Se connecter / S'enregistrer
Votre question

Help - infection indétectable

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Août 2008 16:49:59

Salut,

suite à un téléchargement ma machine fonctionne différemment.
j'ai essayé mon antivirus et anti spyware, mais rien n'y fait (ils ne voient rien).

Alors que je suis convaincu d'avoir "choper" une saloperie, car la machine répond régulièrement (et particulièrement sur le net) après un temps d'arrêt (au moins une seconde).

Avec mon petit outil de nettoyage (REGCLEANER) je vois des programmes qui se lancent au démarrage et qui ne sont nulle part (et quand je les suppriment, ils reviennent instantanément).
les noms des fichiers sont :
Boo
Hiberfil
lo
Msdos
Pagefile

Si quelqu'un connait une astuce pour me dépétrer de ce probleme.
Merci par avance

Autres pages sur : help infection indetectable

a b 8 Sécurité
20 Août 2008 23:14:26

Bonjour,

Qu'entends-tu par différemment ?
21 Août 2008 10:21:59

ça rame
l'ordi fait des "pauses" de plus de deux secondes sur le net !
Contenus similaires
a b 8 Sécurité
21 Août 2008 14:46:27

Re,

Ca ne veut pas dire infection :) 

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
22 Août 2008 08:47:29

Merci
c'est fait !
voici le résultat :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:46:47, on 22/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

a b 8 Sécurité
22 Août 2008 12:58:19

Pc apparemment propre.
22 Août 2008 14:52:59

alors je suis tombé sur une vraie "saloperie" si je peux me permettre l'expression.

si vous avez une astuce d'antivirus ou antispyware que je peux installer sur un CD bootable en mode sans echec, ce serait le mieux !

Merci par avance
a b 8 Sécurité
22 Août 2008 14:53:56

Nan mais c'est pas forcément une infection. Vraiment.
On dirait plus un pc qui freeze.
26 Août 2008 16:34:31

Re salut
visiblement c'est plus qu'un FREEZ
mon PC est bloqué, je ne peux aller sur certain sites.
j'ai essayé de passer antivirus et autre anti spyware, sans succés !!
revoici le rapport de HiJackThis
si vous pouvez de novueau m'aider.

Merci

Rapport :
---------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:34:14, on 26/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\samir\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [448c467f] rundll32.exe "C:\Windows\system32\wmcirddn.dll",b
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O13 - Gopher Prefix:
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O20 - AppInit_DLLs: APSHook.dll acaptuser32.dll
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot\SDWinSec.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6764 bytes
a b 8 Sécurité
26 Août 2008 17:47:49

Le log a évolué depuis.

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    27 Août 2008 10:39:02

    SAlut
    ça va beaucoup mieux !

    Merci bien !
    J'ai fait un mix de MalwaresBytes et Combofix (car combofix ne faisait que rebooter la machine dans un premier temps).
    Voici enfin le log de combofix :

    ComboFix 08-08-25.01 - samir 2008-08-27 8:12:20.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1201 [GMT 2:00]
    Endroit: C:\Users\samir\Desktop\ComboFix.exe
    * Création d'un nouveau point de restauration
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Windows\Help\chscxdyv.fy
    C:\Windows\system32\drivers\atmapi.sys
    C:\Windows\System32\xwHQqBeg.ini
    C:\Windows\System32\xwHQqBeg.ini2

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_TDSSSERV
    -------\Service_sysrest.sys
    -------\Service_tdssserv


    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-27 to 2008-08-27 ))))))))))))))))))))))))))))))))))))
    .

