Eradiquer un virus de type Bagle?

On passe à la vitesse supérieure alors.

Fais ceci, unquement si tu es sous XP 32bits.


/!\ ATTENTION SUIVRE À LA LETTRE CES INDICATIONS/!\

__________________________________________________________
>>>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<<<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : DANGEREUX ! <<<<<<<<
=====================================================

? Surtout, pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur. Tout simplement car il ne sera pas détécté par l'infection.

Télécharge Combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\Choisis la version adéquate (32 ou 64 bits)/!\

=>Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

? Télécharge Defogger (de jpshortstuff) sur ton Bureau : http://www.jpshortstuff.247fixes.com/Defogger.exe

? Lance-le : Utilisateurs de Vista et Seven => Clic droit : Éxécuter en tant qu'administrateur.

Une fenêtre apparait : clique sur "Disable"

? Fais redémarrer l'ordinateur si l'outil te le demande.

>> N.B : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable" <<

_________________________________________________________

>> Referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

Si tu as XP => double clique .
Si tu as Windows Vista ou Windows 7 => clic droit "Éxecuter en tant que Administrateur"

Sur le combofix renommé.

¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤

? !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....), sauf si l'outil te le demande !!!!! Cela peut planter complètement ton système !!!

? N'oublie pas de réactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

?? Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.


Si tu as des questions sur l'utilisation de Combofix, n'hésite pas à me les poser !

@+

Gabriel.

Plusieurs questions:

- Comment je peux vérifier si je suis sous XP 32 bit?
- Comment renommer combofix avant de l'enregistrer? En le sélectionnant dans la page des téléchargements ou est ce déjà trop tard?
- Je dois réactiver mes antivirus et anti-spyware avant de me reconnecter à internet, est ce que cela veut dire que je dois me déconnecter d'internet avant de lancer combofix?

J'ai oublié une autre question. Est ce que je dois connecter mes supports externes (disques durs, clefs Usb, etc...) comme pour MBAM?

a+

Salut,

Non, laisse tout déconnecté.
Tu es bien sous XP 32bits, ou du moins, c'est ce qui est dit sur les rapports.

Tu fais enregistrer sous : Tonprenom.exe
@+

Gabriel.

Salut,

Merci encore pour votre aide car je dois avouer que cella ressemble à du chinois pour moi.

a+

Voici le rapport combofix:


