Se connecter / S'enregistrer
Votre question

PC qui redemarre tout seule(J'ai déja fait les rapport)

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
23 Mars 2008 23:39:42

Bonjour,

Alors mon probleme est celui-ci. Mon PC redémarre tout seule ! Je ne comprend pas pourquoi mais d'un coup il redemarre...Pour nous faire gagner du temp, j'ai fait quelque rapport qui permetront de m'aider.

Rapport HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:28:53, on 23/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Dofus\Dofus.exe
C:\Program Files\Dofus\dofus.dll
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_2\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_2\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7000 bytes

Rapport ComboFix:


ComboFix 08-03-23.2 - HP_Propriétaire 2008-03-23 23:34:31.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.113 [GMT 1:00]
Endroit: C:\Documents and Settings\HP_Propriétaire\Application Data\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\kmd.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-23 to 2008-03-23 ))))))))))))))))))))))))))))))))))))
.

2008-03-22 16:24 . 2008-03-22 16:33 <REP> d-------- C:\Program Files\Dofus
2008-03-17 16:58 . 2008-03-17 16:59 <REP> d-------- C:\Program Files\AutoIt3
2008-03-11 13:02 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-03-11 13:02 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\dllcache\usbprint.sys
2008-03-06 12:29 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-03-06 12:29 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-03-06 12:29 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-03-06 12:29 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-03-06 12:29 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-03-06 12:29 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-03-06 12:29 . 2003-11-04 15:11 159,744 --a------ C:\WINDOWS\system32\lfpng13n.dll
2008-03-06 12:29 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-03-06 12:29 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2008-03-04 20:14 . 2008-03-04 20:16 <REP> d-------- C:\Program Files\Ghost Navigator2_8_2
2008-03-04 17:51 . 2008-03-04 17:51 307,968 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-03-04 17:51 . 2008-02-27 13:15 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-03-04 16:23 . 2007-12-07 03:08 6,066,176 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-03-04 16:23 . 2007-07-01 04:31 2,455,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-03-04 16:23 . 2007-07-01 04:36 1,048,576 --------- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-03-04 16:23 . 2007-12-07 03:08 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-03-04 16:23 . 2007-12-07 03:08 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-03-04 16:23 . 2007-12-07 03:08 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-03-04 16:23 . 2007-12-07 03:08 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2008-03-04 16:23 . 2007-12-07 03:08 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-03-04 16:23 . 2007-12-06 12:00 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-03-04 16:22 . 2008-03-04 16:23 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-03-04 16:15 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-04 16:02 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-03-04 16:02 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-03-04 16:02 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-03-03 22:13 . 2008-03-03 22:13 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-03 19:29 . 2007-02-28 17:02 2,182,400 --------- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-03-03 19:29 . 2007-02-28 17:02 2,138,112 --------- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-03-03 19:29 . 2007-02-28 17:02 2,059,648 --------- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-03-03 19:29 . 2007-02-28 17:02 2,017,792 --------- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-03-03 19:09 . 2008-03-03 22:13 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-03-03 17:45 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-03-03 11:21 . 2004-08-06 02:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-03-03 11:21 . 2008-03-03 11:21 1,844 -rahs---- C:\WINDOWS\system32\drivers\103C_HP_CPC_PX610AA-ABF t3028.fr_YC_0Pavi_QCZB520_E52FRheBLF2_47_ISalmon_SASUSTek Computer INC._V1.04_B3.12_T050420_WXH2_L40C_M512_J160_7AMD_8Sempron_91.81_#060913_N10390900_Z11C1048C_G10DE0322.MRK
2008-03-03 11:20 . 2006-09-13 02:54 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\WINDOWS
2008-03-03 11:20 . 2006-09-13 02:54 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\WINDOWS
2008-03-03 11:20 . 2008-03-03 11:23 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Voisinage réseau
2008-03-03 11:20 . 2008-03-03 11:23 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Voisinage réseau
2008-03-03 11:20 . 2004-11-24 09:37 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Voisinage d'impression
2008-03-03 11:20 . 2004-11-24 09:37 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Voisinage d'impression
2008-03-03 11:20 . 2008-03-03 11:23 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Modèles
2008-03-03 11:20 . 2008-03-03 11:23 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Modèles
2008-03-03 11:20 . 2008-03-22 20:16 <REP> dr------- C:\Documents and Settings\HP_Propriétaire\Mes documents
2008-03-03 11:20 . 2008-03-22 20:16 <REP> dr------- C:\Documents and Settings\HP_Propriétaire\Mes documents
2008-03-03 11:20 . 2008-03-03 11:22 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer
2008-03-03 11:20 . 2008-03-03 11:22 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer
2008-03-03 11:20 . 2008-03-03 11:22 <REP> dr------- C:\Documents and Settings\HP_Propriétaire\Favoris
2008-03-03 11:20 . 2008-03-03 11:22 <REP> dr------- C:\Documents and Settings\HP_Propriétaire\Favoris
2008-03-03 11:20 . 2008-03-23 22:47 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Bureau
2008-03-03 11:20 . 2008-03-23 22:47 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Bureau
2008-03-03 11:20 . 2008-03-03 11:22 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Symantec
2008-03-03 11:20 . 2006-09-13 03:03 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\SampleView
2008-03-03 11:20 . 2006-09-13 02:53 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Apple Computer
2008-03-03 11:18 . 2006-09-13 02:54 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\WINDOWS
2008-03-01 18:26 . 2008-03-01 18:26 <REP> d-------- C:\Program Files\Valve

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-16 17:28 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Vidalia
2008-03-16 17:26 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Tor
2008-03-16 13:59 --------- d-----w C:\Program Files\eMule
2008-03-14 22:31 --------- d-----w C:\Program Files\Windows Live
2008-03-14 22:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-08 10:21 --------- d-----w C:\Program Files\Java
2008-03-04 16:51 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-03-04 16:49 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-04 15:19 --------- d-----w C:\Program Files\Google
2008-03-04 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
2008-03-03 21:28 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-03 18:17 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-03-03 18:17 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-03-03 18:17 --------- d-----w C:\Program Files\MSN Messenger
2008-03-03 18:17 --------- d-----w C:\Program Files\Microsoft Works
2008-03-03 18:17 --------- d-----w C:\Program Files\LimeWire
2008-03-03 18:17 --------- d-----w C:\Program Files\Easy Internet signup
2008-03-03 18:17 --------- d-----w C:\Program Files\DivX
2008-03-03 18:17 --------- d-----w C:\Program Files\CamStudio
2008-03-03 10:32 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-03-03 10:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-03 10:31 --------- d-----w C:\Program Files\Symantec
2008-03-03 10:21 1,844 --sha-r C:\WINDOWS\system32\drivers\103C_HP_CPC_PX610AA-ABF t3028.fr_YC_0Pavi_QCZB520_E52FRheBLF2_47_ISalmon_SASUSTek Computer INC._V1.04_B3.12_T050420_WXH2_L40C_M512_J160_7AMD_8Sempron_91.81_#060913_N10390900_Z11C1048C_G10DE0322.MRK
2008-02-28 18:18 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Screenshot Sender
2008-02-22 21:03 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-02-21 22:15 --------- d-----w C:\Program Files\Opera
2008-02-13 15:51 --------- d-----w C:\Program Files\Veoh Networks
2008-02-08 20:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-08 18:56 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-08 18:56 --------- d-----w C:\Program Files\Avira
2008-02-08 18:55 --------- d-----w C:\Program Files\Windows Journal Viewer
2008-02-08 18:54 --------- d-----w C:\Program Files\Fichiers communs\Teleca Shared
2008-02-08 18:54 --------- d-----w C:\Program Files\ArtMoney
2008-02-08 18:52 --------- d-----w C:\Program Files\Cheat Engine
2008-02-08 18:50 --------- d-----w C:\Program Files\Vidalia Bundle
2008-02-08 18:49 --------- d-----w C:\Program Files\Lavasoft
2008-02-07 21:29 --------- d-----w C:\Program Files\Intuisphere
2008-01-30 16:05 17,186 ----a-w C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat
2008-01-11 05:36 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-11-24 20:24 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-11-07 18:41 6,613 ----a-w C:\Program Files\BURHAN.txt
2007-10-24 18:01 14 ----a-w C:\Program Files\nomutil.txt
2007-06-29 18:05 5,818 ----a-w C:\Program Files\log.txt
2006-11-05 16:25 54,030 ----a-w C:\Program Files\log_cd0.txt
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-06 02:00 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-07 13:09 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 00:04 52736]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-30 04:23 4603904]
"nwiz"="nwiz.exe" [2004-09-30 04:23 921600 C:\WINDOWS\system32\nwiz.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-30 01:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-08 02:53 49152]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-08 02:43 659456]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-12 03:02 61440]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-10-13 22:04 278528]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-15 04:43 233472]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-08 04:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2004-10-26 05:17 90112]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-15 05:54 253952]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [2004-12-14 00:23 663552]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-31 11:42 249896]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Privoxy.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Privoxy.lnk
backup=C:\WINDOWS\pss\Privoxy.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
--a------ 2007-06-02 04:27 12112384 C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\big_next\\counter-strike\\hl.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\big_next\\condition zero\\hl.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\big_next\\day of defeat\\hl.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-06 02:00]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 13:08]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-04 17:51]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0341065e-96bd-11d9-b51a-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-03 10:25:16 C:\WINDOWS\Tasks\Connexion facile à Internet.job"
- C:\Program Files\Easy Internet signup\HPSdpApp.exe
"2008-03-23 22:00:02 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
"2006-09-13 02:12:53 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
"2008-03-23 21:59:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-23 23:37:57
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-23 23:38:56
ComboFix-quarantined-files.txt 2008-03-23 22:38:47
ComboFix2.txt 2008-02-10 10:55:50
ComboFix3.txt 2007-12-29 23:01:26
.
2008-03-12 10:53:47 --- E O F ---


Eu aussi, quand j'ai lancez combofix, ma barre de tache est devenu noir et les icone de mon bureau ne sont plus la est-ce normale?

Autres pages sur : redemarre seule fait rapport

25 Mars 2008 11:46:37

Vraiment personne? :'( 
Contenus similaires
26 Mars 2008 16:57:26

Laissez tomber...
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS