440 ---- aw c: \ windows \ system32 \ dnssd.dll 2008-08-26 07:24 826.368 ---- aw c: \ windows \ system32 \ wininet.dll 2008-08-14 10:09 2.145.280 ---- aw c: \ windows \ system32 \ ntoskrnl.exe 2008-08-14 09:33 2.023.936 ---- aw c: \ windows \ system32 \ ntkrnlpa.exe . ((((((((((((((((((((((((((((( Snapshot@2008-11-06_19.54.31.75 )))))))))) ))))))))))))))))))))))))))))))) . - 2008-11-06 23:26:54 49.198 ---- aw c: \ windows \ system32 \ Perfc009.dat + 2008-11-07 00:54:48 49.198 ---- aw c: \ windows \ system32 \ Perfc009.dat - 2008-11-06 23:26:54 390.094 ---- aw c: \ windows \ system32 \ Perfh009.dat + 2008-11-07 00:54:48 390.094 ---- aw c: \ windows \ system32 \ Perfh009.dat + 2008-11-07 01:33:47 16.384 ---- ATW c: \ windows \ Temp \ Perflib_Perfdata_584.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Note * empty entries & legit entrées par défaut ne sont pas indiquées REGEDIT4 [HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E)] 2008-10-23 02:37 147928 - a ------ c: \ program files \ easyMule \ modules \ IE2EM.dll [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curré ntVersion \ Run] "CTFMON.EXE" = "c: \ windows \ system32 \ ctfmon.exe" [2008-04-13 15360] "\ \ MING3 \ EPSON Stylus C120 Series "=" c: \ windows \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICCA.EXE "[2007-03-12 182272] "PcSync" = "c: \ program files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006-06-27 1449984] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "PHIME2002ASync" = "c: \ windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A" = "c: \ windows \ System32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004-08-04 455168] "Ai Nap" = "c: \ program files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe" [2008-01-28 1413120] "CPU Power Monitor" = "c: \ program files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008-01-09 627200] "Cpu Level Up help" = "c: \ program files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe" [2007-11-30 881152] "ASUS Energy Saving" = "c: \ program files \ ASUS \ Ai Suite \ EnergySaving \ PwSave.exe" [2008-01-28 1352704] "Ulead AutoDetector v2" = "C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe" [2006-11-29 90112] "TkBellExe" = "c: \ program files \ Fichiers communs \ Real \ Update_OB \ realsched.exe" [2008-10-24 185872] "QuickTime Task" = "c: \ program files \ QuickTime \ qttask.exe" [2008-09-06 413696] "iTunesHelper" = "c: \ program files \ iTunes \ iTunesHelper.exe" [2008-10-01 289576] "NvCplDaemon" = "c: \ windows \ system32 \ NvCpl.dll" [2008-01-03 13508608] "NvMediaCenter" = "c: \ windows \ system32 \ NvMcTray. Dll" [2008-01-03 86016] "Adobe Reader Speed Launcher" = "c: \ program files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792] "NSLauncher" = "c: \ program files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006-11-28 2658304] "RTHDCPL" = "RTHDCPL.EXE" [2008-05-07 C: \ Windows \ RTHDCPL.exe] "nwiz" = "nwiz.exe" [2008-01-03 c: \ windows \ system32 \ nwiz.exe] [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run] "CTFMON.EXE" = "c: \ windows \ System32 \ CTFMON.EXE" [2008-04-13 15360] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ drivers32] "msacm.dvacm" = c: \ progra ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ Vio \ Dvacm.acm "msacm.divxa32" = DivXa32.acm "msacm.ulmp3acm" = c: \ progra ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm "msacm.mpegacm" = c: \ progra ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnet3.