Sujet Précédent Sujet Suivant

Bonjours win32bho-kd

Résolu/Fermé
cyrilsp37 Messages postés 32 Date d'inscription mercredi 23 janvier 2008 Statut Membre Dernière intervention 16 décembre 2019 - 23 janv. 2008 à 14:17
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 31 janv. 2008 à 18:59
Bonjour,je n'arrive pas a suprimer ce virus , voici mon rapport hijackthis merci de me donner une solution pour suprimer ce virus




ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:54:56, on 23/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\System32\svchost.exe
C:\MSSQL7\binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\MSSQL7\binn\sqlagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\PROGRA~1\HotKeys\Ikeymain.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\dllcache\spoolms.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\thomson\wlancfg.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Adssite Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll
O2 - BHO: (no name) - {61C2BD6D-8C4C-4C6B-BAFE-DAD1FDCA3357} - C:\WINDOWS\system32\avwa.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OWS Setup CmdLine] "C:\Program Files\Fichiers communs\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe" /r /pkg "Office 2000 Server Extensions" /q
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\HotKeys\Ikeymain.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [spoolms] C:\WINDOWS\system32\dllcache\spoolms.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Gestionnaire de services SQL Server.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: Raccourci vers wlancfg.lnk = C:\thomson\wlancfg.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.n9ws.com/webscanner/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://cyrilsp37france.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1200137595375
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cyrilsp37.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Office Server Extensions Notification Service (OWSTimer) - Unknown owner - C:\Program Files\Microsoft Office\Office\OWSTIMER.EXE

37 réponses

Précédent
  • 1
  • 2
Réponse 21 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 janv. 2008 à 16:36
salut cyrilsp37,

c´est mieux en effet.

peux tu faire analyser ceci

C:\WINDOWS\system32\iebrowserc.dll

sur ce site et poster le resultat obtenu :

https://www.virustotal.com/gui/

@+
0
Réponse 22 / 37
cyrilsp37 Messages postés 32 Date d'inscription mercredi 23 janvier 2008 Statut Membre Dernière intervention 16 décembre 2019
28 janv. 2008 à 17:14
voici ce que tu veux , j'ai fais l'annalyse que tu me demande.



ntivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.1.26.10 2008.01.25 -
AntiVir 7.6.0.56 2008.01.27 -
Authentium 4.93.8 2008.01.26 -
Avast 4.7.1098.0 2008.01.27 -
AVG 7.5.0.516 2008.01.26 -
BitDefender 7.2 2008.01.27 -
CAT-QuickHeal 9.00 2008.01.25 -
ClamAV 0.91.2 2008.01.27 -
DrWeb 4.44.0.09170 2008.01.27 -
eSafe 7.0.15.0 2008.01.16 -
eTrust-Vet 31.3.5486 2008.01.26 -
Ewido 4.0 2008.01.27 -
FileAdvisor 1 2008.01.27 -
Fortinet 3.14.0.0 2008.01.27 -
F-Prot 4.4.2.54 2008.01.26 -
F-Secure 6.70.13260.0 2008.01.27 -
Ikarus T3.1.1.20 2008.01.27 -
Kaspersky 7.0.0.125 2008.01.27 -
McAfee 5216 2008.01.26 -
Microsoft 1.3109 2008.01.27 -
NOD32v2 2825 2008.01.27 -
Norman 5.80.02 2008.01.24 -
Panda 9.0.0.4 2008.01.27 Suspicious file
Prevx1 V2 2008.01.27 -
Rising 20.28.62.00 2008.01.27 -
Sophos 4.25.0 2008.01.27 -
Sunbelt 2.2.907.0 2008.01.25 -
Symantec 10 2008.01.27 -
TheHacker 6.2.9.200 2008.01.27 -
VBA32 3.12.2.5 2008.01.21 -
VirusBuster 4.3.26:9 2008.01.27 -
Webwasher-Gateway 6.6.2 2008.01.27 -
Information additionnelle
File size: 294912 bytes
MD5: 7a336b763edca17dc99da698d92816b3
SHA1: c690b35c40850ee86351c7558720c29ac5973cdc
PEiD: -
0
Réponse 23 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 janv. 2008 à 17:18
re,

peux tu le refaire analyser ici stp:

http://virusscan.jotti.org/de/

@+
0
Réponse 24 / 37
cyrilsp37 Messages postés 32 Date d'inscription mercredi 23 janvier 2008 Statut Membre Dernière intervention 16 décembre 2019
30 janv. 2008 à 13:25
Jottis Malwarescan 2.99-TRANSITION_TO_3.00-R1

Datei, die hochgeladen und gescannt werden soll:
Dienst
Datei: iebrowserc.dll_
Auslastung: 0% 100%

Status: ERGEBNISLOS (scan dauert an)
Entdeckte Packprogramme: Bitte warten...
Bit9 rapportiert: File not found

A-Squared Scanning, bitte warten...
AntiVir Scanning, bitte warten...
ArcaVir Scanning, bitte warten...
Avast Scanning, bitte warten...
AVG Antivirus Scanning, bitte warten...
BitDefender Scanning, bitte warten...
ClamAV Scanning, bitte warten...
CPsecure Scanning, bitte warten...
Dr.Web Scanning, bitte warten...
F-Prot Antivirus Scanning, bitte warten...
F-Secure Anti-Virus Scanning, bitte warten...
Fortinet Scanning, bitte warten...
Ikarus Scanning, bitte warten...
Kaspersky Anti-Virus Scanning, bitte warten...
NOD32 Scanning, bitte warten...
Norman Virus Control Scanning, bitte warten...
Panda Antivirus Scanning, bitte warten...
Rising Antivirus Scanning, bitte warten...
Sophos Antivirus Scanning, bitte warten...
VirusBuster Scanning, bitte warten...
VBA32 Scanning, bitte warten...


Powered by

Disclaimer
Durch das Hochladen von Dateien auf diesen Server stimmen Sie zu, dass ihre Dateien lokal gespeichert werden.

Ferner: Dieser Dienst ist keineswegs hundertprozentig sicher. Falls der Scanner ein 'OK' gibt, bedeutet das nicht notwendigerweise, dass die Datei sauber ist. Es könnte ein völlig neuer Virus auf freiem Fuß sein! Verlassen Sie sich niemals auf ein einzelnes Produkt alleine, selbst auf diesen Dienst nicht, obwohl er mehrere Produkte einsetzt. Für Schäden, die durch diesen nichtkommerziellen Online-Dienst verursacht wurden, bin ich daher nicht verantwortlich, noch kann ich dafür verantwortlich gemacht werden.

Ich bin mir auch über die Folgen einer Einrichtung wie dieser im klaren. Ich bin mir sicher, dass diese ganze Geschichte keinesfalls wissenschaftlich korrekt ist, da dies ein vollautomatischer Dienst ist (obwohl eine manuelle Korrektur möglich ist). Ich bin mir zum Beispiel bewußt, dass "False Positives" (ein Fehlalarm, bei dem eine saubere Datei irrtümlich als Virus detektiert wird) auftreten könnten, trotz der Anstrengungen, diesen proaktiv zu begegnen. Ich halte das nicht für eine große Sache, also schicken Sie mir bitte keine Emails über solche Vorkommnisse. Dies ist ein einfacher Onlinescanner, und nicht die Universität von Magdeburg.

Die Virensignaturen werden jede Stunde aktualisiert. Das Dateigrößenlimit beträgt 10 MB pro Datei.
DIE MISSBRÄUCHLICHE NUTZUNG DIESES DIENSTES (EINSCHLIESSLICH DES HOCHLADENS ABSICHTLICH MODIFIZIERTER -GEPACKTER/VERSCHLÜSSELTER/BYTESWAPPED- VERSIONEN DER GLEICHEN DATEI) HAT ZUR FOLGE, DASS IHRE IP GESPERRT WIRD.

Bitte fordern Sie keine dieser Viren an, wenn Sie nicht für Hersteller von Anti-Viren-Software arbeiten. Viren sind nicht zum Tauschen da.

Das Scannen kann eine Weile dauern, da mehrere Scanner benutzt werden. Zudem nutzen einige Scanner eine sehr hohe Heuristikstufe (was zeitaufwendig ist). Die benutzten Scanner sind Linuxversionen, und es können sich (oder auch nicht) Unterschiede zu Windowsscannern ergeben. Noch eine Anmerkung: manche Scanner detektieren nur einen Virus, wenn Archive mit mehreren Malwaredateien gescannt werden.

Gefördert von HotelScraper.com.
--------------------------------------------------------------------------------


Statistik
Zuletzt gefundene Malware war sample491.EXE, gefunden von:

Scanner Name der Malware
A-Squared X
AntiVir X
ArcaVir Dialer.Webdialer
Avast Win32:Dialer-1134
AVG Antivirus Dialer.GSK
BitDefender X
ClamAV X
CPsecure X
Dr.Web Dialer.Consulinfo
F-Prot Antivirus X
F-Secure Anti-Virus not-a-virus:Porn-Dialer.Win32.WebDialer (5, 1, 500)
Fortinet X
Ikarus not-a-virus:Porn-Dialer.Win32.WebDialer
Kaspersky Anti-Virus not-a-virus:Porn-Dialer.Win32.WebDialer
NOD32 X
Norman Virus Control X
Panda Antivirus X
Rising Antivirus X
Sophos Antivirus X
VirusBuster X
VBA32 Porn-Dialer.Win32.WebDialer


Es steht Ihnen frei, diese automatisch generierten, ungültigen Statistiken (falsch) zu interpretieren. Für Vergleichstests von Anti-Viren Software, besuchen Sie AV comparatives.