    2008-08-27 08:00 . 2008-08-27 08:00 <REP> d-------- C:\Users\samir\AppData\Roaming\Malwarebytes
    2008-08-27 08:00 . 2008-08-27 08:00 <REP> d-------- C:\ProgramData\Malwarebytes
    2008-08-27 08:00 . 2008-08-27 08:00 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-08-27 08:00 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
    2008-08-27 08:00 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
    2008-08-27 07:58 . 2008-08-27 08:11 <REP> d-------- C:\327882R2FWJFW
    2008-08-26 17:21 . 2008-08-26 17:21 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-08-26 17:16 . 2008-08-26 17:17 361,512,120 --a------ C:\Windows\MEMORY.DMP
    2008-08-26 11:48 . 2008-08-26 11:48 <REP> d-------- C:\ProgramData\Grisoft
    2008-08-25 10:49 . 2008-08-25 10:49 <REP> d-------- C:\Program Files\Avast4
    2008-08-25 10:49 . 2008-07-19 16:36 51,280 --a------ C:\Windows\System32\drivers\aswMonFlt.sys
    2008-08-22 14:11 . 2008-08-22 14:11 <REP> d--h----- C:\Windows\PIF
    2008-08-22 09:47 . 2008-08-22 09:47 98,816 --a------ C:\Windows\System32\das.an
    2008-08-22 09:47 . 2008-08-22 09:47 64,000 --a------ C:\Windows\System32\svgm.ck
    2008-08-22 09:47 . 2008-08-22 09:47 21,504 --a------ C:\Windows\System32\fmdc.rl
    2008-08-22 09:22 . 2008-08-22 09:22 54,156 --ah----- C:\Windows\QTFont.qfn
    2008-08-22 09:22 . 2008-08-22 09:22 1,409 --a------ C:\Windows\QTFont.for
    2008-08-19 15:42 . 2008-08-20 17:39 <REP> d-------- C:\Program Files\Passware
    2008-08-19 10:54 . 2008-08-19 10:54 <REP> d-------- C:\Windows\Downloaded Installations
    2008-08-18 13:53 . 2008-08-18 13:58 5 --a------ C:\Windows\System32\RavMonLog
    2008-08-14 12:28 . 1999-01-20 05:01 210,032 --a------ C:\Windows\System32\DBCLIENT.DLL
    2008-08-14 09:40 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32\tzres.dll
    2008-08-14 09:34 . 2008-06-27 03:55 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
    2008-08-14 09:34 . 2008-06-27 06:15 827,392 --a------ C:\Windows\System32\wininet.dll
    2008-08-14 09:34 . 2008-06-19 05:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
    2008-08-14 09:33 . 2008-04-10 07:12 738,304 --a------ C:\Windows\System32\inetcomm.dll
    2008-08-14 09:33 . 2008-04-18 07:48 269,312 --a------ C:\Windows\System32\es.dll
    2008-08-13 10:50 . 2008-08-13 10:50 <REP> d-------- C:\Program Files\Resco
    2008-08-13 10:50 . 2008-08-13 10:50 <REP> d-------- C:\Program Files\Microsoft ActiveSync
    2008-08-13 10:50 . 2004-11-22 12:48 70,656 --a------ C:\Windows\RSetupCE.exe
    2008-08-12 15:55 . 2008-08-12 15:55 13,025 --a------ C:\Users\samir\AppData\Roaming\nvModes.dat
    2008-08-12 09:56 . 2008-08-12 09:56 5,680 --a------ C:\Windows\System32\drivers\psntkd20.sys
    2008-08-11 10:44 . 2008-08-12 09:20 <REP> d-------- C:\Users\samir\AppData\Roaming\Ulead Systems
    2008-08-11 10:44 . 2008-08-11 10:44 <REP> d-------- C:\ProgramData\Ulead Systems
    2008-08-11 10:28 . 1998-11-18 16:33 144,384 --a------ C:\Windows\System32\Iacenc.dll
    2008-08-11 10:28 . 1997-06-13 08:56 56,832 --a------ C:\Windows\System32\Iyvu9_32.dll
    2008-08-11 10:26 . 2008-08-11 10:26 <REP> d-------- C:\ProgramData\SmartSound Software Inc
    2008-08-11 10:26 . 2008-08-11 10:26 <REP> d-------- C:\Program Files\SmartSound Software
    2008-08-11 10:25 . 2008-08-11 10:25 <REP> d-------- C:\ProgramData\InstallShield
    2008-08-11 10:25 . 2008-08-11 10:25 <REP> d-------- C:\Program Files\Windows Media Components
    2008-08-11 10:25 . 2008-08-20 08:54 216 --a------ C:\Windows\Ulead32.ini
    2008-08-11 10:23 . 2008-08-11 10:23 <REP> dr------- C:\Windows\System32\config\systemprofile\Searches
    2008-08-11 10:23 . 2008-08-11 10:23 <REP> dr------- C:\Windows\System32\config\systemprofile\Saved Games
    2008-08-11 10:23 . 2008-08-11 10:23 <REP> dr------- C:\Windows\System32\config\systemprofile\Links
    2008-08-11 10:22 . 2008-08-11 10:22 <REP> d-------- C:\Program Files\Ulead Systems
    2008-08-11 10:22 . 2008-08-11 10:22 <REP> d-------- C:\Program Files\Common Files\Ulead Systems
    2008-08-01 10:03 . 2008-08-01 10:03 <REP> d-------- C:\Windows\System32\config\systemprofile\AppData\Roaming\TeamViewer
    2008-08-01 08:39 . 2008-08-11 10:23 <REP> dr------- C:\Windows\System32\config\systemprofile\Pictures
    2008-08-01 08:39 . 2008-08-11 10:23 <REP> dr------- C:\Windows\System32\config\systemprofile\Music
    2008-08-01 08:39 . 2008-08-01 08:39 <REP> dr------- C:\Windows\System32\config\systemprofile\Downloads
    2008-08-01 08:38 . 2008-08-01 08:39 <REP> dr------- C:\Windows\System32\config\systemprofile\Videos
    2008-08-01 08:34 . 2008-08-11 10:23 <REP> dr------- C:\Windows\System32\config\systemprofile\Documents
    2008-07-29 15:47 . 2008-07-29 15:47 <REP> d-------- C:\Program Files\Common Files\Macrovision Shared
    2008-07-29 15:47 . 2008-04-07 05:38 45,392 -ra------ C:\Windows\System32\AdobePDF.dll
    2008-07-29 15:47 . 2008-04-07 05:38 22,872 -ra------ C:\Windows\System32\AdobePDFUI.dll
    2008-07-29 11:20 . 2008-07-29 13:32 <REP> d-------- C:\Users\samir\AppData\Roaming\Download Manager
    2008-07-29 09:57 . 2008-07-29 09:57 278,528 --------- C:\Windows\Setup1.exe
    2008-07-29 09:57 . 2008-07-29 09:57 73,216 --a------ C:\Windows\ST6UNST.EXE
    2008-07-27 12:50 . 2008-07-27 12:50 335 --a------ C:\Windows\nsreg.dat