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnet3 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnet3 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx30SP1setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx30SP1setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx30SP1setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx35 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx3_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ dotnetfx [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP1_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx20SP2_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx30SP1_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx35_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ fichier image exécution options \ NetFx64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ StandardProfile \ AuthorizedApplications \ List] "% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" = "c: \ \ Program Files \ \ AIM6 \ \ aim6.exe" = "c: \ \ Program Files \ \ World of Warcraft \ \ WoW-2.3.0-enus-downloader.exe" = "c: \ \ Program Files \ \ MSN Messenger \ \ msnmsgr.exe" = "c: \ \ Program Files \ \ MSN Messenger \ \ livecall.exe" = "c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" = "c: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "c: \ \ Program Files \ \ easyMule \ \ emule.exe" = [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ StandardProfile \ GloballyOpenPorts \ List] "3724: TCP" = 3724: TCP: Blizzard Downloader: 3724 "12178: TCP" = 12178: TCP: BitComet 12178 TCP "12178: UDP" = 12178: UDP: BitComet 12178 UDP R1 aswSP; avast! Self Protection; c: \ windows \ system32 \ drivers \ aswSP.sys [2008-07-19 78416] R2 aswFsBlk; aswFsBlk; c: \ windows \ system32 \ drivers \ aswF sBlk.sys [2008-07-19 20560] R2 Viewpoint Manager Service; Viewpoint Manager Service; c: \ program files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652] R3 NVHDA; Service pour NVIDIA High Definition Audio Driver c: \ windows \ system32 \ drivers \ nvhda32.sys [2008-05-04 38560] . Contenu de la "Tâches planifiées" dossier 2008-11-01 c: \ windows \ Tasks \ AppleSoftwareUpdate.job - C: \ program files \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 11:34] . ************************************************** ************************ catchme 0.3.1367 W2K/XP/Vista - rootkit / stealth malware detector par Gmer, http://www.gmer.net Rootkit scan 2008-11-06 20:34:11 Windows 5.1.2600 Service Pack 3 NTFS scanning processus cachés ... scanning hidden autostart entries ... de balayage des fichiers cachés ... scan effectué avec succès les fichiers cachés: 0 ************************************************** ************************ . ------------------------ Autres processus en cours ----------------------- -- . c: \ program files \ Alwil Software \ Avast4 \ aswupdsv.exe c: \ program files \ Alwil Software \ Avast4 \ ashServ.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe c: \ program files \ Bonjour \ mDNSResponder.exe c: \ windows \ system32 \ nvsvc32.exe c: \ windows \ system32 \ PSIService.exe c: \ program files \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe c: \ program files \ Alwil Software \ Avast4 \ ashmaisv.exe c: \ program files \ Alwil Software \ Avast4 \ ashWebSv.exe c: \ windows \ system32 \ rundll32.exe c: \ program files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Common Files \ PCSuite \ Services \ ServiceLayer.exe c: \ progra ~ 1 \ Common ~ 1 \ Nokia \ MPAPI \ MPAPI3s.exe . ************************************************** ************************ . Délai: 2008-11-06 20:36:06 - machine a redémarré ComboFix-quarantaine-files.txt 2008-11-07 01:36:02 ComboFix2.txt 2008-11-07 00:54:46 Pre-Run: 41668276224 octets libres Post-Run: 41678303232 octets libres 418 --- EOF --- 2008-10-28 07:00:21 Merci |
|
| |
| Bookmarks |
Similar Threads | ||||
| Fil | Thread Starter | Forum | Réponses | Last Post |
| System Idle Process Inférieur ou égal à 99 Cpu | sgonzalez90 | Systèmes d'exploitation Windows | 4 | 6 avr 2009 14:50 |
| Processus inactif du système - Gestionnaire des tâches de Windows | pest79456 | Systèmes d'exploitation Windows | 3 | 8 fév 2009 09:20 |
| En cliquant, les bips et caché processus iexplore.exe | adhoc | Virus, Spyware et sécurité | 5 | 7 oct 2008 18:44 |
| IEXPLORE.EXE système virus? HijackThis log, s'il vous plaît jeter un coup d'oeil. | samDd | Virus, Spyware et sécurité | 4 | 29e sept. 2008 17:13 |
| Problèmes avec les fenêtres pop-up et les processus en cours iexplore | 1carly1 | Virus, Spyware et sécurité | 3 | 15 fév 2008 10:36 |
| Thread Tools | |
| |