Häufig gestellte Fragen (FAQ) - Feedback/Kommentare/Fragen/Fehlalarme (bitte ausschließlich auf Englisch)




© Jordi Bosveld 2004-2007

Deutsche Übersetzung von
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
30 janv. 2008 à 13:34
salut cyrilsp37,

les rapports montrent que le fichier n´as pas été scanné, mais apres des recherches de mon coté, on va supprimer ce fichier...

a l´aide de hijack this coche et fix cette ligne :

O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll

Télécharge Pocket KillBox sur ton bureau.
http://www.downloads.subratam.org/KillBox.exe

-> Double-clique sur le fichier Killbox.exe, et coche la case "Delete on reboot".

Copie la ligne ci dessous :

C:\WINDOWS\system32\iebrowserc.dll

-> Sur PocketKillBox --> menu "File" --> "Paste from Clipboard"

Tu peux vérifier dans le menu déroulant que le fichier est bien présent.
- coche la case "Unregister dll before deleting" (si tu en as la possibilité)
- click sur le bouton "All files"
- click ensuite sur la croix rouge

Au deux messages qui vont s'afficher, tu réponds par "YES"
L'ordinateur doit redémarrer, sinon, fais le toi-même, quoiqu'il arrive.

Après redémarrage, relance Killbox puis clic sur l'onglet "fichier" -> Log -> Actions History Log
Poste le rapport ici

@+
0
Réponse 26 / 37
cyrilsp37 Messages postés 32 Date d'inscription mercredi 23 janvier 2008 Statut Membre Dernière intervention 16 décembre 2019
30 janv. 2008 à 21:15
voici le rapport

Pocket Killbox version 2.0.0.648
Running on Windows XP as picatchou(Administrator)
was started @ mercredi, janvier 30, 2008, 9:05 PM

Killbox Closed(Exit) @ 9:05:53 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows XP as picatchou(Administrator)
was started @ mercredi, janvier 30, 2008, 9:06 PM

# 1 [Delete on Reboot]
Path = C:\WINDOWS\system32\iebrowserc.dll


I Rebooted @ 9:08:16 PM
Killbox Closed(Exit) @ 9:08:30 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows XP as picatchou(Administrator)
was started @ mercredi, janvier 30, 2008, 9:13 PM
0
Réponse 27 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
30 janv. 2008 à 22:21
re,

peux tu reposter un hijack this

@+
0
Réponse 28 / 37
cyrilsp37 Messages postés 32 Date d'inscription mercredi 23 janvier 2008 Statut Membre Dernière intervention 16 décembre 2019
31 janv. 2008 à 15:47
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:47:05, on 31/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\MSSQL7\binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\MSSQL7\binn\sqlagent.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\PROGRA~1\HotKeys\Ikeymain.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\thomson\wlancfg.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: DbarBHO - {CC11617C-259E-429c-9063-7D70B8355EBD} - C:\Program Files\dbar\Deskbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OWS Setup CmdLine] "C:\Program Files\Fichiers communs\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe" /r /pkg "Office 2000 Server Extensions" /q
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\HotKeys\Ikeymain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [dbar_starter] C:\Documents and Settings\Angelique\Application Data\Deskbar_{909881D2-3302-4cd0-BBE3-1EEAC3A698C0}\starter.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Gestionnaire de services SQL Server.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: Raccourci vers wlancfg.lnk = C:\thomson\wlancfg.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.n9ws.com/webscanner/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://cyrilsp37france.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1200137595375
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cyrilsp37.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Office Server Extensions Notification Service (OWSTimer) - Unknown owner - C:\Program Files\Microsoft Office\Office\OWSTIMER.EXE
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
0
Réponse 29 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
31 janv. 2008 à 16:11
salut cirylsp37,

bon on a supprimé l´autre mais la il y a du nouveau...

peux tu refaire un combofix stp

@+
0
Réponse 30 / 37
cyrilsp37 Messages postés 32 Date d'inscription mercredi 23 janvier 2008 Statut Membre Dernière intervention 16 décembre 2019
31 janv. 2008 à 16:41
ComboFix 08-01-31.5 - picatchou 2008-01-31 16:34:19.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.548 [GMT 1:00]
Endroit: C:\Documents and Settings\picatchou\Local Settings\Temporary Internet Files\Content.IE5\RMIQX10F\ComboFix[1].exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\All Users\Application Data\salesmonitor
C:\Documents and Settings\Angelique\new.txt
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
C:\Program Files\Macrogaming\SweetIM
C:\Program Files\Macrogaming\SweetIM\conf\adapter.xml
C:\Program Files\Macrogaming\SweetIM\conf\autoupdate.xml
C:\Program Files\Macrogaming\SweetIM\conf\logger.xml
C:\Program Files\Macrogaming\SweetIM\conf\messages.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetim.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetimapp.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\an.gelique@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\an.gelique@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cyrilsp37@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cyrilsp37@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\main_user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\va.l.erie@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\va.l.erie@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002006E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]002015B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1050001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\cache_indx.dat
C:\Program Files\Macrogaming\SweetIM\default.xml
C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgArchive.dll
C:\Program Files\Macrogaming\SweetIM\mgcommon.dll
C:\Program Files\Macrogaming\SweetIM\mgcommunication.dll
C:\Program Files\Macrogaming\SweetIM\mgconfig.dll
C:\Program Files\Macrogaming\SweetIM\mgFlashPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mghooking.dll
C:\Program Files\Macrogaming\SweetIM\mgIEPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mglogger.dll
C:\Program Files\Macrogaming\SweetIM\mgMediaPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgSweetIM.dll
C:\Program Files\Macrogaming\SweetIM\mgUpdateSupport.dll
C:\Program Files\Macrogaming\SweetIM\mgxml_wrapper.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\msvcp71.dll
C:\Program Files\Macrogaming\SweetIM\msvcr71.dll
C:\Program Files\Macrogaming\SweetIM\resources\images\AudibleButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\DisplayPicturesButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\EmoticonButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\NudgeButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\SoundFxButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\WinksButton.png
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
C:\Program Files\webmediaplayer
C:\Program Files\webmediaplayer\resources\languages.xml
C:\Program Files\webmediaplayer\resources\webmedias
C:\Program Files\webmediaplayer\skins\classic.skn
C:\Program Files\webmediaplayer\WebMediaPlayer.url
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\adssite_sidebar.dll
C:\WINDOWS\system32\avwa.dll
C:\WINDOWS\system32\befcdrupto.dat
C:\WINDOWS\system32\befcdrupto_nav.dat
C:\WINDOWS\system32\befcdrupto_navps.dat
C:\WINDOWS\system32\dllcache\spoolms.exe
C:\WINDOWS\system32\drivers\rmbelszq.dat
C:\WINDOWS\system32\neksbixfmb.dat
C:\WINDOWS\system32\neksbixfmb_nav.dat
C:\WINDOWS\system32\neksbixfmb_navps.dat
C:\WINDOWS\Tasks\Norton Security Scan.job
C:\WINDOWS\Tasks\Symantec NetDetect.job

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_IPRIP
-------\Iprip




-------\LEGACY_TTYXPZSJ
-------\ttyxpzsj




((((((((((((((((((((((((((((( Fichiers créés 2007-12-28 to 2008-01-31 ))))))))))))))))))))))))))))))))))))
.