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-08-26 14:42 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
    2008-08-21 07:51 --------- d-----w C:\ProgramData\Microsoft Help
    2008-08-20 15:04 --------- d-----w C:\Program Files\Google
    2008-08-20 13:52 --------- d-----w C:\Users\samir\AppData\Roaming\FileZilla
    2008-08-20 11:46 --------- d-----w C:\Users\samir\AppData\Roaming\uTorrent
    2008-08-19 08:57 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-08-19 08:37 --------- d-----w C:\Program Files\Microsoft Silverlight
    2008-08-14 10:31 --------- d-----w C:\Program Files\Windows Mail
    2008-08-11 08:28 --------- d-----w C:\Program Files\Intel
    2008-08-11 08:25 --------- d-----w C:\ProgramData\Apple Computer
    2008-08-11 08:22 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-08-11 08:10 --------- d-----w C:\Program Files\Spybot
    2008-08-05 12:28 --------- d-----w C:\Program Files\FileZilla FTP Client
    2008-07-29 18:13 --------- d-----w C:\Program Files\activePDF
    2008-07-29 13:47 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-07-27 10:55 --------- d-----w C:\Program Files\Xobni
    2008-06-19 07:13 91,744 ----a-w C:\Windows\BPMNT.dll
    2008-06-19 07:13 71,749 ----a-w C:\Windows\hcextoutput.dll
    2008-06-19 07:13 333,576 ----a-w C:\Windows\TSC.exe
    2008-06-19 07:13 1,213,784 ----a-w C:\Windows\vsapi32.dll
    2008-06-19 07:09 69,689 ----a-w C:\Windows\UNZIP.DLL
    2008-06-19 07:09 507,904 ----a-w C:\Windows\TMUPDATE.DLL
    2008-06-19 07:09 286,720 ----a-w C:\Windows\PATCH.EXE
    2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-03-19 09:06 174 --sha-w C:\Program Files\desktop.ini
    2007-08-09 12:08 8,784 ----a-w C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
    2007-08-09 12:10 245,408 ----a-w C:\Program Files\mozilla firefox\plugins\unicows.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
    "NoDispBackgroundPage"= 1 (0x1)
    "NoDispScrSavPage"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]
    "NoAutoUpdate"= 1