ComboFix 11-10-15.04 - JEAN-MICHEL 16/10/2011 17:45:32.1.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1024.722 [GMT 2:00]
Lancé depuis: c:\documents and settings\JEAN-MICHEL\Bureau\jmj.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Lavasoft Ad-Watch Live! Antivirus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: Sophos Anti-Virus *Disabled/Outdated* {3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD}
.
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\hpe27.dll
c:\documents and settings\All Users\Application Data\hpeC5.dll
c:\documents and settings\CHRISTELE\WINDOWS
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\GUILLAUME\WINDOWS
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\159812.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\160062.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\160328.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\160625.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\160937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\161015.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\161125.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\161593.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\162000.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\162125.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\162437.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\164359.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\166828.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\167078.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\167328.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\167437.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\167562.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\167953.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\168312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\168921.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\169781.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\169937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\170156.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\173875.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\177187.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\177671.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\178875.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\179312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\179734.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\179984.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\180265.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\181578.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\182968.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\184359.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\185703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\186203.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\186734.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\187125.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\187562.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\188437.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\189312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\189781.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\190296.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\190500.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\190625.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\190750.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\190906.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\191843.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\192812.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\193171.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\193562.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\194343.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\194906.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\195046.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\195203.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\195484.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\195812.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\196500.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\197046.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\218312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\219296.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\220328.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\220703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\221109.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\221281.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\221437.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\221593.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\221781.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\221937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\222140.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\222531.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\222828.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\224468.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\225953.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\227187.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\228359.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\228515.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\228671.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\228843.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\228968.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\229234.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\229546.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\230031.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\230546.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\231109.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\274000.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\274171.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\274312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\274453.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\274593.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\274921.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\275281.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\275453.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\275671.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\276078.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\276375.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\276515.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\276703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\276781.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\276906.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\277281.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\277703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\277937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\320187.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\320312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\320421.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\320640.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\320828.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\320984.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\321140.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\321343.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\321515.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\321921.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\322531.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\323171.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\323734.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\323906.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\324078.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\324406.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\324625.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\325078.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\325421.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\326234.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\326703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\329562.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\331984.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\332203.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\332406.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\332578.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\342359.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\342765.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\343109.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\343625.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\344171.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\344500.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\345171.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\345453.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\345750.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\347859.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\350015.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\350187.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\350359.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\350687.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\350937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\357359.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\363421.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\363875.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\364343.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\364656.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\364968.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\365312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\365578.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\365671.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\365812.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\365937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\366109.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\366500.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\366906.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\367421.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\368031.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\368234.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\368421.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\368703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\368984.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\369078.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\369203.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\369750.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\370281.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\370421.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\370578.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\370687.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\370828.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\370921.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\371046.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\371578.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\372125.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\372640.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\373234.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\373500.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\373812.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\374203.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\374515.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\374625.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\374781.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\376078.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\377421.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\377546.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\377703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\377906.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\378187.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\378453.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\378750.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\378828.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\378937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\379296.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\379687.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\379812.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\380015.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\389031.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\391265.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\391484.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\391734.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\391812.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\391937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\392265.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\392703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\393234.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\393984.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\394171.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\394484.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\397953.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\401500.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\401812.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\402718.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\403109.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\403515.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\403765.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\404046.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\405531.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\407140.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\408437.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\409859.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\410375.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\410921.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\411296.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\411734.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\412593.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\413484.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\413937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\414453.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\414531.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\414671.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\414781.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\414937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\415875.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\416906.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\417265.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\417656.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\418187.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\418812.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\418937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\419109.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\419406.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\419750.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\420218.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\420796.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\442015.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\442937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\443890.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\444265.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\444765.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\444875.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\445046.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\445171.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\445375.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\445515.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\445718.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\446046.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\446453.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\447687.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\449140.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\455781.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\463843.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\463968.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\464140.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\464203.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\464343.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\464578.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\464859.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\465312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\465859.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\466437.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\509015.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\509109.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\509296.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\509390.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\509546.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\509843.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\510187.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\510359.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\510578.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\510812.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\511125.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\511250.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\511406.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\511468.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\511593.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\511953.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\512390.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\512468.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\554546.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\554625.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\554796.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\554953.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\555734.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\555843.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\556000.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\556125.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\556312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\556703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\557156.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\557703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\558312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\558406.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\558546.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\558703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\558890.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\559171.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\559531.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\560062.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\560625.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\562875.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\565171.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\565296.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\565484.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\565593.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\570468.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\570765.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\571125.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\571609.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\572156.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\572453.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\573062.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\573312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\573609.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\575703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\577843.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\578000.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\578203.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\578734.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\578968.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\584937.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\590687.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\591109.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\591562.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\591843.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\592187.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\592437.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\592703.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\592796.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\592921.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\593031.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\593218.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\593593.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\594031.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\594578.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\595140.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\595281.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\595468.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\595718.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\596000.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\596062.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\596171.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\596562.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\597031.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\597156.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\597328.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\597437.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\597562.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\597656.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\597765.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\598281.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\598828.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\599375.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\599953.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\600328.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\600640.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\600906.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\601218.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\601312.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\601453.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\downld\602734.exe
c:\documents and settings\JEAN-MICHEL\Application Data\drivers\winupgro.exe
c:\documents and settings\JEAN-MICHEL\Application Data\Install.dat
c:\documents and settings\JEAN-MICHEL\Local Settings\Application Data\eiwguge.dat
c:\documents and settings\JEAN-MICHEL\Local Settings\Application Data\eiwguge_nav.dat
c:\documents and settings\JEAN-MICHEL\Local Settings\Application Data\eiwguge_navps.dat
c:\documents and settings\JEAN-MICHEL\Mes documents\Readiris.DUS
c:\documents and settings\JEAN-MICHEL\WINDOWS
c:\program files\messenger\msmsgsin.exe
c:\program files\SoftwareOnline
c:\program files\SoftwareOnline\soproc.exe
c:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\readme.txt
c:\windows\bwUnin-6.1.4.36-8876480L.exe
c:\windows\bwUnin-6.1.4.68-8876480L.exe
c:\windows\bwUnin-7.2.0.137-8876480SL.exe
c:\windows\bwUnin-7.2.0.157-8876480SL.exe
c:\windows\Fonts\acrsec.fon
c:\windows\Fonts\acrsecB.fon
c:\windows\Fonts\acrsecI.fon
c:\windows\install.exe
c:\windows\iun6002.exe
c:\windows\smdat32m.sys
c:\windows\system32\_004219_.tmp.dll
c:\windows\system32\_004220_.tmp.dll
c:\windows\system32\_004221_.tmp.dll
c:\windows\system32\_004228_.tmp.dll
c:\windows\system32\_004229_.tmp.dll
c:\windows\system32\_004230_.tmp.dll
c:\windows\system32\_004231_.tmp.dll
c:\windows\system32\_004232_.tmp.dll
c:\windows\system32\_004233_.tmp.dll
c:\windows\system32\_004234_.tmp.dll
c:\windows\system32\_004235_.tmp.dll
c:\windows\system32\_004236_.tmp.dll
c:\windows\system32\_004238_.tmp.dll
c:\windows\system32\_004239_.tmp.dll
c:\windows\system32\_004240_.tmp.dll
c:\windows\system32\_004242_.tmp.dll
c:\windows\system32\_004244_.tmp.dll
c:\windows\system32\_004245_.tmp.dll
c:\windows\system32\_004246_.tmp.dll
c:\windows\system32\_004250_.tmp.dll
c:\windows\system32\_004251_.tmp.dll
c:\windows\system32\_004252_.tmp.dll
c:\windows\system32\_004253_.tmp.dll
c:\windows\system32\_004254_.tmp.dll
c:\windows\system32\_004255_.tmp.dll
c:\windows\system32\_004256_.tmp.dll
c:\windows\system32\_004258_.tmp.dll
c:\windows\system32\_004259_.tmp.dll
c:\windows\system32\_004260_.tmp.dll
c:\windows\system32\_004261_.tmp.dll
c:\windows\system32\_004264_.tmp.dll
c:\windows\system32\_004265_.tmp.dll
c:\windows\system32\_004266_.tmp.dll
c:\windows\system32\_004267_.tmp.dll
c:\windows\system32\_004268_.tmp.dll
c:\windows\system32\_004269_.tmp.dll
c:\windows\system32\_004270_.tmp.dll
c:\windows\system32\_004272_.tmp.dll
c:\windows\system32\_004273_.tmp.dll
c:\windows\system32\_004274_.tmp.dll
c:\windows\system32\_004275_.tmp.dll
c:\windows\system32\_004276_.tmp.dll
c:\windows\system32\_004278_.tmp.dll
c:\windows\system32\_004280_.tmp.dll
c:\windows\system32\_004281_.tmp.dll
c:\windows\system32\_004282_.tmp.dll
c:\windows\system32\_004286_.tmp.dll
c:\windows\system32\_004287_.tmp.dll
c:\windows\system32\_004289_.tmp.dll
c:\windows\system32\_004292_.tmp.dll
c:\windows\system32\_004294_.tmp.dll
c:\windows\system32\_004296_.tmp.dll
c:\windows\system32\_004297_.tmp.dll
c:\windows\system32\_004300_.tmp.dll
c:\windows\system32\_004301_.tmp.dll
c:\windows\system32\_004302_.tmp.dll
c:\windows\system32\_004303_.tmp.dll
c:\windows\system32\_004304_.tmp.dll
c:\windows\system32\_004309_.tmp.dll
c:\windows\system32\4c99mnau.dat
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\srosa2.sys
c:\windows\system32\wfsintwq.sys
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
-------\Service_srosa
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-09-16 au 2011-10-16 ))))))))))))))))))))))))))))))))))))
.
.
2011-10-16 14:49 . 2011-10-16 14:49 -------- d-----w- c:\documents and settings\JEAN-MICHEL\Application Data\Malwarebytes
2011-10-16 14:33 . 2011-10-16 14:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-10-16 14:32 . 2011-10-16 14:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-16 14:32 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-15 15:00 . 2011-10-16 12:33 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-10-15 14:56 . 2011-10-16 12:33 -------- d-----w- C:\ZHP
2011-10-15 14:56 . 2011-10-16 12:33 -------- d-----w- c:\program files\ZHPDiag
2011-10-12 20:07 . 2011-10-12 20:13 -------- d-----w- c:\program files\VS Revo Group
2011-10-12 15:42 . 2011-10-16 15:58 -------- d--h--w- c:\documents and settings\JEAN-MICHEL\Application Data\drivers
2011-09-25 15:54 . 2011-09-25 15:54 -------- d-----w- c:\program files\FreeTime
2011-09-25 15:20 . 2011-09-25 15:20 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-09 09:12 . 2002-09-23 13:10 606208 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45 . 2010-08-09 20:48 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 18:11 . 2011-09-06 18:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2005-06-26 14:46 . 2005-06-26 14:47 774144 -c----w- c:\program files\RngInterstitial.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 1207080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HTpatch"="c:\windows\htpatch.exe" [2002-10-30 28672]
"LVCOMS"="c:\program files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2002-09-20 90112]
"LTSMMSG"="LTSMMSG.exe" [2002-07-20 32768]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"nwiz"="nwiz.exe" [2002-11-06 315392]
"ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-05 1468256]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2002-11-06 4243456]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
.
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\
hp psc 2000 Series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2002-6-27 323646]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"ForceStartMenuLogoff"= 1 (0x1)
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Aide de Print Artist 8.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Aide de Print Artist 8.lnk
backup=c:\windows\pss\Aide de Print Artist 8.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Convertir les documents de PA 4.x à PA 8..lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Convertir les documents de PA 4.x à PA 8..lnk
backup=c:\windows\pss\Convertir les documents de PA 4.x à PA 8..lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Fichier d'aide du convertisseur de documents PA 8..lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Fichier d'aide du convertisseur de documents PA 8..lnk
backup=c:\windows\pss\Fichier d'aide du convertisseur de documents PA 8..lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lisez-moi Print Artist 8.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lisez-moi Print Artist 8.lnk
backup=c:\windows\pss\Lisez-moi Print Artist 8.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^officejet 6100.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\officejet 6100.lnk
backup=c:\windows\pss\officejet 6100.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PA8 Manuel.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PA8 Manuel.lnk
backup=c:\windows\pss\PA8 Manuel.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Print Artist 8.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Print Artist 8.lnk
backup=c:\windows\pss\Print Artist 8.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Site Web de Sierra.URL]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Site Web de Sierra.URL
backup=c:\windows\pss\Site Web de Sierra.URLCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^SMCWUSB-G 802.11g Wireless USB Utility.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\SMCWUSB-G 802.11g Wireless USB Utility.lnk
backup=c:\windows\pss\SMCWUSB-G 802.11g Wireless USB Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Visite Guidée.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Visite Guidée.lnk
backup=c:\windows\pss\Visite Guidée.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^JEAN-MICHEL^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk]
path=c:\documents and settings\JEAN-MICHEL\Menu Démarrer\Programmes\Démarrage\Outil de notification Live Search.lnk
backup=c:\windows\pss\Outil de notification Live Search.lnkStartup
.
[HKLM\~\startupfolder\C:^DOCUME~1^ALLUSE~1^Menu Démarrer^Programmes^Démarrage^Uninstall Print Artist 8.lnk]
path=c:\docume~1\ALLUSE~1\Menu Démarrer\Programmes\Démarrage\Uninstall Print Artist 8.lnk
backup=c:\windows\pss\Uninstall Print Artist 8.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-23 19:33 57344 -c----w- c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ezShieldProtector for Px]
2002-08-20 09:29 40960 ------w- c:\windows\system32\ezSP_Px.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2008-11-12 12:05 2474031 -c----w- c:\program files\Free Download Manager\fdm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-06-26 14:13 1207080 ------w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-05 00:54 417792 ------w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
2002-04-11 03:19 69632 -c----w- c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-03-27 07:55 24103720 ------r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-09-24 13:41 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard]
2002-06-17 23:01 155648 -c--a-w- c:\program files\VERITAS Software\Update Manager\sgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 -c----w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TweakDUN]
2001-09-19 22:29 720896 -c--a-w- c:\program files\TweakDUN\tweakdun.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WebClient"=2 (0x2)
"UPS"=3 (0x3)
"seclogon"=2 (0x2)
"SCardSvr"=3 (0x3)
"PolicyAgent"=2 (0x2)
"NVSvc"=2 (0x2)
"LmHosts"=2 (0x2)
"Browser"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\P2P\\eMule\\emule.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4262:TCP"= 4262:TCP:127.0.0.1
"4272:UDP"= 4272:UDP:127.0.0.1
"6346:TCP"= 6346:TCP:SHAREAZA
"6346:UDP"= 6346:UDP:SHAREAZA
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"51858:TCP"= 51858:TCP:µtorrent
"5188:UDP"= 5188:UDP:µtorrent
"3587:TCP"= 3587:TCP:Groupement homologue Windows
"3540:UDP"= 3540:UDP:Protocole PNRP (Peer Name Resolution Protocol)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [08/03/2011 00:53 64288]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [30/11/2008 21:17 717296]
R2 Iprip;Écouteur RIP;c:\windows\System32\svchost.exe -k netsvcs [02/12/2002 13:57 14336]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [17/01/2010 20:36 90112]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe [24/07/2011 14:49 632792]
R3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\LTSM.sys [31/07/2002 22:33 815819]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [17/01/2010 20:40 27632]
S2 gupdate1c9b69289770e32;Service Google Update (gupdate1c9b69289770e32);c:\program files\Google\Update\GoogleUpdate.exe [06/04/2009 10:34 133104]
S2 sbbotdi;sbbotdi;\??\c:\progra~1\SPEEDB~1\sbbotdi.sys --> c:\progra~1\SPEEDB~1\sbbotdi.sys [?]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [06/04/2009 10:34 133104]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [22/11/2010 10:50 15232]
S3 nenum13E;nenum13E;\??\c:\docume~1\JEAN-M~1\LOCALS~1\Temp\nenum13E.sys --> c:\docume~1\JEAN-M~1\LOCALS~1\Temp\nenum13E.sys [?]
S3 PID_0960_V;Logitech ClickSmart 420(PID_0960_V);c:\windows\system32\drivers\LVVIMULB.SYS [18/09/2003 21:22 163328]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [17/01/2010 20:17 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [17/01/2010 20:17 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [17/01/2010 20:17 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [17/01/2010 20:17 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [17/01/2010 20:17 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [17/01/2010 20:17 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [17/01/2010 20:17 115752]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [17/01/2010 20:17 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [17/01/2010 20:17 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [17/01/2010 20:17 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [17/01/2010 20:17 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [17/01/2010 20:17 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [17/01/2010 20:17 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [17/01/2010 20:17 109736]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [17/01/2010 20:17 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [17/01/2010 20:17 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [17/01/2010 20:17 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [17/01/2010 20:17 108328]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [17/01/2010 20:17 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [17/01/2010 20:17 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [17/01/2010 20:17 109736]
S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\DRIVERS\SMCWGU.sys --> c:\windows\system32\DRIVERS\SMCWGU.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{969B3B70-8765-11D5-9809-0050BACBF861}]
2009-03-08 02:32 128512 ------w- c:\windows\system32\advpack.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 02:32 128512 ------w- c:\windows\system32\advpack.dll
.
Contenu du dossier 'Tâches planifiées'
.
2011-10-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-11-22 07:40]
.
2011-10-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2007-04-27 c:\windows\Tasks\FRU Task 2002-06-27 08:46ewlett-Packard2002-06-27 08:46p psc 2100 seriesF56855811176EC24C9B302F94878AD886AF77CFF166279442.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2002-06-27 00:46]
.
2011-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-06 08:34]
.
2011-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-06 08:34]
.
2003-09-18 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2003-09-18 14:07]
.
2011-10-16 c:\windows\Tasks\User_Feed_Synchronization-{F8A934ED-6459-4555-81B5-79034ED08CE5}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google.fr
mSearch Bar =
uInternet Settings,ProxyOverride = *.local
IE: Download with &Shareaza - c:\program files\Shareaza\RazaWebHook32.dll/3000
Trusted Zone: pomob.fr\www
Handler: hola - {626601A0-4BAE-11D1-A7E1-00A0246C1E64} - c:\program files\Liris Interactive\Le Petit Larousse\HURLPROT.DLL
Handler: holb - {626601A1-4BAE-11D1-A7E1-00A0246C1E64} - c:\program files\Liris Interactive\Le Petit Larousse\HURLPROT.DLL
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\JEAN-MICHEL\Application Data\Mozilla\Firefox\Profiles\qcpxmjuy.default\
/*FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}*/
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=7cc621c100000000000000e018edbc73&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18026&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Babylon: ffxtlbr@babylon.com - c:\program files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
.
- - - - ORPHELINS SUPPRIMES - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKCU-Run-WebCamRT.exe - (no file)
HKCU-Run-FreeRAM XP - c:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
HKLM-Run-ustR39X - scpgae.exe
MSConfigStartUp-AdslTaskBar - stmctrl.dll
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
MSConfigStartUp-FreeRAM XP - c:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe
AddRemove-99e2hied - c:\windows\99e2hied.exe
AddRemove-AVS Video Editor 4_is1 - h:\avsvideoeditor\unins000.exe
AddRemove-Tux Paint_is1 - c:\documents and settings\CHRISTELE\Mes documents\Divers\TuxPaint\unins000.exe
AddRemove-Tweak-XP Pro 4 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-16 18:03
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HTpatch = c:\windows\htpatch.exe?ows\CurrentVersion\Run???\??????[????'??[???['??[???????????????[???[???[???[$??????[???????????????[???????????[???w????(????3?w???w?????3?w ??w???[:???????d???r??[1??[???[d??????[?-?[????z??w8h?[\2?[?1?[htinst.INI?[?u?[????d???????0G?
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'explorer.exe'(2896)
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pa

Salut,

Je viens d'essayer de lancer CCleaner et MBAM.
Ils fonctionnent.
Je les ai refermé sans rien faire pour le moment.
Je crois que vous avez trouvé la solution.

Que dois je faire maintenant?

A+

Re,

Super, Combofix à fait son boulot. Le rapport n'est pas complet, peux-tu tout de même l'héberger, comme ZHPdiag ?

Sinon, commence MBAM en le mettant à jour et en branchant tes périphériques.

@+

Gabriel.

Salut

Voila le rapport Combo fix:

https://www.cjoint.com/?AJqsIwPFew8

Je lance MBAM.

A+

Merci :)

Bonne soirée,

Gabriel.

Salut,

Voici le rapport MBAM:


A+

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 7959

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

17/10/2011 19:27:07
mbam-log-2011-10-17 (19-27-07).txt

Type d'examen: Examen complet (C:\|D:\|G:\|H:\|)
Elément(s) analysé(s): 326137
Temps écoulé: 1 heure(s), 43 minute(s), 25 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Qoobox\quarantine\C\documents and settings\jean-michel\application data\drivers\winupgro.exe.vir (Spyware.Password) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files\yourware solutions\freeram xp pro\freeram xp pro.exe.vir (Spyware.Password) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a0dbfad1-97e1-452c-ada7-fa38757c5ce7}\RP1592\A0212343.exe (Spyware.Password) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a0dbfad1-97e1-452c-ada7-fa38757c5ce7}\RP1592\A0213747.exe (Spyware.Password) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a0dbfad1-97e1-452c-ada7-fa38757c5ce7}\RP1592\A0213750.exe (Spyware.Password) -> Quarantined and deleted successfully.
d:\multimedia\SOURCES\cursormaniafwbinitialsetup1.0.0.8-2.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Ok :)

Refais moi un ZHPdiag ;)

@+

Gabriel.

Voila le lien vers le rapport ZHPDIAG:

https://www.cjoint.com/?AJrtQq8DAne

a+

Re,

Tu es sûr d'avoir prit le bon ?
Il n'est pas complet...

@+

Gabriel.

A priori oui.

Je refais un zhp Diag et je poste le rapport.

A+

Avant de me fournir le ZHPdiag en entier :

▶ Télécharge FindyKill sur ton bureau :

http://www.teamxscript.org/findykillTelechargement.html

! Déconnecte toi et ferme toutes applications en cours !

▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

▶ Double-clique (clic droit "en tant qu'administrateur" pour Vista/7) sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .

▶ Au menu principal choisis l'option "F" pour français et tape sur Entrée>/gras>.

▶ Au second menu Choisis l'option "<gras>1" (Recherche)</itam> et tape sur Entrée>/gras>.

▶ Laisse travailler l'outil et ne touche à rien ...

▶ Poste le rapport qui apparait à la fin , sur le forum ...

<ital>(Le rapport est sauvegardé aussi sous <gras>C:\FindyKill.txt)
(CTRL+A Pour tout selectionner, CTRL+C pour copier et CTRL+V pour coller)

@+

Gabriel.

Problème:

Lorsque je clique sur le lien que tu m'as donné, j'ai le message suivant:

"Not Found

The requested URL /findykillTelechargement.html was not found on this server."

Hier, lorsque j'avais démarré en mode sans échec j'ais réussi à téléchargé une version de Findy-kill "FindyKill-5.053.exe" que j'ai enregistré sur mon bureau.

Lorsque j'essaye de cliquer dessus, j'ai le message suivant:

"FindyKill-5.053.exe n'est pas une version Win32 valide"


a+

Essaye ici : https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/

++

Gabriel.

Salut ,

Vola le rapport Findykill:


A+



############################## | FindyKill V5.053 |

# User : JEAN-MICHEL (Administrateurs) # NOM-LG33A71KV76
# Update on 23/10/2010 by El Desaparecido
# Start at: 20:44:59 | 17/10/2011
# Website : http://www.teamxscript.org/
# Contact : eldesaparecido@teamxscript.org

# Intel(R) Pentium(R) 4 CPU 2.53GHz
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : Sophos Anti-Virus [ (!) Disabled | (!) Outdated ]
# AV : Lavasoft Ad-Watch Live! Antivirus [ Enabled | Updated ]
# AV : avast! Antivirus 5.0.100664585 [ Enabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 27,95 Go (855,23 Mo free) [VAIO] # NTFS
# D:\ # Disque fixe local # 46,58 Go (6,24 Go free) [VAIO] # NTFS
# E:\ # Disque amovible
# F:\ # Disque CD-ROM
# G:\ # Disque CD-ROM
# H:\ # Disque amovible # 14,91 Go (3,43 Go free) [OPTIMA] # FAT32
# I:\ # Disque fixe local # 465,76 Go (88,24 Go free) [PeekBox] # NTFS
# J:\ # Disque fixe local # 931,51 Go (819,38 Go free) [MEMUP 1TO] # NTFS

################## | Processus infectieux stoppés |


################## | Eléments infectieux |

[16/10/2011 17:58|d--h-----|0] C:\Documents and Settings\JEAN-MICHEL\Application Data\drivers

################## | Reference Bagle MD5 ... |


################## | MD5 ... |

[12/10/2011 20:53|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1587\A0204675.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[12/10/2011 21:03|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1588\A0204818.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[12/10/2011 21:03|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1588\A0205963.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[12/10/2011 21:23|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1588\A0205984.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[12/10/2011 21:45|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1588\A0206381.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[12/10/2011 21:57|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1588\A0206888.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[12/10/2011 22:30|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1588\A0207056.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[13/10/2011 18:48|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1588\A0207126.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[14/10/2011 20:39|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1588\A0207492.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[14/10/2011 20:53|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1589\A0208074.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[14/10/2011 20:53|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1589\A0208615.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[14/10/2011 21:31|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1590\A0209108.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[15/10/2011 14:46|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1591\A0211390.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[16/10/2011 16:11|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1592\A0212741.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[16/10/2011 16:32|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1592\A0213147.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[16/10/2011 16:49|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1592\A0213261.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )
[16/10/2011 16:55|--a--c---|7168] C:\System Volume Information\_restore{A0DBFAD1-97E1-452C-ADA7-FA38757C5CE7}\RP1592\A0213820.sys ( CRC32 : f30c6949 | MD5 : 524d8d450622db4a7875b111c299a76b )

################## | Bagle Trace ... |

[ | | ]

################## | Crack .... |

[07/10/2006 11:58|--a------|36352] C:\Documents and Settings\JEAN-MICHEL\Mes documents\CLE USB\Keygen\keygen.exe
[07/10/2006 11:58|---------|36352] D:\Keygen\keygen.exe
[07/10/2006 11:58|--a------|36352] D:\OPTIMA SAUVE GARDE\Keygen\keygen.exe

################## | Registre |

[HKLM\SYSTEM\ControlSet001\Services\sK9Ou0s]
[HKLM\SYSTEM\ControlSet001\Services\srosa]
[HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S]
[HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
[HKCR\ed2k]
[HKCU\Software\Local AppWizard-Generated Applications\winupgro]
[HKU\S-1-5-21-1876830721-547016971-2492748575-1005\Software\Local AppWizard-Generated Applications\winupgro]

################## | Etat |

# Affichage des fichiers cachés : OK

# Mode sans echec : OK

# Ndisuio ( NDIS User Mode ) -> Start = 3 ( Good = 3 | Bad = 4 )

# EapHost ( Extensible Authentication Protocol Host ) -> Start = 3 ( Good = 2 | Bad = 4 )

# (!) Ip6Fw ( IPv6 Windows Firewall Driver ) -> Start = 4 ( Good = 2 | Bad = 4 )

# SharedAccess ( Windows Firewall - Internet Connection Sharing ) -> Start = 2 ( Good = 2 | Bad = 4 )

# wuauserv ( Windows Update ) -> Start = 2 ( Good = 2 | Bad = 4 )

# wscsvc ( Windows Security Center ) -> Start = 2 ( Good = 2 | Bad = 4 )


################## | ! Fin du rapport # FindyKill V5.053 ! |

Re,

▶ Déconnecte toi et ferme toutes application en cours (navigateur compris).

▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

▶ Relance FindyKill (clic droit "Éxécuter en tant qu'administrateur" pour Vista/7) : au menu principal choisis l'option "F" pour français et tape sur Entrée.

▶ Au second menu choisis l'option 2 (suppression) et tape sur [entrée]

▶ Le pc va redémarrer automatiquement.

▶ le programme va travailler, ne touche à rien, ton bureau ne sera pas accessible c'est normal !

▶ Poste le rapport qui apparait à la fin (le rapport est sauvegardé aussi sous C:\FindyKill.txt).

▶ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr, Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide.

@+

Gabriel.

Salut cabrier :)

Chez moi, ton lien me donne une erreur 404, aurais-tu un autre lien ?

Merci ;)

Gabriel.