2008-01-30 19:55 . 2008-01-31 15:25 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\OpenOffice.org2
2008-01-30 19:30 . 2008-01-30 20:03 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Vso
2008-01-30 19:29 . 2008-01-30 19:29 <REP> d-------- C:\Program Files\VSO
2008-01-30 19:29 . 2008-01-30 19:29 3,982,776 --a------ C:\Program Files\vso_image_resizer_setup.exe
2008-01-30 18:28 . 2008-01-30 18:29 60,416 --a------ C:\WINDOWS\ALCFDRTM.VER
2008-01-30 18:28 . 2008-01-30 18:28 60,416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2008-01-30 12:55 . 2008-01-30 12:55 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Creative
2008-01-29 22:01 . 2008-01-29 22:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-29 22:00 . 2008-01-29 22:00 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-28 10:19 . 2008-01-28 10:19 <REP> d-------- C:\Documents and Settings\Angelique\Application Data\Deskbar_{909881D2-3302-4cd0-BBE3-1EEAC3A698C0}
2008-01-28 10:18 . 2008-01-28 10:19 <REP> d-------- C:\Program Files\dbar
2008-01-28 09:55 . 2008-01-28 10:25 <REP> d-------- C:\Program Files\winvi
2008-01-25 14:24 . 2008-01-25 14:24 46,300 --a------ C:\WINDOWS\system32\AdssiteSocial-uninstall.exe
2008-01-24 18:05 . 2008-01-24 18:09 <REP> d-------- C:\Program Files\telechargement cyril
2008-01-23 18:56 . 2008-01-23 18:56 <REP> d-------- C:\Program Files\Avira
2008-01-23 18:56 . 2008-01-23 18:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-01-23 18:45 . 2008-01-23 18:45 <REP> d-------- C:\Program Files\Sunbelt Software
2008-01-23 14:52 . 2008-01-23 17:44 <REP> d-------- C:\ComboFix
2008-01-23 14:25 . 2008-01-23 14:28 <REP> d-------- C:\Program Files\Navilog1
2008-01-23 12:53 . 2008-01-23 12:53 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-23 12:35 . 2008-01-23 12:35 <REP> d-------- C:\Program Files\Trend Micro
2008-01-23 12:26 . 2008-01-23 20:50 2,648 --a------ C:\WINDOWS\sql70.MIF
2008-01-22 20:41 . 2008-01-22 20:41 <REP> d-------- C:\Program Files\Enigma Software Group
2008-01-18 18:45 . 2008-01-18 18:45 <REP> d---s---- C:\WINDOWS\system32\%SystemDrive%
2008-01-18 18:45 . 2008-01-18 18:45 <REP> d-------- C:\WINDOWS\Google Toolbar
2008-01-18 18:33 . 2008-01-23 17:31 <REP> d-------- C:\Program Files\Norton Security Scan
2008-01-18 18:29 . 2008-01-18 18:29 867,560 --a------ C:\Program Files\Google Updater.exe
2008-01-16 19:52 . 2008-01-16 19:52 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\ScanSoft
2008-01-12 21:04 . 2008-01-30 18:54 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-12 21:04 . 2008-01-12 21:04 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-12 20:02 . 2008-01-12 20:02 <REP> d-------- C:\Documents and Settings\Angelique\Application Data\Leadertech
2008-01-12 09:11 . 2008-01-12 09:14 19,004,560 --a------ C:\Program Files\setupfre.exe
2008-01-12 08:59 . 2008-01-12 08:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-01-10 17:31 . 2008-01-10 17:31 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\SPAMfighter
2008-01-09 12:18 . 2008-01-09 12:18 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-09 12:18 . 2008-01-09 12:18 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-01-09 12:18 . 2008-01-09 12:18 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-01-09 12:18 . 2008-01-09 12:18 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-01-09 12:18 . 2008-01-09 12:18 9,878 --a------ C:\WINDOWS\system32\dsm_fr.qm
2008-01-09 12:18 . 2008-01-09 12:18 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-01-09 12:16 . 2008-01-09 12:16 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2008-01-09 12:16 . 2008-01-09 12:16 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2008-01-09 12:16 . 2008-01-09 12:16 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2008-01-09 12:16 . 2008-01-09 12:16 682,496 --a------ C:\WINDOWS\system32\DivX.dll
2008-01-09 12:16 . 2008-01-09 12:16 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2008-01-09 12:16 . 2008-01-09 12:16 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-01-09 12:16 . 2008-01-09 12:16 416 --a------ C:\WINDOWS\system32\dtu100.dll.manifest
2008-01-09 12:16 . 2008-01-09 12:16 416 --a------ C:\WINDOWS\system32\dpl100.dll.manifest
2008-01-09 12:15 . 2008-01-09 12:15 630,784 --a------ C:\WINDOWS\system32\divxdec.ax
2008-01-06 21:25 . 2008-01-23 17:31 <REP> d-------- C:\Program Files\Macrogaming
2008-01-06 10:04 . 2008-01-06 10:04 <REP> d-------- C:\Documents and Settings\cyril\Mes documents
2008-01-05 18:23 . 2008-01-05 18:23 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Leadertech
2008-01-04 18:13 . 2008-01-04 18:13 <REP> dr------- C:\Documents and Settings\picatchou\Application Data\Brother
2008-01-04 16:16 . 2008-01-04 16:16 <REP> d-------- C:\Program Files\SAGEM
2008-01-03 21:17 . 2008-01-04 16:17 21 --a------ C:\WINDOWS\kit.ini
2008-01-03 20:46 . 2008-01-03 20:46 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\DivX
2008-01-03 19:42 . 2008-01-03 19:43 7,020,185 --a------ C:\Program Files\Gestionnaire_internetLB.exe
2008-01-03 19:13 . 2008-01-03 19:13 535,512 --a------ C:\Program Files\pllangs.exe
2008-01-03 19:11 . 2008-01-03 19:11 2,855,080 --a------ C:\Program Files\ad-aware-se-personal_ad-aware_se_personal_1.6_anglais_12797.exe
2008-01-03 18:45 . 2008-01-03 18:45 407,680 --a------ C:\Program Files\aswclnr.exe
2008-01-03 18:34 . 2008-01-29 22:02 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Lavasoft
2008-01-03 18:28 . 2008-01-03 18:24 18,164,640 --a------ C:\Program Files\aaw2007.exe
2008-01-03 18:28 . 2008-01-03 18:23 2,724,328 --a------ C:\Program Files\ccsetup203.exe
2008-01-02 18:29 . 2008-01-02 18:29 <REP> d-------- C:\Documents and Settings\picatchou\WINDOWS
2008-01-02 18:16 . 2008-01-02 18:44 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\OfficeUpdate12
2008-01-01 17:32 . 2008-01-01 17:32 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Apple Computer
2008-01-01 17:15 . 2008-01-01 17:15 <REP> d--hs---- C:\Documents and Settings\picatchou\UserData
2008-01-01 16:00 . 2008-01-05 18:37 <REP> d-------- C:\Documents and Settings\picatchou\Contacts
2008-01-01 15:10 . 2008-01-01 15:10 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Windows Desktop Search
2008-01-01 15:10 . 2008-01-01 15:10 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Voxmobili
2008-01-01 15:10 . 2008-01-01 15:10 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Teleca
2008-01-01 15:09 . 2008-01-01 15:09 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Sony Ericsson
2008-01-01 15:09 . 2008-01-01 15:09 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Nikon
2008-01-01 15:08 . 2005-09-16 21:57 <REP> d--h----- C:\Documents and Settings\picatchou\Voisinage réseau
2008-01-01 15:08 . 2005-09-16 21:57 <REP> d--h----- C:\Documents and Settings\picatchou\Voisinage d'impression
2008-01-01 15:08 . 2005-09-16 21:02 <REP> d--h----- C:\Documents and Settings\picatchou\Modèles
2008-01-01 15:08 . 2008-01-23 13:59 <REP> dr------- C:\Documents and Settings\picatchou\Mes documents
2008-01-01 15:08 . 2005-09-16 21:57 <REP> dr------- C:\Documents and Settings\picatchou\Menu Démarrer
2008-01-01 15:08 . 2008-01-31 15:40 <REP> dr------- C:\Documents and Settings\picatchou\Favoris
2008-01-01 15:08 . 2008-01-30 21:05 <REP> d-------- C:\Documents and Settings\picatchou\Bureau
2008-01-01 13:04 . 2008-01-01 13:04 <REP> d-------- C:\Program Files\Browser Mouse
2007-12-31 20:04 . 1999-01-05 11:57 32,060 --a------ C:\WINDOWS\system32\cliconf.hlp
2007-12-31 20:03 . 2008-01-23 20:50 <REP> d-------- C:\MSSQL7
2007-12-31 20:03 . 2008-01-02 18:45 899 --------- C:\WINDOWS\setup~0.iss
2007-12-31 19:19 . 2007-12-31 19:22 16,840,120 --a------ C:\Program Files\IE7Setup_G_FR.exe
2007-12-31 18:23 . 2007-12-31 18:23 244 --ah----- C:\sqmnoopt01.sqm
2007-12-31 18:23 . 2007-12-31 18:23 232 --ah----- C:\sqmdata01.sqm
2007-12-31 17:52 . 2007-12-31 17:52 244 --ah----- C:\sqmnoopt00.sqm
2007-12-31 17:52 . 2007-12-31 17:52 232 --ah----- C:\sqmdata00.sqm
2007-12-27 20:44 . 2008-01-24 18:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2007-12-22 15:03 . 2007-12-22 15:03 <REP> d-------- C:\Program Files\Aquapep2
2007-12-15 18:30 . 2007-12-22 15:16 <REP> d-------- C:\Program Files\AkvaarioGes
2007-12-14 11:32 . 2007-12-14 11:32 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
2007-12-11 20:44 . 2007-12-11 20:44 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-12-11 20:44 . 2007-12-11 20:44 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax
2007-12-11 20:44 . 2007-12-11 20:44 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-12-11 20:44 . 2007-12-11 20:44 294,912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-12-11 20:44 . 2007-12-11 20:44 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-12-11 20:44 . 2007-12-11 20:44 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-12-11 20:44 . 2007-12-11 20:44 57,344 --a------ C:\WINDOWS\system32\dpv11.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-31 09:54 --------- d-----w C:\Documents and Settings\Angelique\Application Data\OpenOffice.org2
2008-01-29 21:02 --------- d-----w C:\Program Files\Lavasoft
2008-01-24 18:06 --------- d-----w C:\Program Files\eMule
2008-01-22 16:54 --------- d-----w C:\Program Files\DivX
2008-01-18 20:26 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-01-18 19:33 --------- d-----w C:\Program Files\Google
2008-01-10 16:25 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-09 18:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-04 15:17 --------- d-----w C:\Program Files\Wanadoo
2008-01-04 15:16 90 ----a-w C:\Program Files\Setup.log
2008-01-03 17:57 5,720 ----a-w C:\Program Files\aswclnr.log
2008-01-03 17:45 672,256 ----a-w C:\Program Files\aswclnr.tmp
2007-12-27 19:37 --------- d-----w C:\Program Files\JPEG Compression
2007-12-27 16:27 --------- d-----w C:\Documents and Settings\Angelique\Application Data\ScanSoft
2007-12-22 13:56 --------- d-----w C:\Program Files\MSN Messenger
2007-12-22 13:56 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-03 07:55 --------- d-----w C:\Program Files\MSN Pictures Displayer
2007-11-30 18:43 79,868 ----a-w C:\WINDOWS\system32\adssite-remove.exe
2007-11-28 17:16 --------- d-----w C:\Program Files\Fichiers communs\SansenDommagement
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-24 00:47 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll
2007-10-24 00:47 84,480 ----a-w C:\WINDOWS\system32\mscories.dll
2007-10-24 00:47 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll
2007-10-24 00:47 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-11 08:55 88,576 ----a-w C:\WINDOWS\system32\infocardapi.dll
2007-10-11 08:55 579,584 ----a-w C:\WINDOWS\system32\icardagt.exe
2007-10-11 08:55 11,776 ----a-w C:\WINDOWS\system32\icardres.dll
2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-10-09 12:03 779,800 ----a-w C:\WINDOWS\system32\PresentationNative_v0300.dll
2007-10-09 12:03 73,752 ----a-w C:\WINDOWS\system32\dxva2.dll
2007-10-09 12:03 493,080 ----a-w C:\WINDOWS\system32\evr.dll
2007-10-09 12:03 350,744 ----a-w C:\WINDOWS\system32\PresentationHost.exe
2007-10-09 12:03 33,304 ----a-w C:\WINDOWS\system32\PresentationHostProxy.dll
2007-10-09 12:03 161,304 ----a-w C:\WINDOWS\system32\UIAutomationCore.dll
2007-10-09 12:03 106,520 ----a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2007-10-09 12:03 1,986,072 ----a-w C:\WINDOWS\system32\milcore.dll
2007-10-09 11:58 16,896 ----a-w C:\WINDOWS\system32\tswpfwrp.exe
2007-10-05 16:44 40,733 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe
2007-08-17 07:56 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-11-30 15:34 57,115,310 ----a-w C:\Program Files\openofficeorg3.cab
2006-11-30 15:34 3,293,189 ----a-w C:\Program Files\openofficeorg4.cab
2006-11-30 15:25 15,519,277 ----a-w C:\Program Files\openofficeorg2.cab
2006-11-30 15:22 18,447,022 ----a-w C:\Program Files\openofficeorg1.cab
2006-11-30 15:17 5,298,688 ----a-w C:\Program Files\openofficeorg21.msi
2006-11-30 15:17 217 ----a-w C:\Program Files\setup.ini
2006-11-13 16:31 315,392 ----a-w C:\Program Files\setup.exe
2006-11-01 20:06 7,022,328 ----a-w C:\Program Files\logicielphotoOrangeFR.exe
2002-03-11 09:06 1,822,520 ----a-w C:\Program Files\instmsiw.exe
2002-03-11 08:45 1,708,856 ----a-w C:\Program Files\instmsia.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC11617C-259E-429c-9063-7D70B8355EBD}]
2007-11-14 14:36 1486848 --a------ C:\Program Files\dbar\Deskbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 16:41 68856]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
"Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-02-20 19:01 49152]
"nwiz"="nwiz.exe" [2003-07-28 14:19 323584 C:\WINDOWS\system32\nwiz.exe]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CAMTRAY.EXE" [2005-10-27 11:00 299008]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 14:28 577536 C:\WINDOWS\soundman.exe]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 15:17 159744]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-09 17:48 155648]
"OWS Setup CmdLine"="C:\Program Files\Fichiers communs\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe" [2004-08-20 00:09 188480]
"LWBMOUSE"="C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe" [2001-03-26 05:35 429568]
"iKeyWorks"="C:\PROGRA~1\HotKeys\Ikeymain.exe" [2001-09-12 08:44 49152]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-23 19:01 249896]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 11:45 63712]
"dbar_starter"="C:\Documents and Settings\Angelique\Application Data\Deskbar_{909881D2-3302-4cd0-BBE3-1EEAC3A698C0}\starter.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]

C:\Documents and Settings\Angelique\Menu D‚marrer\Programmes\D‚marrage\
MSN Pictures Displayer.lnk - C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe [2007-05-27 18:28:12 4571136]
OpenOffice.org 2.1.lnk - C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 16:45:48 393216]

C:\Documents and Settings\picatchou\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 16:45:48 393216]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Contr“leur d'‚tat.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-01-15 14:23:08 802816]
Gestionnaire de services SQL Server.lnk - C:\MSSQL7\Binn\sqlmangr.exe [2007-12-31 20:04:19 110592]
Logiciel de Synchronisation Orange.lnk - C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe [2007-05-14 12:05:16 684032]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 09:15:56 65588]
NkvMon.exe.lnk - C:\Program Files\Nikon\NkView5\NkvMon.exe [2005-09-17 16:03:33 233472]
Raccourci vers wlancfg.lnk - C:\thomson\wlancfg.exe [2007-08-17 10:40:30 1466368]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 14:40:46 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 10:21]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 10:21]
R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]
R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys [2002-07-01 15:10]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-03 23:45]
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 p2psvc;Réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2006-03-01 18:37]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 08:42]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 08:42]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 08:42]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 08:42]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 08:42]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-31 16:39:16
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-01-31 16:41:01
ComboFix-quarantined-files.txt 2008-01-31 15:40:53
.
2008-01-18 11:14:16 --- E O F ---
0
Réponse 31 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
31 janv. 2008 à 16:55
re,

a l´aide de hijack this coche et fix cette ligne :

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)

n´instale plus de bar de recherche, elles sont la pluspart infectieuses...

Copie le texte ci-dessous :

File::
C:\WINDOWS\system32\AdssiteSocial-uninstall.exe

Folder::
C:\Program Files\dbar
C:\Program Files\Navilog1

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC11617C-259E-429c-9063-7D70B8355EBD}]

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,


Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

@+
0
Réponse 32 / 37
cyrilsp37 Messages postés 32 Date d'inscription mercredi 23 janvier 2008 Statut Membre Dernière intervention 16 décembre 2019
31 janv. 2008 à 17:35
ComboFix 08-01-31.5 - picatchou 2008-01-31 17:28:03.5 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.520 [GMT 1:00]
Endroit: C:\Documents and Settings\picatchou\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\picatchou\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE
C:\WINDOWS\system32\AdssiteSocial-uninstall.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\dbar
C:\Program Files\dbar\basis.xml
C:\Program Files\dbar\channel.tmpl
C:\Program Files\dbar\content.tmpl
C:\Program Files\dbar\date.tmpl
C:\Program Files\dbar\dbaruninst.exe
C:\Program Files\dbar\deskbar.crc
C:\Program Files\dbar\deskbar.dll
C:\Program Files\dbar\deskbar.inf
C:\Program Files\dbar\edit_rss.tmpl
C:\Program Files\dbar\logo.bmp
C:\Program Files\dbar\mbback.bmp
C:\Program Files\dbar\mbbigopen.bmp
C:\Program Files\dbar\mbclose.bmp
C:\Program Files\dbar\mbfwd.bmp
C:\Program Files\dbar\mblogo.bmp
C:\Program Files\dbar\mbsep.bmp
C:\Program Files\dbar\nav1.bmp
C:\Program Files\dbar\nav2.bmp
C:\Program Files\dbar\new_alert.tmpl
C:\Program Files\dbar\version.txt
C:\Program Files\Navilog1
C:\Program Files\Navilog1\catchme.exe
C:\Program Files\Navilog1\fsblb.txt
C:\Program Files\Navilog1\GetPaths.exe
C:\Program Files\Navilog1\gnc.exe
C:\Program Files\Navilog1\navilog1.bat
C:\Program Files\Navilog1\oem2ansi.exe
C:\Program Files\Navilog1\Process.exe
C:\Program Files\Navilog1\reboot.exe
C:\Program Files\Navilog1\reg.exe
C:\Program Files\Navilog1\regnavi.reg
C:\Program Files\Navilog1\traite.bat
C:\Program Files\Navilog1\traite2.bat
C:\Program Files\Navilog1\traitement.vbs
C:\Program Files\Navilog1\unins000.dat
C:\Program Files\Navilog1\unins000.exe
C:\WINDOWS\system32\AdssiteSocial-uninstall.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-28 to 2008-01-31 ))))))))))))))))))))))))))))))))))))
.

2008-01-31 16:52 . 2008-01-31 16:52 <REP> d-------- C:\WINDOWS\LastGood
2008-01-31 16:46 . 2008-01-31 16:46 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\ArcSoft
2008-01-30 19:55 . 2008-01-31 15:25 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\OpenOffice.org2
2008-01-30 19:30 . 2008-01-30 20:03 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Vso
2008-01-30 19:29 . 2008-01-30 19:29 <REP> d-------- C:\Program Files\VSO
2008-01-30 19:29 . 2008-01-30 19:29 3,982,776 --a------ C:\Program Files\vso_image_resizer_setup.exe
2008-01-30 18:28 . 2008-01-30 18:29 60,416 --a------ C:\WINDOWS\ALCFDRTM.VER
2008-01-30 18:28 . 2008-01-30 18:28 60,416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2008-01-30 12:55 . 2008-01-30 12:55 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Creative
2008-01-29 22:01 . 2008-01-29 22:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-29 22:00 . 2008-01-29 22:00 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-28 10:19 . 2008-01-28 10:19 <REP> d-------- C:\Documents and Settings\Angelique\Application Data\Deskbar_{909881D2-3302-4cd0-BBE3-1EEAC3A698C0}
2008-01-28 09:55 . 2008-01-28 10:25 <REP> d-------- C:\Program Files\winvi
2008-01-24 18:05 . 2008-01-24 18:09 <REP> d-------- C:\Program Files\telechargement cyril
2008-01-23 18:56 . 2008-01-23 18:56 <REP> d-------- C:\Program Files\Avira
2008-01-23 18:56 . 2008-01-23 18:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-01-23 18:45 . 2008-01-23 18:45 <REP> d-------- C:\Program Files\Sunbelt Software
2008-01-23 12:53 . 2008-01-23 12:53 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-23 12:35 . 2008-01-23 12:35 <REP> d-------- C:\Program Files\Trend Micro
2008-01-23 12:26 . 2008-01-23 20:50 2,648 --a------ C:\WINDOWS\sql70.MIF
2008-01-22 20:41 . 2008-01-22 20:41 <REP> d-------- C:\Program Files\Enigma Software Group
2008-01-18 18:45 . 2008-01-18 18:45 <REP> d---s---- C:\WINDOWS\system32\%SystemDrive%
2008-01-18 18:45 . 2008-01-18 18:45 <REP> d-------- C:\WINDOWS\Google Toolbar
2008-01-18 18:33 . 2008-01-23 17:31 <REP> d-------- C:\Program Files\Norton Security Scan
2008-01-18 18:29 . 2008-01-18 18:29 867,560 --a------ C:\Program Files\Google Updater.exe
2008-01-16 19:52 . 2008-01-16 19:52 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\ScanSoft
2008-01-12 21:04 . 2008-01-30 18:54 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-12 21:04 . 2008-01-12 21:04 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-12 20:02 . 2008-01-12 20:02 <REP> d-------- C:\Documents and Settings\Angelique\Application Data\Leadertech
2008-01-12 09:11 . 2008-01-12 09:14 19,004,560 --a------ C:\Program Files\setupfre.exe
2008-01-12 08:59 . 2008-01-12 08:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-01-10 17:31 . 2008-01-10 17:31 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\SPAMfighter
2008-01-09 12:18 . 2008-01-09 12:18 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-09 12:18 . 2008-01-09 12:18 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-01-09 12:18 . 2008-01-09 12:18 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-01-09 12:18 . 2008-01-09 12:18 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-01-09 12:18 . 2008-01-09 12:18 9,878 --a------ C:\WINDOWS\system32\dsm_fr.qm
2008-01-09 12:18 . 2008-01-09 12:18 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-01-09 12:16 . 2008-01-09 12:16 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2008-01-09 12:16 . 2008-01-09 12:16 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2008-01-09 12:16 . 2008-01-09 12:16 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2008-01-09 12:16 . 2008-01-09 12:16 682,496 --a------ C:\WINDOWS\system32\DivX.dll
2008-01-09 12:16 . 2008-01-09 12:16 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2008-01-09 12:16 . 2008-01-09 12:16 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-01-09 12:16 . 2008-01-09 12:16 416 --a------ C:\WINDOWS\system32\dtu100.dll.manifest
2008-01-09 12:16 . 2008-01-09 12:16 416 --a------ C:\WINDOWS\system32\dpl100.dll.manifest
2008-01-09 12:15 . 2008-01-09 12:15 630,784 --a------ C:\WINDOWS\system32\divxdec.ax
2008-01-06 21:25 . 2008-01-23 17:31 <REP> d-------- C:\Program Files\Macrogaming
2008-01-06 10:04 . 2008-01-06 10:04 <REP> d-------- C:\Documents and Settings\cyril\Mes documents
2008-01-05 18:23 . 2008-01-05 18:23 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Leadertech
2008-01-04 18:13 . 2008-01-04 18:13 <REP> dr------- C:\Documents and Settings\picatchou\Application Data\Brother
2008-01-04 16:16 . 2008-01-04 16:16 <REP> d-------- C:\Program Files\SAGEM
2008-01-03 21:17 . 2008-01-04 16:17 21 --a------ C:\WINDOWS\kit.ini
2008-01-03 20:46 . 2008-01-03 20:46 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\DivX
2008-01-03 19:42 . 2008-01-03 19:43 7,020,185 --a------ C:\Program Files\Gestionnaire_internetLB.exe
2008-01-03 19:13 . 2008-01-03 19:13 535,512 --a------ C:\Program Files\pllangs.exe
2008-01-03 19:11 . 2008-01-03 19:11 2,855,080 --a------ C:\Program Files\ad-aware-se-personal_ad-aware_se_personal_1.6_anglais_12797.exe
2008-01-03 18:45 . 2008-01-03 18:45 407,680 --a------ C:\Program Files\aswclnr.exe
2008-01-03 18:34 . 2008-01-29 22:02 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Lavasoft
2008-01-03 18:28 . 2008-01-03 18:24 18,164,640 --a------ C:\Program Files\aaw2007.exe
2008-01-03 18:28 . 2008-01-03 18:23 2,724,328 --a------ C:\Program Files\ccsetup203.exe
2008-01-02 18:29 . 2008-01-02 18:29 <REP> d-------- C:\Documents and Settings\picatchou\WINDOWS
2008-01-02 18:16 . 2008-01-02 18:44 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\OfficeUpdate12
2008-01-01 17:32 . 2008-01-01 17:32 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Apple Computer
2008-01-01 17:15 . 2008-01-01 17:15 <REP> d--hs---- C:\Documents and Settings\picatchou\UserData
2008-01-01 16:00 . 2008-01-05 18:37 <REP> d-------- C:\Documents and Settings\picatchou\Contacts
2008-01-01 15:10 . 2008-01-01 15:10 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Windows Desktop Search
2008-01-01 15:10 . 2008-01-01 15:10 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Voxmobili
2008-01-01 15:10 . 2008-01-01 15:10 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Teleca
2008-01-01 15:09 . 2008-01-01 15:09 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Sony Ericsson
2008-01-01 15:09 . 2008-01-01 15:09 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Nikon
2008-01-01 15:08 . 2005-09-16 21:57 <REP> d--h----- C:\Documents and Settings\picatchou\Voisinage réseau
2008-01-01 15:08 . 2005-09-16 21:57 <REP> d--h----- C:\Documents and Settings\picatchou\Voisinage d'impression
2008-01-01 15:08 . 2005-09-16 21:02 <REP> d--h----- C:\Documents and Settings\picatchou\Modèles
2008-01-01 15:08 . 2008-01-23 13:59 <REP> dr------- C:\Documents and Settings\picatchou\Mes documents
2008-01-01 15:08 . 2005-09-16 21:57 <REP> dr------- C:\Documents and Settings\picatchou\Menu Démarrer
2008-01-01 15:08 . 2008-01-31 15:40 <REP> dr------- C:\Documents and Settings\picatchou\Favoris
2008-01-01 15:08 . 2008-01-31 17:27 <REP> d-------- C:\Documents and Settings\picatchou\Bureau
2008-01-01 13:04 . 2008-01-01 13:04 <REP> d-------- C:\Program Files\Browser Mouse
2007-12-31 20:04 . 1999-01-05 11:57 32,060 --a------ C:\WINDOWS\system32\cliconf.hlp
2007-12-31 20:03 . 2008-01-23 20:50 <REP> d-------- C:\MSSQL7
2007-12-31 20:03 . 2008-01-02 18:45 899 --------- C:\WINDOWS\setup~0.iss
2007-12-31 19:19 . 2007-12-31 19:22 16,840,120 --a------ C:\Program Files\IE7Setup_G_FR.exe
2007-12-31 18:23 . 2007-12-31 18:23 244 --ah----- C:\sqmnoopt01.sqm
2007-12-31 18:23 . 2007-12-31 18:23 232 --ah----- C:\sqmdata01.sqm
2007-12-31 17:52 . 2007-12-31 17:52 244 --ah----- C:\sqmnoopt00.sqm
2007-12-31 17:52 . 2007-12-31 17:52 232 --ah----- C:\sqmdata00.sqm
2007-12-27 20:44 . 2008-01-24 18:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2007-12-22 15:03 . 2007-12-22 15:03 <REP> d-------- C:\Program Files\Aquapep2
2007-12-15 18:30 . 2007-12-22 15:16 <REP> d-------- C:\Program Files\AkvaarioGes
2007-12-14 11:32 . 2007-12-14 11:32 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
2007-12-11 20:44 . 2007-12-11 20:44 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-12-11 20:44 . 2007-12-11 20:44 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax
2007-12-11 20:44 . 2007-12-11 20:44 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-12-11 20:44 . 2007-12-11 20:44 294,912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-12-11 20:44 . 2007-12-11 20:44 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-12-11 20:44 . 2007-12-11 20:44 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-12-11 20:44 . 2007-12-11 20:44 57,344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-12-11 20:44 . 2007-12-11 20:44 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-12-11 20:43 . 2007-12-11 20:43 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-31 09:54 --------- d-----w C:\Documents and Settings\Angelique\Application Data\OpenOffice.org2
2008-01-29 21:02 --------- d-----w C:\Program Files\Lavasoft
2008-01-24 18:06 --------- d-----w C:\Program Files\eMule
2008-01-22 16:54 --------- d-----w C:\Program Files\DivX
2008-01-18 20:26 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-01-18 19:33 --------- d-----w C:\Program Files\Google
2008-01-10 16:25 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-09 18:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-04 15:17 --------- d-----w C:\Program Files\Wanadoo
2008-01-04 15:16 90 ----a-w C:\Program Files\Setup.log
2008-01-03 17:57 5,720 ----a-w C:\Program Files\aswclnr.log
2008-01-03 17:45 672,256 ----a-w C:\Program Files\aswclnr.tmp
2007-12-27 19:37 --------- d-----w C:\Program Files\JPEG Compression
2007-12-27 16:27 --------- d-----w C:\Documents and Settings\Angelique\Application Data\ScanSoft
2007-12-22 13:56 --------- d-----w C:\Program Files\MSN Messenger
2007-12-22 13:56 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-03 07:55 --------- d-----w C:\Program Files\MSN Pictures Displayer
2007-11-30 18:43 79,868 ----a-w C:\WINDOWS\system32\adssite-remove.exe
2007-11-28 17:16 --------- d-----w C:\Program Files\Fichiers communs\SansenDommagement
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-24 00:47 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll
2007-10-24 00:47 84,480 ----a-w C:\WINDOWS\system32\mscories.dll
2007-10-24 00:47 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll
2007-10-24 00:47 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-11 08:55 88,576 ----a-w C:\WINDOWS\system32\infocardapi.dll
2007-10-11 08:55 579,584 ----a-w C:\WINDOWS\system32\icardagt.exe
2007-10-11 08:55 11,776 ----a-w C:\WINDOWS\system32\icardres.dll
2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-10-09 12:03 779,800 ----a-w C:\WINDOWS\system32\PresentationNative_v0300.dll
2007-10-09 12:03 73,752 ----a-w C:\WINDOWS\system32\dxva2.dll
2007-10-09 12:03 493,080 ----a-w C:\WINDOWS\system32\evr.dll
2007-10-09 12:03 350,744 ----a-w C:\WINDOWS\system32\PresentationHost.exe
2007-10-09 12:03 33,304 ----a-w C:\WINDOWS\system32\PresentationHostProxy.dll
2007-10-09 12:03 161,304 ----a-w C:\WINDOWS\system32\UIAutomationCore.dll
2007-10-09 12:03 106,520 ----a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2007-10-09 12:03 1,986,072 ----a-w C:\WINDOWS\system32\milcore.dll
2007-10-09 11:58 16,896 ----a-w C:\WINDOWS\system32\tswpfwrp.exe
2007-10-05 16:44 40,733 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe
2007-08-17 07:56 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-11-30 15:34 57,115,310 ----a-w C:\Program Files\openofficeorg3.cab
2006-11-30 15:34 3,293,189 ----a-w C:\Program Files\openofficeorg4.cab
2006-11-30 15:25 15,519,277 ----a-w C:\Program Files\openofficeorg2.cab
2006-11-30 15:22 18,447,022 ----a-w C:\Program Files\openofficeorg1.cab
2006-11-30 15:17 5,298,688 ----a-w C:\Program Files\openofficeorg21.msi
2006-11-30 15:17 217 ----a-w C:\Program Files\setup.ini
2006-11-13 16:31 315,392 ----a-w C:\Program Files\setup.exe
2006-11-01 20:06 7,022,328 ----a-w C:\Program Files\logicielphotoOrangeFR.exe
2002-03-11 09:06 1,822,520 ----a-w C:\Program Files\instmsiw.exe
2002-03-11 08:45 1,708,856 ----a-w C:\Program Files\instmsia.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 16:41 68856]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
"Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-02-20 19:01 49152]
"nwiz"="nwiz.exe" [2003-07-28 14:19 323584 C:\WINDOWS\system32\nwiz.exe]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CAMTRAY.EXE" [2005-10-27 11:00 299008]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 14:28 577536 C:\WINDOWS\soundman.exe]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 15:17 159744]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-09 17:48 155648]
"OWS Setup CmdLine"="C:\Program Files\Fichiers communs\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe" [2004-08-20 00:09 188480]
"LWBMOUSE"="C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe" [2001-03-26 05:35 429568]
"iKeyWorks"="C:\PROGRA~1\HotKeys\Ikeymain.exe" [2001-09-12 08:44 49152]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-23 19:01 249896]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 11:45 63712]
"dbar_starter"="C:\Documents and Settings\Angelique\Application Data\Deskbar_{909881D2-3302-4cd0-BBE3-1EEAC3A698C0}\starter.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]

C:\Documents and Settings\Angelique\Menu D‚marrer\Programmes\D‚marrage\
MSN Pictures Displayer.lnk - C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe [2007-05-27 18:28:12 4571136]
OpenOffice.org 2.1.lnk - C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 16:45:48 393216]

C:\Documents and Settings\picatchou\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 16:45:48 393216]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Contr“leur d'‚tat.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-01-15 14:23:08 802816]
Gestionnaire de services SQL Server.lnk - C:\MSSQL7\Binn\sqlmangr.exe [2007-12-31 20:04:19 110592]
Logiciel de Synchronisation Orange.lnk - C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe [2007-05-14 12:05:16 684032]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 09:15:56 65588]
NkvMon.exe.lnk - C:\Program Files\Nikon\NkView5\NkvMon.exe [2005-09-17 16:03:33 233472]
Raccourci vers wlancfg.lnk - C:\thomson\wlancfg.exe [2007-08-17 10:40:30 1466368]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 14:40:46 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 10:21]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 10:21]
R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]
R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys [2002-07-01 15:10]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-03 23:45]
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 p2psvc;Réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2006-03-01 18:37]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 08:42]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 08:42]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 08:42]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 08:42]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 08:42]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-31 17:32:00
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-01-31 17:33:35
ComboFix-quarantined-files.txt 2008-01-31 16:33:29
ComboFix2.txt 2008-01-31 15:41:03
.
2008-01-18 11:14:16 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:35:23, on 31/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\MSSQL7\binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\MSSQL7\binn\sqlagent.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\PROGRA~1\HotKeys\Ikeymain.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\thomson\wlancfg.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OWS Setup CmdLine] "C:\Program Files\Fichiers communs\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe" /r /pkg "Office 2000 Server Extensions" /q
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\HotKeys\Ikeymain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [dbar_starter] C:\Documents and Settings\Angelique\Application Data\Deskbar_{909881D2-3302-4cd0-BBE3-1EEAC3A698C0}\starter.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Gestionnaire de services SQL Server.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: Raccourci vers wlancfg.lnk = C:\thomson\wlancfg.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.n9ws.com/webscanner/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1200137595375
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cyrilsp37.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Office Server Extensions Notification Service (OWSTimer) - Unknown owner - C:\Program Files\Microsoft Office\Office\OWSTIMER.EXE
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
0
Réponse 33 / 37
cyrilsp37 Messages postés 32 Date d'inscription mercredi 23 janvier 2008 Statut Membre Dernière intervention 16 décembre 2019
31 janv. 2008 à 17:35
ComboFix 08-01-31.5 - picatchou 2008-01-31 17:28:03.5 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.520 [GMT 1:00]
Endroit: C:\Documents and Settings\picatchou\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\picatchou\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE
C:\WINDOWS\system32\AdssiteSocial-uninstall.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\dbar
C:\Program Files\dbar\basis.xml
C:\Program Files\dbar\channel.tmpl
C:\Program Files\dbar\content.tmpl
C:\Program Files\dbar\date.tmpl
C:\Program Files\dbar\dbaruninst.exe
C:\Program Files\dbar\deskbar.crc
C:\Program Files\dbar\deskbar.dll
C:\Program Files\dbar\deskbar.inf
C:\Program Files\dbar\edit_rss.tmpl
C:\Program Files\dbar\logo.bmp
C:\Program Files\dbar\mbback.bmp
C:\Program Files\dbar\mbbigopen.bmp
C:\Program Files\dbar\mbclose.bmp
C:\Program Files\dbar\mbfwd.bmp
C:\Program Files\dbar\mblogo.bmp
C:\Program Files\dbar\mbsep.bmp
C:\Program Files\dbar\nav1.bmp
C:\Program Files\dbar\nav2.bmp
C:\Program Files\dbar\new_alert.tmpl
C:\Program Files\dbar\version.txt
C:\Program Files\Navilog1
C:\Program Files\Navilog1\catchme.exe
C:\Program Files\Navilog1\fsblb.txt
C:\Program Files\Navilog1\GetPaths.exe
C:\Program Files\Navilog1\gnc.exe
C:\Program Files\Navilog1\navilog1.bat
C:\Program Files\Navilog1\oem2ansi.exe
C:\Program Files\Navilog1\Process.exe
C:\Program Files\Navilog1\reboot.exe
C:\Program Files\Navilog1\reg.exe
C:\Program Files\Navilog1\regnavi.reg
C:\Program Files\Navilog1\traite.bat
C:\Program Files\Navilog1\traite2.bat
C:\Program Files\Navilog1\traitement.vbs
C:\Program Files\Navilog1\unins000.dat
C:\Program Files\Navilog1\unins000.exe
C:\WINDOWS\system32\AdssiteSocial-uninstall.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-28 to 2008-01-31 ))))))))))))))))))))))))))))))))))))
.

2008-01-31 16:52 . 2008-01-31 16:52 <REP> d-------- C:\WINDOWS\LastGood
2008-01-31 16:46 . 2008-01-31 16:46 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\ArcSoft
2008-01-30 19:55 . 2008-01-31 15:25 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\OpenOffice.org2
2008-01-30 19:30 . 2008-01-30 20:03 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Vso
2008-01-30 19:29 . 2008-01-30 19:29 <REP> d-------- C:\Program Files\VSO
2008-01-30 19:29 . 2008-01-30 19:29 3,982,776 --a------ C:\Program Files\vso_image_resizer_setup.exe
2008-01-30 18:28 . 2008-01-30 18:29 60,416 --a------ C:\WINDOWS\ALCFDRTM.VER
2008-01-30 18:28 . 2008-01-30 18:28 60,416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2008-01-30 12:55 . 2008-01-30 12:55 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Creative
2008-01-29 22:01 . 2008-01-29 22:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-29 22:00 . 2008-01-29 22:00 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-28 10:19 . 2008-01-28 10:19 <REP> d-------- C:\Documents and Settings\Angelique\Application Data\Deskbar_{909881D2-3302-4cd0-BBE3-1EEAC3A698C0}
2008-01-28 09:55 . 2008-01-28 10:25 <REP> d-------- C:\Program Files\winvi
2008-01-24 18:05 . 2008-01-24 18:09 <REP> d-------- C:\Program Files\telechargement cyril
2008-01-23 18:56 . 2008-01-23 18:56 <REP> d-------- C:\Program Files\Avira
2008-01-23 18:56 . 2008-01-23 18:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-01-23 18:45 . 2008-01-23 18:45 <REP> d-------- C:\Program Files\Sunbelt Software
2008-01-23 12:53 . 2008-01-23 12:53 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-23 12:35 . 2008-01-23 12:35 <REP> d-------- C:\Program Files\Trend Micro
2008-01-23 12:26 . 2008-01-23 20:50 2,648 --a------ C:\WINDOWS\sql70.MIF
2008-01-22 20:41 . 2008-01-22 20:41 <REP> d-------- C:\Program Files\Enigma Software Group
2008-01-18 18:45 . 2008-01-18 18:45 <REP> d---s---- C:\WINDOWS\system32\%SystemDrive%
2008-01-18 18:45 . 2008-01-18 18:45 <REP> d-------- C:\WINDOWS\Google Toolbar
2008-01-18 18:33 . 2008-01-23 17:31 <REP> d-------- C:\Program Files\Norton Security Scan
2008-01-18 18:29 . 2008-01-18 18:29 867,560 --a------ C:\Program Files\Google Updater.exe
2008-01-16 19:52 . 2008-01-16 19:52 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\ScanSoft
2008-01-12 21:04 . 2008-01-30 18:54 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-12 21:04 . 2008-01-12 21:04 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-12 20:02 . 2008-01-12 20:02 <REP> d-------- C:\Documents and Settings\Angelique\Application Data\Leadertech
2008-01-12 09:11 . 2008-01-12 09:14 19,004,560 --a------ C:\Program Files\setupfre.exe
2008-01-12 08:59 . 2008-01-12 08:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-01-10 17:31 . 2008-01-10 17:31 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\SPAMfighter
2008-01-09 12:18 . 2008-01-09 12:18 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-09 12:18 . 2008-01-09 12:18 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-01-09 12:18 . 2008-01-09 12:18 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-01-09 12:18 . 2008-01-09 12:18 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-01-09 12:18 . 2008-01-09 12:18 9,878 --a------ C:\WINDOWS\system32\dsm_fr.qm
2008-01-09 12:18 . 2008-01-09 12:18 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-01-09 12:16 . 2008-01-09 12:16 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2008-01-09 12:16 . 2008-01-09 12:16 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2008-01-09 12:16 . 2008-01-09 12:16 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2008-01-09 12:16 . 2008-01-09 12:16 682,496 --a------ C:\WINDOWS\system32\DivX.dll
2008-01-09 12:16 . 2008-01-09 12:16 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2008-01-09 12:16 . 2008-01-09 12:16 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-01-09 12:16 . 2008-01-09 12:16 416 --a------ C:\WINDOWS\system32\dtu100.dll.manifest
2008-01-09 12:16 . 2008-01-09 12:16 416 --a------ C:\WINDOWS\system32\dpl100.dll.manifest
2008-01-09 12:15 . 2008-01-09 12:15 630,784 --a------ C:\WINDOWS\system32\divxdec.ax
2008-01-06 21:25 . 2008-01-23 17:31 <REP> d-------- C:\Program Files\Macrogaming
2008-01-06 10:04 . 2008-01-06 10:04 <REP> d-------- C:\Documents and Settings\cyril\Mes documents
2008-01-05 18:23 . 2008-01-05 18:23 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Leadertech
2008-01-04 18:13 . 2008-01-04 18:13 <REP> dr------- C:\Documents and Settings\picatchou\Application Data\Brother
2008-01-04 16:16 . 2008-01-04 16:16 <REP> d-------- C:\Program Files\SAGEM
2008-01-03 21:17 . 2008-01-04 16:17 21 --a------ C:\WINDOWS\kit.ini
2008-01-03 20:46 . 2008-01-03 20:46 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\DivX
2008-01-03 19:42 . 2008-01-03 19:43 7,020,185 --a------ C:\Program Files\Gestionnaire_internetLB.exe
2008-01-03 19:13 . 2008-01-03 19:13 535,512 --a------ C:\Program Files\pllangs.exe
2008-01-03 19:11 . 2008-01-03 19:11 2,855,080 --a------ C:\Program Files\ad-aware-se-personal_ad-aware_se_personal_1.6_anglais_12797.exe
2008-01-03 18:45 . 2008-01-03 18:45 407,680 --a------ C:\Program Files\aswclnr.exe
2008-01-03 18:34 . 2008-01-29 22:02 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Lavasoft
2008-01-03 18:28 . 2008-01-03 18:24 18,164,640 --a------ C:\Program Files\aaw2007.exe
2008-01-03 18:28 . 2008-01-03 18:23 2,724,328 --a------ C:\Program Files\ccsetup203.exe
2008-01-02 18:29 . 2008-01-02 18:29 <REP> d-------- C:\Documents and Settings\picatchou\WINDOWS
2008-01-02 18:16 . 2008-01-02 18:44 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\OfficeUpdate12
2008-01-01 17:32 . 2008-01-01 17:32 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Apple Computer
2008-01-01 17:15 . 2008-01-01 17:15 <REP> d--hs---- C:\Documents and Settings\picatchou\UserData
2008-01-01 16:00 . 2008-01-05 18:37 <REP> d-------- C:\Documents and Settings\picatchou\Contacts
2008-01-01 15:10 . 2008-01-01 15:10 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Windows Desktop Search
2008-01-01 15:10 . 2008-01-01 15:10 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Voxmobili
2008-01-01 15:10 . 2008-01-01 15:10 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Teleca
2008-01-01 15:09 . 2008-01-01 15:09 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Sony Ericsson
2008-01-01 15:09 . 2008-01-01 15:09 <REP> d-------- C:\Documents and Settings\picatchou\Application Data\Nikon
2008-01-01 15:08 . 2005-09-16 21:57 <REP> d--h----- C:\Documents and Settings\picatchou\Voisinage réseau
2008-01-01 15:08 . 2005-09-16 21:57 <REP> d--h----- C:\Documents and Settings\picatchou\Voisinage d'impression
2008-01-01 15:08 . 2005-09-16 21:02 <REP> d--h----- C:\Documents and Settings\picatchou\Modèles
2008-01-01 15:08 . 2008-01-23 13:59 <REP> dr------- C:\Documents and Settings\picatchou\Mes documents
2008-01-01 15:08 . 2005-09-16 21:57 <REP> dr------- C:\Documents and Settings\picatchou\Menu Démarrer
2008-01-01 15:08 . 2008-01-31 15:40 <REP> dr------- C:\Documents and Settings\picatchou\Favoris
2008-01-01 15:08 . 2008-01-31 17:27 <REP> d-------- C:\Documents and Settings\picatchou\Bureau
2008-01-01 13:04 . 2008-01-01 13:04 <REP> d-------- C:\Program Files\Browser Mouse
2007-12-31 20:04 . 1999-01-05 11:57 32,060 --a------ C:\WINDOWS\system32\cliconf.hlp
2007-12-31 20:03 . 2008-01-23 20:50 <REP> d-------- C:\MSSQL7
2007-12-31 20:03 . 2008-01-02 18:45 899 --------- C:\WINDOWS\setup~0.iss
2007-12-31 19:19 . 2007-12-31 19:22 16,840,120 --a------ C:\Program Files\IE7Setup_G_FR.exe
2007-12-31 18:23 . 2007-12-31 18:23 244 --ah----- C:\sqmnoopt01.sqm
2007-12-31 18:23 . 2007-12-31 18:23 232 --ah----- C:\sqmdata01.sqm
2007-12-31 17:52 . 2007-12-31 17:52 244 --ah----- C:\sqmnoopt00.sqm
2007-12-31 17:52 . 2007-12-31 17:52 232 --ah----- C:\sqmdata00.sqm
2007-12-27 20:44 . 2008-01-24 18:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2007-12-22 15:03 . 2007-12-22 15:03 <REP> d-------- C:\Program Files\Aquapep2
2007-12-15 18:30 . 2007-12-22 15:16 <REP> d-------- C:\Program Files\AkvaarioGes
2007-12-14 11:32 . 2007-12-14 11:32 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
2007-12-11 20:44 . 2007-12-11 20:44 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-12-11 20:44 . 2007-12-11 20:44 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax
2007-12-11 20:44 . 2007-12-11 20:44 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-12-11 20:44 . 2007-12-11 20:44 294,912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-12-11 20:44 . 2007-12-11 20:44 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-12-11 20:44 . 2007-12-11 20:44 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-12-11 20:44 . 2007-12-11 20:44 57,344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-12-11 20:44 . 2007-12-11 20:44 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-12-11 20:43 . 2007-12-11 20:43 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-31 09:54 --------- d-----w C:\Documents and Settings\Angelique\Application Data\OpenOffice.org2
2008-01-29 21:02 --------- d-----w C:\Program Files\Lavasoft
2008-01-24 18:06 --------- d-----w C:\Program Files\eMule
2008-01-22 16:54 --------- d-----w C:\Program Files\DivX
2008-01-18 20:26 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-01-18 19:33 --------- d-----w C:\Program Files\Google
2008-01-10 16:25 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-09 18:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-04 15:17 --------- d-----w C:\Program Files\Wanadoo
2008-01-04 15:16 90 ----a-w C:\Program Files\Setup.log
2008-01-03 17:57 5,720 ----a-w C:\Program Files\aswclnr.log
2008-01-03 17:45 672,256 ----a-w C:\Program Files\aswclnr.tmp
2007-12-27 19:37 --------- d-----w C:\Program Files\JPEG Compression
2007-12-27 16:27 --------- d-----w C:\Documents and Settings\Angelique\Application Data\ScanSoft
2007-12-22 13:56 --------- d-----w C:\Program Files\MSN Messenger
2007-12-22 13:56 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-03 07:55 --------- d-----w C:\Program Files\MSN Pictures Displayer
2007-11-30 18:43 79,868 ----a-w C:\WINDOWS\system32\adssite-remove.exe
2007-11-28 17:16 --------- d-----w C:\Program Files\Fichiers communs\SansenDommagement
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-24 00:47 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll
2007-10-24 00:47 84,480 ----a-w C:\WINDOWS\system32\mscories.dll
2007-10-24 00:47 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll
2007-10-24 00:47 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-11 08:55 88,576 ----a-w C:\WINDOWS\system32\infocardapi.dll
2007-10-11 08:55 579,584 ----a-w C:\WINDOWS\system32\icardagt.exe
2007-10-11 08:55 11,776 ----a-w C:\WINDOWS\system32\icardres.dll
2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-10-09 12:03 779,800 ----a-w C:\WINDOWS\system32\PresentationNative_v0300.dll
2007-10-09 12:03 73,752 ----a-w C:\WINDOWS\system32\dxva2.dll
2007-10-09 12:03 493,080 ----a-w C:\WINDOWS\system32\evr.dll
2007-10-09 12:03 350,744 ----a-w C:\WINDOWS\system32\PresentationHost.exe
2007-10-09 12:03 33,304 ----a-w C:\WINDOWS\system32\PresentationHostProxy.dll
2007-10-09 12:03 161,304 ----a-w C:\WINDOWS\system32\UIAutomationCore.dll
2007-10-09 12:03 106,520 ----a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2007-10-09 12:03 1,986,072 ----a-w C:\WINDOWS\system32\milcore.dll
2007-10-09 11:58 16,896 ----a-w C:\WINDOWS\system32\tswpfwrp.exe
2007-10-05 16:44 40,733 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe
2007-08-17 07:56 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-11-30 15:34 57,115,310 ----a-w C:\Program Files\openofficeorg3.cab
2006-11-30 15:34 3,293,189 ----a-w C:\Program Files\openofficeorg4.cab
2006-11-30 15:25 15,519,277 ----a-w C:\Program Files\openofficeorg2.cab
2006-11-30 15:22 18,447,022 ----a-w C:\Program Files\openofficeorg1.cab
2006-11-30 15:17 5,298,688 ----a-w C:\Program Files\openofficeorg21.msi
2006-11-30 15:17 217 ----a-w C:\Program Files\setup.ini
2006-11-13 16:31 315,392 ----a-w C:\Program Files\setup.exe
2006-11-01 20:06 7,022,328 ----a-w C:\Program Files\logicielphotoOrangeFR.exe
2002-03-11 09:06 1,822,520 ----a-w C:\Program Files\instmsiw.exe
2002-03-11 08:45 1,708,856 ----a-w C:\Program Files\instmsia.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 16:41 68856]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
"Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-02-20 19:01 49152]
"nwiz"="nwiz.exe" [2003-07-28 14:19 323584 C:\WINDOWS\system32\nwiz.exe]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CAMTRAY.EXE" [2005-10-27 11:00 299008]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 14:28 577536 C:\WINDOWS\soundman.exe]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 15:17 159744]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-09 17:48 155648]
"OWS Setup CmdLine"="C:\Program Files\Fichiers communs\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe" [2004-08-20 00:09 188480]
"LWBMOUSE"="C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe" [2001-03-26 05:35 429568]
"iKeyWorks"="C:\PROGRA~1\HotKeys\Ikeymain.exe" [2001-09-12 08:44 49152]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-23 19:01 249896]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 11:45 63712]
"dbar_starter"="C:\Documents and Settings\Angelique\Application Data\Deskbar_{909881D2-3302-4cd0-BBE3-1EEAC3A698C0}\starter.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]

C:\Documents and Settings\Angelique\Menu D‚marrer\Programmes\D‚marrage\
MSN Pictures Displayer.lnk - C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe [2007-05-27 18:28:12 4571136]
OpenOffice.org 2.1.lnk - C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 16:45:48 393216]

C:\Documents and Settings\picatchou\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 16:45:48 393216]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Contr“leur d'‚tat.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-01-15 14:23:08 802816]
Gestionnaire de services SQL Server.lnk - C:\MSSQL7\Binn\sqlmangr.exe [2007-12-31 20:04:19 110592]
Logiciel de Synchronisation Orange.lnk - C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe [2007-05-14 12:05:16 684032]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 09:15:56 65588]
NkvMon.exe.lnk - C:\Program Files\Nikon\NkView5\NkvMon.exe [2005-09-17 16:03:33 233472]
Raccourci vers wlancfg.lnk - C:\thomson\wlancfg.exe [2007-08-17 10:40:30 1466368]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 14:40:46 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 10:21]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 10:21]
R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]
R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys [2002-07-01 15:10]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-03 23:45]
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 p2psvc;Réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2006-03-01 18:37]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 08:42]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 08:42]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 08:42]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 08:42]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 08:42]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-31 17:32:00
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-01-31 17:33:35
ComboFix-quarantined-files.txt 2008-01-31 16:33:29
ComboFix2.txt 2008-01-31 15:41:03
.
2008-01-18 11:14:16 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:35:23, on 31/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\MSSQL7\binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\MSSQL7\binn\sqlagent.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\PROGRA~1\HotKeys\Ikeymain.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\thomson\wlancfg.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OWS Setup CmdLine] "C:\Program Files\Fichiers communs\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe" /r /pkg "Office 2000 Server Extensions" /q
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\HotKeys\Ikeymain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [dbar_starter] C:\Documents and Settings\Angelique\Application Data\Deskbar_{909881D2-3302-4cd0-BBE3-1EEAC3A698C0}\starter.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Gestionnaire de services SQL Server.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: Raccourci vers wlancfg.lnk = C:\thomson\wlancfg.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.n9ws.com/webscanner/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1200137595375
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cyrilsp37.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Office Server Extensions Notification Service (OWSTimer) - Unknown owner - C:\Program Files\Microsoft Office\Office\OWSTIMER.EXE
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
0
Réponse 34 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
31 janv. 2008 à 18:07
ok c´est cool ;-)

comment ca va de ton coté?

@+
0
Réponse 35 / 37
cyrilsp37 Messages postés 32 Date d'inscription mercredi 23 janvier 2008 Statut Membre Dernière intervention 16 décembre 2019
31 janv. 2008 à 18:57
^ca va plutot cool
@+ et merci pour ton aide
0
Réponse 36 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
31 janv. 2008 à 18:59
ok ;-)

je mets le topik en resolu

bonne continuation`

bye`
0
Réponse 37 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
31 janv. 2008 à 18:59
--

Le meilleur moyen de faire tourner la tête à une femme, c'est de lui dire qu'elle a un joli profil
0

Discussions similaires

bonjours problème de fap lock
marinadu14000 -
bendrop -

1 réponse
Bonjours à vous tous que veut dire Spouleur
Hannibal1971 -
Utilisateur anonyme -

1 réponse
Bonjours ma barre en bas de l"ecran a disparue
DeoSuS7 -
DeoSuS7 -

2 réponses