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=APSHook.dll acaptuser32.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.YV12"= yv12vfw.dll
    "vidc.i420"= i420vfw.dll
    "msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
    "msacm.MPEGacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
    "msacm.ulmp3acm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    --a------ 2008-01-19 09:33 202240 C:\Program Files\Windows Media Player\wmpnscfg.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "UacDisableNotify"=dword:00000001
    "InternetSettingsDisableNotify"=dword:00000001
    "AutoUpdateDisableNotify"=dword:00000001
    "UpdatesDisableNotify"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{E498BA1D-7285-438F-A7C8-6C4B821451A3}"= Profile=Private|C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{F8AB39F7-F8CD-47EB-BC12-E260A9787CAF}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{61A405CE-ECA3-4B04-AF18-5EC84E1A32A8}"= UDP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.1
    "{F0142E74-A042-4ECF-A432-B8F922304B05}"= TCP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.1
    "{C5C23FEB-E08B-4729-99C6-BA21BE5DA9C1}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
    "{2714E2CA-6291-42E9-9C59-0E403C764508}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
    "{C52BB4DD-F10E-40EA-9CDA-11CF6CCA6D9B}"= UDP:1034:LocalSubnet:LocalSubnet|IF={8576ED6E-BAA3-432A-81CC-95DCF97480BB}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
    "{DB8CC247-E48E-49A3-A3BB-ADB6D1EAB500}"= UDP:5678:LocalSubnet:LocalSubnet|IF={8576ED6E-BAA3-432A-81CC-95DCF97480BB}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
    "{C4397030-18D1-4647-BC97-2C9F239160D7}"= UDP:999:LocalSubnet:LocalSubnet|IF={8576ED6E-BAA3-432A-81CC-95DCF97480BB}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
    "{D550476D-9382-44F6-9A72-4DDDBE441685}"= UDP:26675:LocalSubnet:LocalSubnet|IF={8576ED6E-BAA3-432A-81CC-95DCF97480BB}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
    "TCP Query User{1A5944DF-B11A-4874-9BBE-93C694573D34}C:\\program files\\ultravnc\\winvnc.exe"= UDP:C:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
    "UDP Query User{F354A96C-0ABF-4324-8F7A-094DE797D75F}C:\\program files\\ultravnc\\winvnc.exe"= TCP:C:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
    "TCP Query User{FFBC3C47-8A81-4F7A-8716-B7EF8B70275E}C:\\program files\\ultravnc\\winvnc.exe"= UDP:C:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
    "UDP Query User{970CEAC7-AE5C-48C6-98BC-155732F37ED3}C:\\program files\\ultravnc\\winvnc.exe"= TCP:C:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
    "TCP Query User{0F1BE759-F473-40A5-8796-0873A4316BEA}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
    "UDP Query User{19F7A325-1546-4191-A88F-2EBD8C0D973B}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
    "{0F608306-D2B2-487A-9292-353523F1F0F1}"= UDP:1034:LocalSubnet:LocalSubnet|IF={8576ED6E-BAA3-432A-81CC-95DCF97480BB}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
    "{00A56DA8-AB76-4D48-AC29-BADFF079FA8C}"= UDP:5678:LocalSubnet:LocalSubnet|IF={8576ED6E-BAA3-432A-81CC-95DCF97480BB}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
    "{7F0541DD-4F05-44AE-A9CF-0394AE3BBA03}"= UDP:999:LocalSubnet:LocalSubnet|IF={8576ED6E-BAA3-432A-81CC-95DCF97480BB}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
    "{AFA6FB8A-00A0-4512-97CE-D2B752C3E43A}"= UDP:26675:LocalSubnet:LocalSubnet|IF={8576ED6E-BAA3-432A-81CC-95DCF97480BB}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
    "{18FB49F9-48E7-4137-87BB-68D96DBE988B}"= Profile=Private|C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{5DE0D85F-D385-4D9F-8095-C7BB2DE47CE0}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
    "{9B3E3C8D-BC69-4319-8C41-963E8F09A852}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
    "TCP Query User{2E0866AA-D4E6-461E-B1F9-944E157069F2}C:\\program files\\sony ericsson\\update service\\update service.exe"= UDP:C:\program files\sony ericsson\update service\update service.exe:Update Service
    "UDP Query User{477A4BFF-8FE5-4283-955B-1653FCD9FFB7}C:\\program files\\sony ericsson\\update service\\update service.exe"= TCP:C:\program files\sony ericsson\update service\update service.exe:Update Service
    "{052B39A8-7AD3-4574-901F-AE61D42ADA2A}"= UDP:80:HTTP
    "{25A047ED-5BF1-4269-BE6E-3D610A8F70F8}"= TCP:137:10.0.0.0/255.0.0.0:127.0.0.0/255.0.0.0:172.16.0.0/255.240.0.0:192.168.0.0/255.255.0.0:p eer2Me - Allow Netbios IN (UDP/137)
    "{9B12A427-9993-465E-AEB2-CCF6F66F0B8C}"= TCP:138:10.0.0.0/255.0.0.0:127.0.0.0/255.0.0.0:172.16.0.0/255.240.0.0:192.168.0.0/255.255.0.0:p eer2Me - Allow Netbios IN (UDP/138)
    "{0350C2E6-6B22-4FD2-A527-AAF205FD59BF}"= UDP:139:10.0.0.0/255.0.0.0:127.0.0.0/255.0.0.0:172.16.0.0/255.240.0.0:192.168.0.0/255.255.0.0:p eer2Me - Allow Netbios IN (TCP/139)
    "{F195A172-57FD-4950-9357-8EC319F5F4F3}"= UDP:445:10.0.0.0/255.0.0.0:127.0.0.0/255.0.0.0:172.16.0.0/255.240.0.0:192.168.0.0/255.255.0.0:p eer2Me - Allow Netbios IN (TCP/445)
    "TCP Query User{C1B07E93-FBA9-4A9E-8A45-8C7275DEF9EA}C:\\users\\samir\\desktop\\dreamset213\\dreamset.exe"= UDP:C:\users\samir\desktop\dreamset213\dreamset.exe:D reamset.exe
    "UDP Query User{000A1D41-C122-47CF-B953-BA1919484845}C:\\users\\samir\\desktop\\dreamset213\\dreamset.exe"= TCP:C:\users\samir\desktop\dreamset213\dreamset.exe:D reamset.exe
    "TCP Query User{E64035DC-4AAD-4D57-924F-9053B40B4674}C:\\program files\\filezilla ftp client\\filezilla.exe"= UDP:C:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
    "UDP Query User{7501CC3E-9E87-4F82-9D62-ED9931503FDF}C:\\program files\\filezilla ftp client\\filezilla.exe"= TCP:C:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
    "TCP Query User{5C0B691A-29BA-47C6-B87B-AF957B8867BF}C:\\program files\\teamviewer3\\teamviewer.exe"= UDP:C:\program files\teamviewer3\teamviewer.exe:Application de pilotage à distance TeamViewer
    "UDP Query User{FDC708F0-4124-4F26-B0AA-8EFA3243B21D}C:\\program files\\teamviewer3\\teamviewer.exe"= TCP:C:\program files\teamviewer3\teamviewer.exe:Application de pilotage à distance TeamViewer
    "TCP Query User{F19C954D-1486-49D2-B358-ABCF28CF61AB}C:\\users\\samir\\appdata\\local\\temp\\ir_ext_temp_0\\autoplay\\docs\\commtest\\commtest.exe"= UDP:C:\users\samir\appdata\local\temp\ir_ext_temp_0\autoplay\docs\commtest\commtest.exe:commtest.exe
    "UDP Query User{8D81C2CC-4E53-41C9-8887-78D0691C6DDE}C:\\users\\samir\\appdata\\local\\temp\\ir_ext_temp_0\\autoplay\\docs\\commtest\\commtest.exe"= TCP:C:\users\samir\appdata\local\temp\ir_ext_temp_0\autoplay\docs\commtest\commtest.exe:commtest.exe
    "{4591AFF8-4856-40FB-BAA7-FF9434DC832D}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
    "{92BB6809-2806-446D-8DBC-EA93EBFFFEA3}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
    "TCP Query User{1C539D27-9E06-4E52-AB67-5FD4A39FAA5E}C:\\program files\\homeplayer\\homeplayer.exe"= UDP:C:\program files\homeplayer\homeplayer.exe:HomePlayer
    "UDP Query User{74CB0E2C-CBDE-4671-8A58-652D42405250}C:\\program files\\homeplayer\\homeplayer.exe"= TCP:C:\program files\homeplayer\homeplayer.exe:HomePlayer
    "TCP Query User{232FE0EA-9007-4A51-8255-1DFE1597CB49}C:\\program files\\filezilla ftp client\\filezilla.exe"= UDP:C:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
    "UDP Query User{C70BD9A3-408B-4C88-AD9B-829BC0091BC7}C:\\program files\\filezilla ftp client\\filezilla.exe"= TCP:C:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
    "{878B09A3-5F32-487A-B057-30EE866C9FA0}"= Disabled:C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{85CCF88B-1E8D-471B-8927-A5EE4A6F8AA8}"= Disabled:C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{A96D395A-F551-4ED1-B7D5-9A0110EB53F3}"= UDP:C:\Windows\Temp\.tt5FB3.tmp:enable
    "{7D1DE353-4371-4D8C-826B-2FA39D1EE7E1}"= TCP:C:\Windows\Temp\.tt5FB3.tmp:enable

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 16:35]
    R1 ItSDisk;ItSDisk;C:\Windows\system32\Drivers\ItSDisk.sys [2006-05-16 19:13]
    R1 PersonalSecureDrive;PersonalSecureDrive;C:\Windows\system32\drivers\psd.sys [2007-01-23 14:07]
    R2 ASBroker;Courtier de session de connexion;C:\Windows\System32\svchost.exe [2008-01-19 09:33]
    R2 ASChannel;Canal de communication local;C:\Windows\System32\svchost.exe [2008-01-19 09:33]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
    R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 16:36]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\system32\drivers\LMIRfsDriver.sys [2007-08-03 16:09]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot\SDWinSec.exe [2008-07-30 14:45]
    R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;C:\Windows\System32\StkCSrv.exe [2007-04-19 00:42]
    R3 RTSTOR;USB Mass Storage Device;C:\Windows\system32\drivers\RTSTOR.SYS [2007-05-12 05:09]
    R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;C:\Windows\system32\Drivers\StkCMini.sys [2007-06-06 04:40]
    S4 TINEKGWD;TINEKGWD;C:\Users\samir\AppData\Local\Temp\TINEKGWD.exe []
    S4 XobniService;XobniService;C:\Program Files\Xobni\XobniService.exe [2008-07-18 22:18]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    Cognizance REG_MULTI_SZ ASBroker ASChannel
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
    \shell\AutoRun\command - G:\jix9a.bat
    \shell\explore\Command - G:\jix9a.bat
    \shell\open\Command - G:\jix9a.bat

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1dc210a-4789-11dd-bf17-001b77e74bad}]
    \shell\AutoRun\command - G:\DPFMate.exe
    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

    2008-08-21 C:\Windows\Tasks\Security Platform Backup Schedule.job
    - C:\Program Files\Infineon\Security Platform Software\SpBackupWz.exe [2007-02-22 16:25]

    2008-08-26 C:\Windows\Tasks\User_Feed_Synchronization-{DC9EE66E-81B7-412E-AA64-A4E59E36C07F}.job
    - C:\Windows\system32\msfeedssync.exe [2008-01-19 09:33]
    .
    - - - - ORPHANS REMOVED - - - -

    MSConfigStartUp-OXNotifier - C:\Program Files\Outlook OXtender\OXNotifier.exe


    .
    ------- Supplementary Scan -------
    .
    FireFox -: Profile - C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\n67r9cao.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.gouzigouzi.fr/
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 4\plugins\npnul32.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-27 08:51:27
    Windows 6.0.6001 Service Pack 1 NTFS

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Windows\System32\audiodg.exe
    C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files\Avast4\aswUpdSv.exe
    C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    C:\Program Files\Avast4\ashServ.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Windows\System32\IFXSPMGT.exe
    C:\Windows\System32\IFXTCS.exe
    C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
    C:\Windows\System32\IfxPsdSv.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\System32\iashost.exe
    C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
    C:\Windows\System32\conime.exe
    C:\Program Files\ATK Hotkey\HControl.exe
    C:\Program Files\ATKOSD2\ATKOSD2.exe
    C:\Program Files\ASUS\Splendid\ACMON.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Program Files\Avast4\ashMaiSv.exe
    C:\Program Files\Avast4\ashWebSv.exe
    C:\Windows\System32\ACEngSvr.exe
    C:\Program Files\ATK Hotkey\ATKOSD.exe
    C:\Program Files\ATK Hotkey\KBFiltr.exe
    C:\Windows\System32\wbem\unsecapp.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\wbem\WMIADAP.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-08-27 8:57:28 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-08-27 06:57:05

    Pre-Run: 31,504,351,232 octets libres
    Post-Run: 30,451,064,832 octets libres

    289 --- E O F --- 2008-08-21 07:51:39


    Merci de m'aider à voir si tout est OK !!
    Merci
    a b 8 Sécurité
    27 Août 2008 14:46:06

    Reposte un rapport Hijackthis.
    27 Août 2008 14:52:10

    voici le rapport, et encore merci !!!

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:49:25, on 27/08/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
    O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O13 - Gopher Prefix:
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O20 - AppInit_DLLs: APSHook.dll
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
    O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 5592 bytes
    a b 8 Sécurité
    27 Août 2008 18:02:39

    Quel est ton antivirus ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS