Infecté par un virus!!!

Résolu
Harry Seldon Messages postés 191 Statut Membre -  
g!rly Messages postés 18462 Statut Contributeur -
Bonjour,
Grace à un tutoriel d'Antivir ( http://speedweb1.free.fr/frames2.php?page=tuto5 ) j'ai mieux configuré les paramètres de mon antivirus et après analyse un virus nommé : APPLNirCmd.3 a été découvert. j'ai fait une analyse avec hijack this au cas où.
merci de m'indiquer les lignes à supprimer :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:49, on 2008-01-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
F:\photoshop\PhotoshopElementsFileAgent.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxddcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
C:\Program Files\ASUS\PC Probe II\Probe2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Lexmark 2500 Series\lxddamon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\DeltTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
E:\deamon tool\DAEMON Tools Lite\daemon.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
E:\fire-fox navigateur\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\acrobat reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LXDDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\photoshop\apdproxy.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\deamon tool\DAEMON Tools Lite\daemon.exe"
O4 - HKLM\..\Policies\Explorer\Run: [5T19I3B27A] C:\WINDOWS\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - F:\photoshop\PhotoshopElementsFileAgent.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11325 bytes
Configuration: Windows XP
Firefox 2.0.0.11

80 réponses

  • 1
  • 2
  • 3
  • 4
Résumé de la discussion

La discussion porte sur la détection d'un malware nommé APPLNirCmd.3 après une analyse antivirus et l'examen d'un rapport HijackThis, qui révèle un ensemble étendu d'éléments suspects pouvant affecter le système. Plusieurs éléments de démarrage et des modules divers figurent dans le rapport, et AntiVir PersonalEdition Classic a signalé des composants potentiellement malveillants lors du balayage du système Windows XP. En pratique, les réponses recommandent d’identifier et de supprimer uniquement les entrées clairement malveillantes, de refaire un balayage et de vérifier les composants légitimes avant toute suppression. En cas de doute, il convient d’utiliser des outils à jour et de croiser les chemins répertoriés, car le rapport peut contenir des éléments inoffensifs ou obsolètes.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. g!rly Messages postés 18462 Statut Contributeur 407
     
    salut,

    fais ceci :

    coupe toi d´internet et coupe antivir le temps de passer combofix :

    Télécharge combofix.exe (par sUBs) sur ton Bureau.

    -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    -> Double clique combofix.exe.
    -> Tape sur la touche 1 (Yes) pour démarrer le scan.
    -> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt

    @+
    0
  2. Harry Seldon Messages postés 191 Statut Membre 1
     
    Ok merci de ton aide; voici le rapport de combofix:

    ComboFix 08-01-30.6 - Gaetan 2008-01-30 14:31:31.6 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.513 [GMT 1:00]
    Endroit: C:\Documents and Settings\Gaetan\Bureau\ComboFix.exe

    [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-28 to 2008-01-30 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-30 12:43 . 2008-01-30 12:43 <REP> d-------- C:\Program Files\Trend Micro
    2008-01-26 00:31 . 2008-01-26 00:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    2008-01-25 16:48 . 2008-01-25 16:48 <REP> d-------- C:\Program Files\Yahoo!
    2008-01-18 16:14 . 2008-01-18 16:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\espionServerData
    2008-01-18 16:09 . 2008-01-18 16:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
    2008-01-18 16:06 . 2008-01-18 16:06 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
    2008-01-18 16:02 . 2008-01-18 16:02 116,472 --------- C:\WINDOWS\system32\pxcpyi64.exe
    2008-01-18 14:19 . 2008-01-18 14:19 <REP> d-------- C:\Program Files\Fichiers communs\Vbox
    2008-01-17 20:23 . 2008-01-17 20:23 <REP> d-------- C:\Program Files\iPod
    2008-01-17 20:23 . 2008-01-30 13:44 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-01-17 20:23 . 2008-01-17 20:23 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-01-10 15:27 . 2008-01-10 15:27 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
    2008-01-10 15:27 . 2008-01-10 15:27 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
    2008-01-06 19:10 . 2008-01-06 19:10 2,359,350 --a------ C:\WINDOWS\wallpaper.bmp
    2008-01-06 15:49 . 2008-01-12 15:24 <REP> d-------- C:\Documents and Settings\Gaetan\Application Data\ma-config.com
    2008-01-06 15:29 . 2008-01-06 15:29 <REP> d-------- C:\Documents and Settings\Gaetan\Application Data\Talkback
    2008-01-01 17:21 . 2008-01-01 19:10 <REP> d-------- C:\Documents and Settings\Gaetan\Application Data\DAEMON Tools
    2008-01-01 17:04 . 2008-01-08 22:28 <REP> d-------- C:\Program Files\free-downloads.net
    2008-01-01 17:04 . 2008-01-01 17:04 <REP> d-------- C:\Program Files\Alcohol Soft
    2007-12-30 15:30 . 2007-12-30 15:30 <REP> d-------- C:\Program Files\Alcohol Toolbar
    2007-12-30 15:30 . 2007-12-30 15:30 229,057 --a------ C:\WINDOWS\Alcohol_Toolbar_Uninstaller_4750.exe
    2007-12-30 15:23 . 2008-01-01 16:49 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2007-12-25 16:43 . 2007-12-25 16:43 <REP> d-------- C:\Program Files\M-Audio Delta
    2007-12-25 16:43 . 2004-09-09 16:45 1,122,304 --a------ C:\WINDOWS\system32\deltapnl.exe
    2007-12-25 16:43 . 2004-09-10 11:28 291,456 --a------ C:\WINDOWS\system32\drivers\delta.sys
    2007-12-25 16:43 . 2004-08-26 22:43 56,320 --a------ C:\WINDOWS\system32\delttray.exe
    2007-12-25 16:43 . 2004-09-09 16:45 44,032 --a------ C:\WINDOWS\system32\deltapnl.dll
    2007-12-25 16:43 . 2004-08-13 11:37 19,968 --a------ C:\WINDOWS\system32\deltasio.dll
    2007-12-25 16:43 . 2004-08-13 12:06 5,120 --a------ C:\WINDOWS\system32\DeltaCPL.cpl
    2007-12-25 14:48 . 2003-10-03 16:28 45,056 --a------ C:\WINDOWS\system32\vusetup.dll
    2007-12-25 14:48 . 2003-08-04 08:29 11,392 --a------ C:\WINDOWS\system32\drivers\vulfntr.sys
    2007-12-25 14:48 . 2003-08-04 08:29 6,912 --a------ C:\WINDOWS\system32\drivers\vulfnth.sys
    2007-12-19 15:49 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
    2007-12-19 15:49 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
    2007-12-19 15:49 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
    2007-12-19 15:49 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
    2007-12-19 15:49 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
    2007-12-19 15:49 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
    2007-12-19 15:49 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
    2007-12-19 15:49 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
    2007-12-08 23:21 . 2007-12-08 23:21 165,376 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
    2007-12-08 23:21 . 2007-12-08 23:21 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
    2007-12-05 22:49 . 2006-07-12 04:48 17,408 --a------ C:\WINDOWS\system32\drivers\gMouPS2.sys
    2007-12-05 22:49 . 2007-04-13 18:44 16,384 --a------ C:\WINDOWS\system32\drivers\gHidPnp.sys
    2007-12-05 22:49 . 2007-03-13 19:21 9,856 --a------ C:\WINDOWS\system32\drivers\gMouUsb.sys
    2007-12-05 22:47 . 2007-12-05 22:47 <REP> d-------- C:\Genius

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-30 13:30 --------- d-----w C:\Program Files\Wanadoo
    2008-01-30 11:27 --------- d-----w C:\Documents and Settings\Gaetan\Application Data\uTorrent
    2008-01-29 18:26 --------- d-----w C:\Documents and Settings\Gaetan\Application Data\dvdcss
    2008-01-26 20:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-26 00:41 --------- d-----w C:\Documents and Settings\Gaetan\Application Data\OpenOffice.org2
    2008-01-26 00:22 --------- d-----w C:\Program Files\Lx_cats
    2008-01-25 19:05 --------- d-----w C:\Program Files\SpywareBlaster
    2008-01-25 17:27 --------- d-----w C:\Documents and Settings\Gaetan\Application Data\Skype
    2008-01-19 06:04 --------- d-----w C:\Documents and Settings\Gaetan\Application Data\MySpace
    2008-01-18 15:06 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-01-18 15:02 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
    2008-01-18 15:02 129,784 ------w C:\WINDOWS\system32\pxafs.dll
    2008-01-18 15:02 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2008-01-17 19:23 --------- d-----w C:\Program Files\iTunes
    2008-01-17 19:21 --------- d-----w C:\Program Files\QuickTime
    2008-01-08 21:27 --------- d-----w C:\Program Files\Lexmark Toolbar
    2008-01-07 20:34 --------- d-----w C:\Program Files\AntivirusFirewall
    2007-12-14 15:57 --------- d-----w C:\Program Files\Java
    2007-12-04 02:00 --------- d-----w C:\Program Files\Windows Live Toolbar
    2007-12-03 18:56 --------- d-----w C:\Program Files\CCleaner
    2007-11-27 19:02 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
    2007-11-27 19:02 22,328 ----a-w C:\Documents and Settings\Gaetan\Application Data\PnkBstrK.sys
    2007-11-27 19:02 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2007-10-28 12:43 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
    2007-10-24 00:47 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll
    2007-10-24 00:47 84,480 ----a-w C:\WINDOWS\system32\mscories.dll
    2007-10-24 00:47 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll
    2007-10-24 00:47 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll
    2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 13:50 122880]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
    "ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2008-01-17 10:40 816368]
    "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-12-22 08:20 222080]
    "DAEMON Tools Lite"="E:\deamon tool\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "VTTimer"="VTTimer.exe" [2005-03-08 04:33 53248 C:\WINDOWS\system32\VTTimer.exe]
    "VTTrayp"="VTtrayp.exe" [2005-11-01 05:15 163840 C:\WINDOWS\system32\VTTrayp.exe]
    "RemoteControl"="C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe" [2004-11-02 19:24 32768]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
    "Ai Quicker Help"="C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe" [2006-06-01 19:57 3167232]
    "Launch PC Probe II"="C:\Program Files\ASUS\PC Probe II\Probe2.exe" [2006-04-25 17:48 2045952]
    "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49 20480]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-11-02 01:44 185896]
    "JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-04-25 03:52 385024]
    "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-27 16:37 249896]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
    "lxddmon.exe"="C:\Program Files\Lexmark 2500 Series\lxddmon.exe" [2007-02-13 00:58 291760]
    "lxddamon"="C:\Program Files\Lexmark 2500 Series\lxddamon.exe" [2007-02-06 00:32 20480]
    "FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2007-02-13 01:00 312240]
    "Adobe Reader Speed Launcher"="E:\acrobat reader\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 22:44 8429568]
    "nwiz"="nwiz.exe" [2007-04-12 22:44 1626112 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 22:44 81920]
    "LXDDCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll" [2007-01-22 23:05 102400]
    "ioCentre"="C:\Genius\ioCentre\gTaskBar.exe" [2007-04-13 15:04 61440]
    "DeltTray"="DeltTray.exe" [2004-08-26 22:43 56320 C:\WINDOWS\system32\delttray.exe]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
    "Adobe Photo Downloader"="F:\photoshop\apdproxy.exe" [2007-09-11 00:43 67488]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
    "5T19I3B27A"= C:\WINDOWS\svchost.exe

    R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 04:38]
    R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 04:39]
    R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;F:\photoshop\PhotoshopElementsFileAgent.exe [2007-09-11 00:45]
    R2 lxdd_device;lxdd_device;C:\WINDOWS\system32\lxddcoms.exe [2007-02-13 00:59]
    R3 gHidPnp;USB Device Enhanced Function Driver;C:\WINDOWS\system32\Drivers\gHidPnp.Sys [2007-04-13 18:44]
    R3 gMouUsb;USB Mouse Device Drv;C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2007-03-13 19:21]
    S3 gMouPS2;PS2 Scroll Mouse Device;C:\WINDOWS\system32\DRIVERS\gMouPS2.sys [2006-07-12 04:48]
    S3 jbridgep;jbridgep;C:\DOCUME~1\Gaetan\LOCALS~1\Temp\jbridgep.sys []
    S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-05-22 12:35]
    S3 se57bus;Sony Ericsson Device 087 driver (WDM);C:\WINDOWS\system32\DRIVERS\se57bus.sys [2006-11-30 15:12]
    S3 se57mdfl;Sony Ericsson Device 087 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se57mdfl.sys [2006-11-30 15:12]
    S3 se57mdm;Sony Ericsson Device 087 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se57mdm.sys [2006-11-30 15:12]
    S3 se57mgmt;Sony Ericsson Device 087 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se57mgmt.sys [2006-11-30 15:12]
    S3 se57nd5;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (NDIS);C:\WINDOWS\system32\DRIVERS\se57nd5.sys [2006-11-30 15:12]
    S3 se57obex;Sony Ericsson Device 087 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se57obex.sys [2006-11-30 15:12]
    S3 se57unic;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (WDM);C:\WINDOWS\system32\DRIVERS\se57unic.sys [2006-11-30 15:12]
    S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2006-03-31 03:39]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e0bf0d3-b883-11dc-a53d-001731e6ecc6}]
    \Shell\AutoRun\command - I:\Autorun.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-24 19:15:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-01-30 13:32:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-30 14:32:20
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    LXDDCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-01-30 14:32:46
    ComboFix-quarantined-files.txt 2008-01-30 13:32:44
    ComboFix2.txt 2008-01-30 13:29:18
    ComboFix3.txt 2008-01-30 13:23:36
    .
    2008-01-09 16:39:51 --- E O F ---
    0
  3. g!rly Messages postés 18462 Statut Contributeur 407
     
    re,

    Copie le texte ci-dessous :

    File::

    Folder::
    C:\Program Files\free-downloads.net

    Registry::
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
    "5T19I3B27A"=-

    Ouvre le Bloc-Notes puis colle le texte copié.
    (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

    http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif

    Cela va relancer Combofix,

    Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

    Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

    Ne touche à rien tant que le scan n'est pas terminé.

    Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

    S'il n'y a pas de rédémarrage, poste quand même les rapports.

    @+
    0
  4. Harry Seldon Messages postés 191 Statut Membre 1
     
    voici le rapport de combofix :
    ComboFix 08-01-30.6 - Gaetan 2008-01-30 17:13:46.7 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.570 [GMT 1:00]
    Endroit: C:\Documents and Settings\Gaetan\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Gaetan\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\free-downloads.net
    C:\Program Files\free-downloads.net\INSTALL.LOG
    C:\Program Files\free-downloads.net\toolbar.cfg
    C:\Program Files\free-downloads.net\UNWISE.EXE
    C:\WINDOWS\system32\lsprst7.dll
    C:\WINDOWS\system32\ssprs.dll
    C:\WINDOWS\system32\tmpPrst.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-28 to 2008-01-30 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-30 15:35 . 2008-01-30 15:35 14 --a------ C:\WINDOWS\system32\tmpPrst.tgz
    2008-01-30 12:43 . 2008-01-30 12:43 <REP> d-------- C:\Program Files\Trend Micro
    2008-01-26 00:31 . 2008-01-26 00:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    2008-01-25 16:48 . 2008-01-25 16:48 <REP> d-------- C:\Program Files\Yahoo!
    2008-01-18 16:14 . 2008-01-18 16:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\espionServerData
    2008-01-18 16:09 . 2008-01-18 16:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
    2008-01-18 16:06 . 2008-01-18 16:06 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
    2008-01-18 16:02 . 2008-01-18 16:02 116,472 --------- C:\WINDOWS\system32\pxcpyi64.exe
    2008-01-18 14:19 . 2008-01-18 14:19 <REP> d-------- C:\Program Files\Fichiers communs\Vbox
    2008-01-17 20:23 . 2008-01-17 20:23 <REP> d-------- C:\Program Files\iPod
    2008-01-17 20:23 . 2008-01-30 13:44 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-01-17 20:23 . 2008-01-17 20:23 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-01-10 15:27 . 2008-01-10 15:27 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
    2008-01-10 15:27 . 2008-01-10 15:27 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
    2008-01-06 19:10 . 2008-01-06 19:10 2,359,350 --a------ C:\WINDOWS\wallpaper.bmp
    2008-01-06 15:49 . 2008-01-12 15:24 <REP> d-------- C:\Documents and Settings\Gaetan\Application Data\ma-config.com
    2008-01-06 15:29 . 2008-01-06 15:29 <REP> d-------- C:\Documents and Settings\Gaetan\Application Data\Talkback
    2008-01-01 17:21 . 2008-01-01 19:10 <REP> d-------- C:\Documents and Settings\Gaetan\Application Data\DAEMON Tools
    2008-01-01 17:04 . 2008-01-01 17:04 <REP> d-------- C:\Program Files\Alcohol Soft
    2007-12-30 15:30 . 2007-12-30 15:30 <REP> d-------- C:\Program Files\Alcohol Toolbar
    2007-12-30 15:30 . 2007-12-30 15:30 229,057 --a------ C:\WINDOWS\Alcohol_Toolbar_Uninstaller_4750.exe
    2007-12-30 15:23 . 2008-01-01 16:49 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2007-12-25 16:43 . 2007-12-25 16:43 <REP> d-------- C:\Program Files\M-Audio Delta
    2007-12-25 16:43 . 2004-09-09 16:45 1,122,304 --a------ C:\WINDOWS\system32\deltapnl.exe
    2007-12-25 16:43 . 2004-09-10 11:28 291,456 --a------ C:\WINDOWS\system32\drivers\delta.sys
    2007-12-25 16:43 . 2004-08-26 22:43 56,320 --a------ C:\WINDOWS\system32\delttray.exe
    2007-12-25 16:43 . 2004-09-09 16:45 44,032 --a------ C:\WINDOWS\system32\deltapnl.dll
    2007-12-25 16:43 . 2004-08-13 11:37 19,968 --a------ C:\WINDOWS\system32\deltasio.dll
    2007-12-25 16:43 . 2004-08-13 12:06 5,120 --a------ C:\WINDOWS\system32\DeltaCPL.cpl
    2007-12-25 14:48 . 2003-10-03 16:28 45,056 --a------ C:\WINDOWS\system32\vusetup.dll
    2007-12-25 14:48 . 2003-08-04 08:29 11,392 --a------ C:\WINDOWS\system32\drivers\vulfntr.sys
    2007-12-25 14:48 . 2003-08-04 08:29 6,912 --a------ C:\WINDOWS\system32\drivers\vulfnth.sys
    2007-12-19 15:49 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
    2007-12-19 15:49 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
    2007-12-19 15:49 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
    2007-12-19 15:49 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
    2007-12-19 15:49 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
    2007-12-19 15:49 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
    2007-12-19 15:49 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
    2007-12-19 15:49 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
    2007-12-08 23:21 . 2007-12-08 23:21 165,376 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
    2007-12-08 23:21 . 2007-12-08 23:21 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
    2007-12-05 22:49 . 2006-07-12 04:48 17,408 --a------ C:\WINDOWS\system32\drivers\gMouPS2.sys
    2007-12-05 22:49 . 2007-04-13 18:44 16,384 --a------ C:\WINDOWS\system32\drivers\gHidPnp.sys
    2007-12-05 22:49 . 2007-03-13 19:21 9,856 --a------ C:\WINDOWS\system32\drivers\gMouUsb.sys
    2007-12-05 22:47 . 2007-12-05 22:47 <REP> d-------- C:\Genius

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-30 16:12 --------- d-----w C:\Program Files\Wanadoo
    2008-01-30 11:27 --------- d-----w C:\Documents and Settings\Gaetan\Application Data\uTorrent
    2008-01-29 18:26 --------- d-----w C:\Documents and Settings\Gaetan\Application Data\dvdcss
    2008-01-26 20:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-26 00:41 --------- d-----w C:\Documents and Settings\Gaetan\Application Data\OpenOffice.org2
    2008-01-26 00:22 --------- d-----w C:\Program Files\Lx_cats
    2008-01-25 19:05 --------- d-----w C:\Program Files\SpywareBlaster
    2008-01-25 17:27 --------- d-----w C:\Documents and Settings\Gaetan\Application Data\Skype
    2008-01-19 06:04 --------- d-----w C:\Documents and Settings\Gaetan\Application Data\MySpace
    2008-01-18 15:06 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-01-18 15:02 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
    2008-01-18 15:02 129,784 ------w C:\WINDOWS\system32\pxafs.dll
    2008-01-18 15:02 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2008-01-17 19:23 --------- d-----w C:\Program Files\iTunes
    2008-01-17 19:21 --------- d-----w C:\Program Files\QuickTime
    2008-01-08 21:27 --------- d-----w C:\Program Files\Lexmark Toolbar
    2008-01-07 20:34 --------- d-----w C:\Program Files\AntivirusFirewall
    2007-12-14 15:57 --------- d-----w C:\Program Files\Java
    2007-12-04 02:00 --------- d-----w C:\Program Files\Windows Live Toolbar
    2007-12-03 18:56 --------- d-----w C:\Program Files\CCleaner
    2007-11-27 19:02 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
    2007-11-27 19:02 22,328 ----a-w C:\Documents and Settings\Gaetan\Application Data\PnkBstrK.sys
    2007-11-27 19:02 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2007-10-28 12:43 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
    2007-10-24 00:47 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll
    2007-10-24 00:47 84,480 ----a-w C:\WINDOWS\system32\mscories.dll
    2007-10-24 00:47 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll
    2007-10-24 00:47 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll
    2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 13:50 122880]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
    "ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2008-01-17 10:40 816368]
    "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-12-22 08:20 222080]
    "DAEMON Tools Lite"="E:\deamon tool\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "VTTimer"="VTTimer.exe" [2005-03-08 04:33 53248 C:\WINDOWS\system32\VTTimer.exe]
    "VTTrayp"="VTtrayp.exe" [2005-11-01 05:15 163840 C:\WINDOWS\system32\VTTrayp.exe]
    "RemoteControl"="C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe" [2004-11-02 19:24 32768]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
    "Ai Quicker Help"="C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe" [2006-06-01 19:57 3167232]
    "Launch PC Probe II"="C:\Program Files\ASUS\PC Probe II\Probe2.exe" [2006-04-25 17:48 2045952]
    "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49 20480]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-11-02 01:44 185896]
    "JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-04-25 03:52 385024]
    "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-27 16:37 249896]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
    "lxddmon.exe"="C:\Program Files\Lexmark 2500 Series\lxddmon.exe" [2007-02-13 00:58 291760]
    "lxddamon"="C:\Program Files\Lexmark 2500 Series\lxddamon.exe" [2007-02-06 00:32 20480]
    "FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2007-02-13 01:00 312240]
    "Adobe Reader Speed Launcher"="E:\acrobat reader\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 22:44 8429568]
    "nwiz"="nwiz.exe" [2007-04-12 22:44 1626112 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 22:44 81920]
    "LXDDCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll" [2007-01-22 23:05 102400]
    "ioCentre"="C:\Genius\ioCentre\gTaskBar.exe" [2007-04-13 15:04 61440]
    "DeltTray"="DeltTray.exe" [2004-08-26 22:43 56320 C:\WINDOWS\system32\delttray.exe]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
    "Adobe Photo Downloader"="F:\photoshop\apdproxy.exe" [2007-09-11 00:43 67488]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]

    R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 04:38]
    R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 04:39]
    R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;F:\photoshop\PhotoshopElementsFileAgent.exe [2007-09-11 00:45]
    R2 lxdd_device;lxdd_device;C:\WINDOWS\system32\lxddcoms.exe [2007-02-13 00:59]
    R3 gHidPnp;USB Device Enhanced Function Driver;C:\WINDOWS\system32\Drivers\gHidPnp.Sys [2007-04-13 18:44]
    R3 gMouUsb;USB Mouse Device Drv;C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2007-03-13 19:21]
    S3 gMouPS2;PS2 Scroll Mouse Device;C:\WINDOWS\system32\DRIVERS\gMouPS2.sys [2006-07-12 04:48]
    S3 jbridgep;jbridgep;C:\DOCUME~1\Gaetan\LOCALS~1\Temp\jbridgep.sys []
    S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-05-22 12:35]
    S3 se57bus;Sony Ericsson Device 087 driver (WDM);C:\WINDOWS\system32\DRIVERS\se57bus.sys [2006-11-30 15:12]
    S3 se57mdfl;Sony Ericsson Device 087 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se57mdfl.sys [2006-11-30 15:12]
    S3 se57mdm;Sony Ericsson Device 087 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se57mdm.sys [2006-11-30 15:12]
    S3 se57mgmt;Sony Ericsson Device 087 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se57mgmt.sys [2006-11-30 15:12]
    S3 se57nd5;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (NDIS);C:\WINDOWS\system32\DRIVERS\se57nd5.sys [2006-11-30 15:12]
    S3 se57obex;Sony Ericsson Device 087 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se57obex.sys [2006-11-30 15:12]
    S3 se57unic;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (WDM);C:\WINDOWS\system32\DRIVERS\se57unic.sys [2006-11-30 15:12]
    S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2006-03-31 03:39]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e0bf0d3-b883-11dc-a53d-001731e6ecc6}]
    \Shell\AutoRun\command - I:\Autorun.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-24 19:15:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-01-30 15:32:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-30 17:15:18
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    LXDDCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-01-30 17:15:40
    ComboFix-quarantined-files.txt 2008-01-30 16:15:38
    ComboFix2.txt 2008-01-30 13:32:46
    ComboFix3.txt 2008-01-30 13:29:18
    ComboFix4.txt 2008-01-30 13:23:36
    .
    2008-01-09 16:39:51 --- E O F ---

    rapport hijackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:20:32, on 30/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    F:\photoshop\PhotoshopElementsFileAgent.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\lxddcoms.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
    C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
    C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
    C:\Program Files\ASUS\PC Probe II\Probe2.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Lexmark 2500 Series\lxddamon.exe
    C:\WINDOWS\system32\DeltTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Genius\ioCentre\gAutoPan.exe
    C:\WINDOWS\system32\ctfmon.exe
    E:\deamon tool\DAEMON Tools Lite\daemon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    E:\fire-fox navigateur\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
    O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
    O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\acrobat reader\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [LXDDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
    O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\photoshop\apdproxy.exe"
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\deamon tool\DAEMON Tools Lite\daemon.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - F:\photoshop\PhotoshopElementsFileAgent.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Harry Seldon Messages postés 191 Statut Membre 1
     
    je ne me suis pas mis en mode sans echec avec hijack this et combofix est ce que ca ne remet pas en question la valeur des rapports que je vous ai fourni ?
    0
  7. g!rly Messages postés 18462 Statut Contributeur 407
     
    re,

    pour les resultats, non ca a pas affectés les resultats, mais je ne t´ai jamais demandé de les faire en mode sans echec...

    a l´aide de hijack this coche et fix les lignes suivantes :

    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
    O3 - Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)

    Tutoriel d´utilisation (video) :

    -> http://pageperso.aol.fr/balltrap34/demohijack.htm

    instales un par feu :

    par feu : kerio

    http://www.malekal.com/kerio_firewall.php#mozTocId721480

    https://www.vulgarisation-informatique.com/kerio.php

    https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall

    ou zone alarm plus facil a configurer mais moins performant

    https://www.malekal.com/tutoriel-zonealarm-firewall/

    et fais ceci :

    A.V.G :

    -> Télécharger AVG Anti-Spyware (ewido)

    http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware

    -> L´installer.

    -> lancer AVG Anti-Spyware et clicker sur le bouton Mise à jour. Patienter...

    p.s : si les mises a jours ne se font pas, elles sont telechargable ici :

    http://downloads.ewido.net/avgas-signatures-full-current.exe

    -> Sur la page "analyse":

    choisir d´abord l'onglet "paramètres".

    sous « Comment réagir » clicker sur « Actions recommandées » et dans le menu déroulant, choisir « Supprimer ».

    -> Lancer le scan, (c´est long...).

    -> A la fin du scan copier Et coller le rapport ici.

    -> Une aide en image au cas ou :

    Tutoriel d´installation et de parametrages :

    http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

    @+
    0
  8. Harry Seldon Messages postés 191 Statut Membre 1
     
    Re,
    voici le rapport de scan d'AVG (au fait pendant le scan d'Avg j'ai recu d'antivir 18 nouvelles alertes d'infection, du meme virus que precedement, et le scan d'avg ne detecte pas de probleme :

    ---------------------------------------------------------
    AVG Anti-Spyware - Rapport d'analyse
    ---------------------------------------------------------

    + Créé à: 19:48:30 30/01/2008

    + Résultat de l'analyse:

    Rien à signaler.

    Fin du rapport
    0
  9. Harry Seldon Messages postés 191 Statut Membre 1
     
    j'ai relancé un scan avec antivir, mais il détecte combofix comme un virus que dois je faire?
    0
  10. g!rly Messages postés 18462 Statut Contributeur 407
     
    tu peux le supprimer...
    0
  11. Harry Seldon Messages postés 191 Statut Membre 1
     
    merci G!rly d'être aussi réactive;
    je t'envoi le rapport du scan tout à l'heure...
    0
  12. Harry Seldon Messages postés 191 Statut Membre 1
     
    Re,

    rapport antivir:

    AntiVir PersonalEdition Classic
    Report file date: mercredi 30 janvier 2008 19:54

    Scanning for 1085232 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: SYSTEM
    Computer name: GAETAN-ORDI

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 05/09/2007 16:49:04
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 05/09/2007 16:49:04
    LUKE.DLL : 7.0.5.3 147496 Bytes 05/09/2007 16:49:06
    LUKERES.DLL : 7.0.6.1 10280 Bytes 05/09/2007 16:49:06
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 16:50:14
    ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 12:32:36
    ANTIVIR2.VDF : 7.0.2.49 1339904 Bytes 25/01/2008 11:30:24
    ANTIVIR3.VDF : 7.0.2.71 203264 Bytes 30/01/2008 12:41:36
    AVEWIN32.DLL : 7.6.0.57 3215872 Bytes 29/01/2008 13:04:05
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 05/09/2007 16:49:04
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
    AVPACK32.DLL : 7.6.0.3 360488 Bytes 15/01/2008 22:28:01
    AVREG.DLL : 7.0.1.6 30760 Bytes 05/09/2007 16:49:04
    AVARKT.DLL : 1.0.0.20 278568 Bytes 05/09/2007 16:49:03
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 05/09/2007 16:49:04
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 05/09/2007 16:48:53
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 05/09/2007 16:48:53
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 05/09/2007 16:49:07

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: G:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: on
    Scan all files...................: All files
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
    Macro heuristic..................: on
    File heuristic...................: medium
    Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

    Start of the scan: mercredi 30 janvier 2008 19:54

    Starting search for hidden objects.
    '49552' objects were checked, '0' hidden objects were found.

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'firefox.exe' - '1' Module(s) have been scanned
    Scan process 'Watch.exe' - '1' Module(s) have been scanned
    Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned
    Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
    Scan process 'Inactivity.exe' - '1' Module(s) have been scanned
    Scan process 'Toaster.exe' - '1' Module(s) have been scanned
    Scan process 'ComComp.exe' - '1' Module(s) have been scanned
    Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
    Scan process 'iPodService.exe' - '1' Module(s) have been scanned
    Scan process 'daemon.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'delttray.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
    Scan process 'lxddamon.exe' - '1' Module(s) have been scanned
    Scan process 'avgas.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'realsched.exe' - '1' Module(s) have been scanned
    Scan process 'Probe2.exe' - '1' Module(s) have been scanned
    Scan process 'AsDHRemote.exe' - '1' Module(s) have been scanned
    Scan process 'AsRc.exe' - '1' Module(s) have been scanned
    Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
    Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
    Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
    Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
    Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
    Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'lxddcoms.exe' - '1' Module(s) have been scanned
    Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
    Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
    Scan process 'guard.exe' - '0' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    56 processes with 56 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [NOTE] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'E:\'
    [NOTE] No virus was found!
    Boot sector 'F:\'
    [NOTE] No virus was found!
    Boot sector 'G:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '33' files ).

    Starting the file scan:

    Begin scan in 'C:\' <BOOT>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\Gaetan\Bureau\ComboFix.exe
    [0] Archive type: RAR SFX (self extracting)
    --> 327882R2FWJFW\nircmd.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.3
    --> 327882R2FWJFW\nircmd.cfexe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.3
    --> 327882R2FWJFW\psexec.cfexe
    [DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
    [INFO] The file was deleted!
    C:\System Volume Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP187\A0037744.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.3
    [INFO] The file was deleted!
    C:\System Volume Information\_restore{ABAF5229-C7C3-4DE4-9897-061B3C28B2DC}\RP187\A0037745.exe
    [0] Archive type: RAR SFX (self extracting)
    --> 327882R2FWJFW\nircmd.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.3
    --> 327882R2FWJFW\nircmd.cfexe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.3
    --> 327882R2FWJFW\psexec.cfexe
    [DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
    [INFO] The file was deleted!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!
    Begin scan in 'E:\' <SOFT>
    Begin scan in 'F:\' <DOCS>
    Begin scan in 'G:\' <MEDIA>

    End of the scan: mercredi 30 janvier 2008 20:56
    Used time: 1:01:57 min

    The scan has been done completely.

    12439 Scanning directories
    426309 Files were scanned
    7 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    3 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    3 Files cannot be scanned
    426302 Files not concerned
    2130 Archives were scanned
    3 Warnings
    31 Notes
    49552 Objects were scanned with rootkit scan
    0 Hidden objects were found

    un ptit hijack this pour la route :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:01:46, on 30/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    F:\photoshop\PhotoshopElementsFileAgent.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\lxddcoms.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
    C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
    C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
    C:\Program Files\ASUS\PC Probe II\Probe2.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Lexmark 2500 Series\lxddamon.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\DeltTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    E:\deamon tool\DAEMON Tools Lite\daemon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    E:\fire-fox navigateur\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
    O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
    O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\acrobat reader\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [LXDDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
    O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\photoshop\apdproxy.exe"
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\deamon tool\DAEMON Tools Lite\daemon.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - F:\photoshop\PhotoshopElementsFileAgent.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    0
  13. g!rly Messages postés 18462 Statut Contributeur 407
     
    re,

    A.V.G :

    -> Télécharger AVG Anti-Spyware (ewido)

    http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware

    -> L´installer.

    -> lancer AVG Anti-Spyware et clicker sur le bouton Mise à jour. Patienter...

    p.s : si les mises a jours ne se font pas, elles sont telechargable ici :

    http://downloads.ewido.net/avgas-signatures-full-current.exe

    -> Sur la page "analyse":

    choisir d´abord l'onglet "paramètres".

    sous « Comment réagir » clicker sur « Actions recommandées » et dans le menu déroulant, choisir « Supprimer ».

    -> Lancer le scan, (c´est long...).

    -> A la fin du scan copier Et coller le rapport ici.

    -> Une aide en image au cas ou :

    Tutoriel d´installation et de parametrages :

    http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

    @+
    0
  14. Harry Seldon Messages postés 191 Statut Membre 1
     
    j'ai avg et j'ai posté le rapport d'analyse!! mais bon,
    j'ai suivit tes instructions donc j'ai désinstallé l'ancien. j'attend le rapport
    0
  15. Harry Seldon Messages postés 191 Statut Membre 1
     
    Yep! j'epère que tu n'es pas encore couché!
    je te fourni le rapport;
    que dois je faire de spybot, ma navigation et tres alléatoire ca rame de plus en plus et il m'est difficile d'accéder au forum et d'un coup ca retrace surtout quand je deconnecte et reconnecte, ca c'est agravé depuis l'installation de spybot, mais le problème est present depuis quelques heures .

    --- Search result list ---
    Félicitations!: Aucun mouchard n'a été trouvé. ()

    --- Spybot - Search & Destroy version: 1.5 (build: 20070830) ---

    2007-08-31 blindman.exe (1.0.0.6)
    2007-08-31 SDMain.exe (1.0.0.4)
    2007-08-31 SDUpdate.exe (1.0.6.4)
    2007-08-31 SDWinSec.exe (1.0.0.8)
    2007-08-31 SpybotSD.exe (1.5.1.15)
    2007-08-31 TeaTimer.exe (1.5.0.9)
    2008-01-30 unins000.exe (51.46.0.0)
    2007-08-31 Update.exe (1.4.0.5)
    2007-08-31 advcheck.dll (1.5.3.0)
    2007-04-02 aports.dll (2.1.0.0)
    2007-04-02 DelZip179.dll (1.79.5.3)
    2007-08-31 SDHelper.dll (1.5.0.8)
    2007-08-31 Tools.dll (2.1.2.0)
    2008-01-30 Includes\Cookies.sbi (*)
    2007-12-26 Includes\Dialer.sbi (*)
    2008-01-30 Includes\DialerC.sbi (*)
    2008-01-30 Includes\HeavyDuty.sbi (*)
    2007-12-26 Includes\Hijackers.sbi (*)
    2008-01-30 Includes\HijackersC.sbi (*)
    2007-10-04 Includes\Keyloggers.sbi (*)
    2008-01-30 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2008-01-16 Includes\Malware.sbi (*)
    2008-01-30 Includes\MalwareC.sbi (*)
    2007-10-24 Includes\PUPS.sbi (*)
    2008-01-30 Includes\PUPSC.sbi (*)
    2008-01-30 Includes\Revision.sbi (*)
    2008-01-09 Includes\Security.sbi (*)
    2008-01-30 Includes\SecurityC.sbi (*)
    2008-01-23 Includes\Spybots.sbi (*)
    2008-01-30 Includes\SpybotsC.sbi (*)
    2007-11-06 Includes\Tracks.uti
    2008-01-16 Includes\Trojans.sbi (*)
    2008-01-30 Includes\TrojansC.sbi (*)
    2008-12-24 Plugins\TCPIPAddress.dll

    --- System information ---
    Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
    / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
    / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    / Internet Explorer 6 / SP0: Correctif Windows XP - Article Base de Connaissances 834707
    / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
    / MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
    / Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
    / Windows / SP1: Microsoft National Language Support Downlevel APIs
    / Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
    / Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
    / Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
    / Windows Media Player 11: Correctif pour Lecteur Windows Media 11 (KB939683)
    / Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
    / Windows Media Player 9: Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)
    / Windows XP: Mise à jour de sécurité pour Windows XP (KB923689)
    / Windows XP: Mise à jour de sécurité pour Windows XP (KB941569)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
    / Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
    / Windows XP / SP2: Windows XP Service Pack 2
    / Windows XP / SP3: Correctif Windows XP - KB873339
    / Windows XP / SP3: Correctif Windows XP - KB885835
    / Windows XP / SP3: Correctif Windows XP - KB885836
    / Windows XP / SP3: Correctif Windows XP - KB886185
    / Windows XP / SP3: Correctif Windows XP - KB887472
    / Windows XP / SP3: Correctif Windows XP - KB888302
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
    / Windows XP / SP3: Correctif Windows XP - KB890859
    / Windows XP / SP3: Correctif Windows XP - KB891781
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
    / Windows XP / SP3: Windows Installer 3.1 (KB893803)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899589)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB900485)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB904942)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB908531)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB911280)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911562)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911567)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913580)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914388)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914389)
    / Windows XP / SP3: Correctif pour Windows XP (KB914440)
    / Windows XP / SP3: Hotfix for Windows XP (KB915865)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB916595)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917344)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917422)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917953)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918118)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918439)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918899)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB919007)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920213)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920214)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920670)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920683)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920685)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB920872)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB921398)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB921503)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB921883)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB922582)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922616)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922760)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922819)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923191)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923414)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923694)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923980)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924191)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924270)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924496)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924667)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925486)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925902)
    / Windows XP / SP3: Hotfix for Windows XP (KB926239)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926255)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926436)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927779)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927802)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB927891)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928255)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928843)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB929123)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB929338)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB930178)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB930916)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB931261)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB931784)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB931836)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB932168)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB933360)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB933729)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB935839)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB935840)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB936021)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB936357)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB937894)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB938828)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB938829)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB941202)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB941568)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB941644)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB942763)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB943460)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB943485)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB944653)

    --- Startup entries list ---
    Located: HK_LM:Run, !AVG Anti-Spyware
    command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    size: 6731312
    MD5: CC6BC45DD5A58158645E7FB2953604FE

    Located: HK_LM:Run, Adobe Photo Downloader
    command: "F:\photoshop\apdproxy.exe"
    file: F:\photoshop\apdproxy.exe
    size: 67488
    MD5: BCCB77572408155F984A02F9BFFDF225

    Located: HK_LM:Run, Adobe Reader Speed Launcher
    command: "E:\acrobat reader\Reader\Reader_sl.exe"
    file: E:\acrobat reader\Reader\Reader_sl.exe
    size: 39792
    MD5: E28D00EC675F5F5A5A0555E7A4523A6E

    Located: HK_LM:Run, Ai Quicker Help
    command: "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
    file: C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
    size: 3167232
    MD5: 675FACC565B3B2770DC53F40615F2969

    Located: HK_LM:Run, avgnt
    command: "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    file: C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    size: 249896
    MD5: 6E898F5959E7195D64594C30E9251938

    Located: HK_LM:Run, DeltTray
    command: DeltTray.exe
    file: C:\WINDOWS\system32\DeltTray.exe
    size: 56320
    MD5: D4DD44EEAEE3799C358DF987AA498B17

    Located: HK_LM:Run, FaxCenterServer
    command: "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    file: C:\Program Files\Lexmark Fax Solutions\fm3032.exe
    size: 312240
    MD5: C88E78BE4D6A679F628AF206BF2C0FA6

    Located: HK_LM:Run, ioCentre
    command: C:\Genius\ioCentre\gTaskBar.exe
    file: C:\Genius\ioCentre\gTaskBar.exe
    size: 61440
    MD5: EDAA60D669EFE677ADC528D07023A0F1

    Located: HK_LM:Run, iTunesHelper
    command: "C:\Program Files\iTunes\iTunesHelper.exe"
    file: C:\Program Files\iTunes\iTunesHelper.exe
    size: 267048
    MD5: 020B109C1D515879C04A36D6BCA949B8

    Located: HK_LM:Run, JMB36X Configure
    command: C:\WINDOWS\system32\JMRaidTool.exe boot
    file: C:\WINDOWS\system32\JMRaidTool.exe
    size: 385024
    MD5: 41A7F947E4E72314A21A1605B8279E83

    Located: HK_LM:Run, Launch PC Probe II
    command: "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1
    file: C:\Program Files\ASUS\PC Probe II\Probe2.exe
    size: 2045952
    MD5: 32A677AAA3115B94EEFF749F81A4EA54

    Located: HK_LM:Run, lxddamon
    command: "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
    file: C:\Program Files\Lexmark 2500 Series\lxddamon.exe
    size: 20480
    MD5: F4E6A9FD4CAE2A7DBF3936A81B84E7A4

    Located: HK_LM:Run, LXDDCATS
    command: rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16
    file:
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_LM:Run, lxddmon.exe
    command: "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
    file: C:\Program Files\Lexmark 2500 Series\lxddmon.exe
    size: 291760
    MD5: 61C3B58898F874FC87AF90354FB45F61

    Located: HK_LM:Run, NeroFilterCheck
    command: C:\WINDOWS\system32\NeroCheck.exe
    file: C:\WINDOWS\system32\NeroCheck.exe
    size: 155648
    MD5: 3E4C03CEFAD8DE135263236B61A49C90

    Located: HK_LM:Run, NvCplDaemon
    command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    file:
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_LM:Run, NvMediaCenter
    command: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    file:
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_LM:Run, nwiz
    command: nwiz.exe /install
    file: C:\WINDOWS\system32\nwiz.exe
    size: 1626112
    MD5: A076032A29BE8C9591877A752EA3F705

    Located: HK_LM:Run, QuickTime Task
    command: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    file: C:\Program Files\QuickTime\QTTask.exe
    size: 385024
    MD5: F89DA660C511652EE511FE3AB2F04BFC

    Located: HK_LM:Run, RemoteControl
    command: "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
    file: C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
    size: 32768
    MD5: 8FB740D758B14B1BC950CC347C21E461

    Located: HK_LM:Run, SunJavaUpdateSched
    command: "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    file: C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    size: 132496
    MD5: D4F0F7437327DBAA264338BAAFB5E5AF

    Located: HK_LM:Run, TkBellExe
    command: "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    file: C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    size: 185896
    MD5: 1EDA1C63E0D2AE1AEBDF98083454079C

    Located: HK_LM:Run, VTTimer
    command: VTTimer.exe
    file: C:\WINDOWS\system32\VTTimer.exe
    size: 53248
    MD5: 09F1A97848BFAB3F36EB216681465B85

    Located: HK_LM:Run, VTTrayp
    command: VTtrayp.exe
    file: C:\WINDOWS\system32\VTtrayp.exe
    size: 163840
    MD5: EC9DD7D903EF1E91AF7088FDF82F8341

    Located: HK_LM:Run, WOOWATCH
    command: C:\PROGRA~1\Wanadoo\Watch.exe
    file: C:\PROGRA~1\Wanadoo\Watch.exe
    size: 20480
    MD5: 9A29592CD135F6262C429152F7A8DD4A

    Located: HK_CU:Run, CTFMON.EXE
    where: .DEFAULT...
    command: C:\WINDOWS\System32\CTFMON.EXE
    file: C:\WINDOWS\System32\CTFMON.EXE
    size: 15360
    MD5: 64E41E8FEE655B03E3F19DED21BA5118

    Located: HK_CU:Run, CTFMON.EXE
    where: S-1-5-19...
    command: C:\WINDOWS\System32\CTFMON.EXE
    file: C:\WINDOWS\System32\CTFMON.EXE
    size: 15360
    MD5: 64E41E8FEE655B03E3F19DED21BA5118

    Located: HK_CU:Run, CTFMON.EXE
    where: S-1-5-20...
    command: C:\WINDOWS\System32\CTFMON.EXE
    file: C:\WINDOWS\System32\CTFMON.EXE
    size: 15360
    MD5: 64E41E8FEE655B03E3F19DED21BA5118

    Located: HK_CU:Run, AlcoholAutomount
    where: S-1-5-21-861567501-1220945662-1801674531-1003...
    command: "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    file: C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
    size: 222080
    MD5: 3BC0D4CDF9E7DE8E8AB3380A454CC818

    Located: HK_CU:Run, ccleaner
    where: S-1-5-21-861567501-1220945662-1801674531-1003...
    command: "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    file: C:\Program Files\CCleaner\ccleaner.exe
    size: 816368
    MD5: 896AE27167E88DA1F6A13482D069D784

    Located: HK_CU:Run, ctfmon.exe
    where: S-1-5-21-861567501-1220945662-1801674531-1003...
    command: C:\WINDOWS\system32\ctfmon.exe
    file: C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 64E41E8FEE655B03E3F19DED21BA5118

    Located: HK_CU:Run, DAEMON Tools Lite
    where: S-1-5-21-861567501-1220945662-1801674531-1003...
    command: "E:\deamon tool\DAEMON Tools Lite\daemon.exe"
    file: E:\deamon tool\DAEMON Tools Lite\daemon.exe
    size: 486856
    MD5: 86527BD9CDDCB84DC3117E098E6111ED

    Located: HK_CU:Run, SpybotSD TeaTimer
    where: S-1-5-21-861567501-1220945662-1801674531-1003...
    command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    size: 1460560
    MD5: B7D4586BFC0DD6C3BE7DCCC252A3E97E

    Located: HK_CU:Run, WOOKIT
    where: S-1-5-21-861567501-1220945662-1801674531-1003...
    command: C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    file: C:\PROGRA~1\Wanadoo\Shell.exe
    size: 122880
    MD5: 2BD5E1E68614DBC6B320597856ED6EA7

    Located: HK_CU:Run, CTFMON.EXE
    where: S-1-5-18...
    command: C:\WINDOWS\System32\CTFMON.EXE
    file: C:\WINDOWS\System32\CTFMON.EXE
    size: 15360
    MD5: 64E41E8FEE655B03E3F19DED21BA5118

    Located: Démarrage (tous utilisateurs), ASUS WiFi-AP Solo.lnk
    where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
    command: C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
    file: C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
    size: 995328
    MD5: 29632881A3F1973FACA3CFDAA259B238

    Located: WinLogon, crypt32chain
    command: crypt32.dll
    file: crypt32.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, cryptnet
    command: cryptnet.dll
    file: cryptnet.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, cscdll
    command: cscdll.dll
    file: cscdll.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, ScCertProp
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, Schedule
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, sclgntfy
    command: sclgntfy.dll
    file: sclgntfy.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, SensLogn
    command: WlNotify.dll
    file: WlNotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, termsrv
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, WgaLogon
    command: WgaLogon.dll
    file: WgaLogon.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: WinLogon, wlballoon
    command: wlnotify.dll
    file: wlnotify.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    --- Browser helper object list ---
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: SSVHelper Class
    Path: C:\Program Files\Java\jre1.6.0_03\bin\
    Long name: ssv.dll
    Short name:
    Date (created): 14/12/2007 16:57:06
    Date (last access): 30/01/2008 23:05:06
    Date (last write): 25/09/2007 01:11:34
    Filesize: 501136
    Attributes: archive
    MD5: D787E3123FAD2BD58AB45B9A5C360ACD
    CRC32: DDC625C2
    Version: 6.0.30.5

    {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Windows Live Sign-in Helper
    Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
    Long name: WindowsLiveLogin.dll
    Short name: WINDOW~1.DLL
    Date (created): 31/08/2006 20:33:06
    Date (last access): 30/01/2008 23:05:06
    Date (last write): 31/08/2006 20:33:06
    Filesize: 322368
    Attributes: archive
    MD5: E43F7CFDEE2B00A22C96C168147B20D3
    CRC32: 2AEACC43
    Version: 4.100.313.1

    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Windows Live Toolbar Helper
    Path: C:\Program Files\Windows Live Toolbar\
    Long name: msntb.dll
    Short name:
    Date (created): 19/10/2007 11:20:48
    Date (last access): 30/01/2008 23:32:32
    Date (last write): 19/10/2007 11:20:48
    Filesize: 546320
    Attributes: archive
    MD5: CEE1BE1DA21300208D07FBEAE9EA2B51
    CRC32: 12446524
    Version: 3.1.0.146

    --- ActiveX list ---
    {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class)
    DPF name:
    CLSID name: YInstStarter Class
    Installer: C:\Program Files\Yahoo!\Common\yinst.inf
    Codebase: C:\Program Files\Yahoo!\Common\yinsthelper.dll
    Path: C:\PROGRA~1\Yahoo!\Common\
    Long name: yinsthelper.dll
    Short name: YINSTH~1.DLL
    Date (created): 25/01/2008 16:48:58
    Date (last access): 30/01/2008 22:49:56
    Date (last write): 30/07/2006 13:25:34
    Filesize: 188968
    Attributes: archive
    MD5: 18B54B53CEE0E7204495BAB864EBBF03
    CRC32: 6D72BB93
    Version: 2006.4.14.2

    {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool)
    DPF name:
    CLSID name: MSN Photo Upload Tool
    Installer: C:\WINDOWS\Downloaded Program Files\MsnPUpld.inf
    Codebase: http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: MsnPUpld.dll
    Short name:
    Date (created): 20/06/2006 15:44:04
    Date (last access): 30/01/2008 22:56:04
    Date (last write): 20/06/2006 15:44:04
    Filesize: 379704
    Attributes: archive
    MD5: D2FB109C3F0DAAAA4A73E5921656DB3E
    CRC32: A13093E8
    Version: 10.0.913.0

    {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_03
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
    description: Sun Java
    classification: Legitimate
    known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
    info link:
    info source: Patrick M. Kolla
    Path: C:\Program Files\Java\jre1.6.0_03\bin\
    Long name: npjpi160_03.dll
    Short name: NPJPI1~1.DLL
    Date (created): 24/09/2007 23:31:44
    Date (last access): 30/01/2008 22:46:36
    Date (last write): 25/09/2007 01:11:34
    Filesize: 132496
    Attributes: archive
    MD5: D6A4682A6FF41832A3F1A7AB9AE08199
    CRC32: 9080B537
    Version: 6.0.30.5

    {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_08
    Installer:
    Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
    Path: C:\Program Files\Java\jre1.5.0_08\bin\
    Long name: NPJPI150_08.dll
    Short name: NPJPI1~1.DLL
    Date (created): 26/07/2006 03:03:18
    Date (last access): 30/01/2008 22:45:52
    Date (last write): 26/07/2006 03:17:56
    Filesize: 69746
    Attributes: archive
    MD5: C10D603F2BD3B0A2EAC4EC5B743430D3
    CRC32: 1EB99B36
    Version: 5.0.80.3

    {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_09
    Installer:
    Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
    Path: C:\Program Files\Java\jre1.5.0_09\bin\
    Long name: NPJPI150_09.dll
    Short name: NPJPI1~1.DLL
    Date (created): 12/10/2006 03:10:58
    Date (last access): 30/01/2008 22:46:00
    Date (last write): 12/10/2006 03:25:44
    Filesize: 69746
    Attributes: archive
    MD5: A3CDEB59B6B8C2EA81B9ED2D3EF4C95E
    CRC32: 2A32A9A2
    Version: 5.0.90.3

    {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_11
    Installer:
    Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
    Path: C:\Program Files\Java\jre1.5.0_11\bin\
    Long name: NPJPI150_11.dll
    Short name: NPJPI1~1.DLL
    Date (created): 15/12/2006 03:09:16
    Date (last access): 30/01/2008 22:46:10
    Date (last write): 15/12/2006 03:23:26
    Filesize: 75528
    Attributes: archive
    MD5: 3B3F6984DBF972DAFF1B7E9C44E2FE75
    CRC32: 4BDE2041
    Version: 5.0.110.3

    {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_01
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    Path: C:\Program Files\Java\jre1.6.0_01\bin\
    Long name: npjpi160_01.dll
    Short name: NPJPI1~1.DLL
    Date (created): 14/03/2007 01:04:46
    Date (last access): 30/01/2008 22:46:18
    Date (last write): 14/03/2007 02:43:42
    Filesize: 132760
    Attributes: archive
    MD5: F112FB2FD2EF66D439799E3F834DF000
    CRC32: D2B09219
    Version: 6.0.0.6

    {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_02
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
    Path: C:\Program Files\Java\jre1.6.0_02\bin\
    Long name: npjpi160_02.dll
    Short name: NPJPI1~1.DLL
    Date (created): 12/07/2007 01:22:38
    Date (last access): 30/01/2008 22:46:26
    Date (last write): 12/07/2007 03:00:36
    Filesize: 132496
    Attributes: archive
    MD5: E3811F1A1C5063C941EC0E2766C3EA39
    CRC32: AEFD3747
    Version: 6.0.20.6

    {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_03
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
    Path: C:\Program Files\Java\jre1.6.0_03\bin\
    Long name: npjpi160_03.dll
    Short name: NPJPI1~1.DLL
    Date (created): 24/09/2007 23:31:44
    Date (last access): 30/01/2008 23:55:52
    Date (last write): 25/09/2007 01:11:34
    Filesize: 132496
    Attributes: archive
    MD5: D6A4682A6FF41832A3F1A7AB9AE08199
    CRC32: 9080B537
    Version: 6.0.30.5

    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_03
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
    Path: C:\Program Files\Java\jre1.6.0_03\bin\
    Long name: npjpi160_03.dll
    Short name: NPJPI1~1.DLL
    Date (created): 24/09/2007 23:31:44
    Date (last access): 30/01/2008 23:55:52
    Date (last write): 25/09/2007 01:11:34
    Filesize: 132496
    Attributes: archive
    MD5: D6A4682A6FF41832A3F1A7AB9AE08199
    CRC32: 9080B537
    Version: 6.0.30.5

    {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
    DPF name:
    CLSID name: Shockwave Flash Object
    Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
    Codebase: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    description: Macromedia Shockwave Flash Player
    classification: Legitimate
    known filename:
    info link:
    info source: Patrick M. Kolla
    Path: C:\WINDOWS\system32\Macromed\Flash\
    Long name: Flash9e.ocx
    Short name:
    Date (created): 21/11/2007 01:04:14
    Date (last access): 30/01/2008 20:29:08
    Date (last write): 21/11/2007 01:04:14
    Filesize: 2987392
    Attributes: archive
    MD5: D3C50535C26190FEAD7785A03499C0AC
    CRC32: A77C3E92
    Version: 9.0.115.0

    --- Process list ---
    PID: 0 ( 0) [System]
    PID: 684 ( 0) \SystemRoot\System32\smss.exe
    size: 50688
    PID: 732 ( 0) \??\C:\WINDOWS\system32\csrss.exe
    size: 6144
    PID: 756 ( 0) \??\C:\WINDOWS\system32\winlogon.exe
    size: 506368
    PID: 800 ( 0) C:\WINDOWS\system32\services.exe
    size: 108544
    MD5: 63DCDE1A0D86EEB8924D6738FF616EAD
    PID: 812 ( 0) C:\WINDOWS\system32\lsass.exe
    size: 13312
    MD5: 259AF82A0932EEA4F316F92DB94707B6
    PID: 980 ( 0) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 1048 ( 0) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 1144 ( 0) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 1280 ( 0) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 1416 ( 0) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 1544 ( 0) C:\WINDOWS\system32\spoolsv.exe
    size: 57856
    MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
    PID: 1664 ( 0) C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    size: 214056
    MD5: F640EA98231D7B1DB730385813BFCE79
    PID: 1888 ( 0) F:\photoshop\PhotoshopElementsFileAgent.exe
    size: 124832
    MD5: E8FE4FCE23D2809BD88BCC1D0F8408CE
    PID: 196 ( 0) C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    size: 63016
    MD5: A6FA9C14E649B2F3DE15390A1840774D
    PID: 240 ( 0) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    size: 110592
    MD5: 3A4982DF893F198A2DFBCCD4CE10F93A
    PID: 260 ( 0) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    size: 312880
    MD5: 5DCD235C061022BCDA9AA48670B64211
    PID: 272 ( 0) C:\WINDOWS\Explorer.EXE
    size: 1037312
    MD5: D0288319660EDCFED07C7E74C4EA38A5
    PID: 356 ( 0) C:\WINDOWS\System32\FTRTSVC.exe
    size: 40960
    MD5: D1261099E03EEE90976EA19002995B89
    PID: 416 ( 0) C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    size: 53248
    MD5: 575ED0F5DCB34E5C243D2A7EBC860484
    PID: 468 ( 0) C:\WINDOWS\system32\lxddcoms.exe
    size: 537520
    MD5: 4B4C8980F8A9177ED2E8FA231BEB1866
    PID: 568 ( 0) C:\WINDOWS\system32\nvsvc32.exe
    size: 163908
    MD5: 2D8305D4248C03AF9D93FFFFA486309B
    PID: 588 ( 0) C:\WINDOWS\system32\PnkBstrA.exe
    size: 66872
    MD5: 0E01D7EEBADA0B324DB0CA1EE73440BA
    PID: 600 ( 0) C:\WINDOWS\system32\PnkBstrB.exe
    size: 103736
    MD5: 1428E6CC1458A36CBFC1F2E304C7C42D
    PID: 704 ( 0) C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    size: 1234480
    MD5: 7234E4B852F8FA0C48FF0E4FD7394490
    PID: 1204 ( 0) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    size: 275968
    MD5: B1691AF4A072CB674D600DB16DD7308E
    PID: 1176 ( 0) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 1316 ( 0) C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    size: 49152
    MD5: 332D341D92B933600D41953B08360DFB
    PID: 1764 ( 0) C:\WINDOWS\system32\VTTimer.exe
    size: 53248
    MD5: 09F1A97848BFAB3F36EB216681465B85
    PID: 332 ( 0) C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
    size: 32768
    MD5: 8FB740D758B14B1BC950CC347C21E461
    PID: 1184 ( 0) C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
    size: 3167232
    MD5: 675FACC565B3B2770DC53F40615F2969
    PID: 2116 ( 0) C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    size: 1967664
    MD5: A464B1F7249B9893AB3F08CDA55F18E5
    PID: 2124 ( 0) C:\Program Files\ASUS\PC Probe II\Probe2.exe
    size: 2045952
    MD5: 32A677AAA3115B94EEFF749F81A4EA54
    PID: 2128 ( 0) C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
    size: 208896
    MD5: 1212645A948944C705304AC188A162DA
    PID: 2140 ( 0) C:\WINDOWS\System32\alg.exe
    size: 44544
    MD5: B43CC0F07752D456038CD0268E4D84E9
    PID: 2244 ( 0) C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    size: 185896
    MD5: 1EDA1C63E0D2AE1AEBDF98083454079C
    PID: 2304 ( 0) C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    size: 249896
    MD5: 6E898F5959E7195D64594C30E9251938
    PID: 2316 ( 0) C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    size: 132496
    MD5: D4F0F7437327DBAA264338BAAFB5E5AF
    PID: 2376 ( 0) C:\Program Files\Lexmark 2500 Series\lxddamon.exe
    size: 20480
    MD5: F4E6A9FD4CAE2A7DBF3936A81B84E7A4
    PID: 2520 ( 0) C:\WINDOWS\system32\RUNDLL32.EXE
    size: 33792
    MD5: CDD7140C0EAA754C527B983CCC9993CD
    PID: 2628 ( 0) C:\WINDOWS\system32\DeltTray.exe
    size: 56320
    MD5: D4DD44EEAEE3799C358DF987AA498B17
    PID: 2748 ( 0) C:\Program Files\iTunes\iTunesHelper.exe
    size: 267048
    MD5: 020B109C1D515879C04A36D6BCA949B8
    PID: 2852 ( 0) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    size: 6731312
    MD5: CC6BC45DD5A58158645E7FB2953604FE
    PID: 2948 ( 0) C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 64E41E8FEE655B03E3F19DED21BA5118
    PID: 3028 ( 0) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 3596 ( 0) C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    size: 1967664
    MD5: A464B1F7249B9893AB3F08CDA55F18E5
    PID: 3804 ( 0) E:\deamon tool\DAEMON Tools Lite\daemon.exe
    size: 486856
    MD5: 86527BD9CDDCB84DC3117E098E6111ED
    PID: 4072 ( 0) C:\Program Files\iPod\bin\iPodService.exe
    size: 504104
    MD5: E1BD28CA09EE8F30E8EDBD6C19F5579D
    PID: 4092 ( 0) C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    size: 819200
    MD5: 5D17C66B5620142A06B7391BE20C0476
    PID: 2100 ( 0) C:\PROGRA~1\Wanadoo\ComComp.exe
    size: 249856
    MD5: 5D589D0436C4C2D285B3418E79E78A21
    PID: 2732 ( 0) C:\PROGRA~1\Wanadoo\Toaster.exe
    size: 69632
    MD5: C2D1BD2B433571ECEC29924ACE5D7C62
    PID: 2828 ( 0) C:\PROGRA~1\Wanadoo\Inactivity.exe
    size: 32768
    MD5: 5F6DBF75D05462EED92B42376E89D9FE
    PID: 2876 ( 0) C:\PROGRA~1\Wanadoo\PollingModule.exe
    size: 69632
    MD5: EDF02F58940FD56C12357D150F5397C0
    PID: 2920 ( 0) C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    size: 45056
    MD5: 68E404DB5525373FE0554ED2607F0C82
    PID: 3420 ( 0) C:\PROGRA~1\Wanadoo\Watch.exe
    size: 20480
    MD5: 9A29592CD135F6262C429152F7A8DD4A
    PID: 3440 ( 0) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 4943184
    MD5: C92780F50B8BB7A89E919585916494A9

    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 30/01/2008 23:55:52

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\WINDOWS\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    http://runonce.msn.com/?v=msgrv75
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
    https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    about:blank
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    https://www.msn.com/fr-fr/?ocid=iehp
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
    https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm

    --- Winsock Layered Service Provider list ---

    --- Uninstall list ---
    Ableton Live v5.0.3 (Ableton Live v5.0.3)
    uninstall cmd: E:\LIVE50~1.3\UNWISE.EXE E:\LIVE50~1.3\INSTALL.LOG

    (AddressBook)

    Adobe Flash Player ActiveX 9.0.115.0 (Adobe Flash Player ActiveX)
    uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    publisher: Adobe Systems Incorporated
    help link: https://helpx.adobe.com/flash-player.html

    Adobe Flash Player Plugin 9.0.47.0 (Adobe Flash Player Plugin)
    uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    publisher: Adobe Systems Incorporated

    Adobe Photoshop Elements 6.0 6.0 (Adobe Photoshop Elements 6)
    version: 5
    version (major): 5
    install location: F:\photoshop\
    uninstall cmd: msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
    publisher: Adobe Systems Inc.
    contact: Customer Support Department
    help link: https://helpx.adobe.com/support.html

    AKAI professional DCVocoder 1.0 (AKAI professional DCVocoder 1.0)
    uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\AKAI professional M.I. Corp.\AKAI professional DCVocoder\UninstDCVocoder.isu"

    Alcohol Toolbar 3.2.0.0 (Alcohol Toolbar)
    version (major): 1
    version (minor): 9
    install location: C:\Program Files\Alcohol Toolbar
    uninstall cmd: "C:\WINDOWS\Alcohol_Toolbar_Uninstaller_4750.exe" _?=C:\Program Files\Alcohol Toolbar

    Avira AntiVir PersonalEdition Classic (AntiVir PersonalEdition Classic)
    uninstall cmd: C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    publisher: Avira GmbH
    help link: http://www.avira.com/classic-support

    Aphro-V1 DX Plug-in (Aphro-V1 DX Plug-in)
    uninstall cmd: C:\WINDOWS\IsUninst.exe -f"g:\program yan\Uninst.isu"

    AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
    install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
    uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
    publisher: Grisoft Ltd.
    help link: https://www.avg.com/fr-fr/homepage

    (Branding)

    CCleaner (remove only) (CCleaner)
    uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

    (Connection Manager)

    (DirectAnimation)

    (DirectDrawEx)

    (DXM_Runtime)

    (Fontcore)

    Navigateur Orange (FranceTelecomUninstall_FTBrowser)
    install location: C:\PROGRA~1\Wanadoo\WOOBrowser
    uninstall cmd: C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl

    Free Mp3 Wma Converter V 1.5.1 (Free Mp3 Wma Converter_is1)
    install location: G:\setup\Free Audio Pack\
    uninstall cmd: "G:\setup\Free Audio Pack\unins000.exe"
    publisher: Renan Broquin
    help link: http://koyotstar.free.fr

    Gestionnaire Internet (GestionnaireInternet.exe)
    uninstall cmd: C:\PROGRA~1\Wanadoo\uninstall.exe

    Google Video Player (GoogleVideoPlayer)
    uninstall cmd: "G:\googleVideo\Google Video Player\Uninstall.exe"

    Helix YUV Codecs (remove only) (HelixYUVCodecs)
    uninstall cmd: "C:\WINDOWS\system32\uninstHelixYUV.exe"

    HijackThis 2.0.2 2.0.2 (HijackThis)
    uninstall cmd: "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    publisher: TrendMicro

    (ICW)

    Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
    install date: 20061205
    uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation

    (IE40)

    (IE4Data)

    (IE5BAKEX)

    Windows Internet Explorer 7 20061107.210142 (ie7)
    install date: 20061205
    uninstall cmd: "C:\WINDOWS\ie7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/office/internet-explorer-help-23360e49-9cd3-4dda-ba52-705336cc0de2?ui=en-US&rs=en-001&ad=US

    (IEData)

    (InstallShield Uninstall Information)

    VIA Platform Device Manager 1.13 (InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169})
    version: 17629184
    version (major): 1
    version (minor): 13
    install date: 20060909
    install source: D:\Drivers\Chipset\VIA4in1\
    uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
    publisher: VIA Technologies, Inc.
    comments: VIA Hyperion Pro Setup Program
    contact: http://forums.viaarena.com/
    help link: http://www.viaarena.com/
    help telephone: NULL
    readme: NULL

    Norton PartitionMagic 8.0 8.05.000 (InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502})
    version: 134545408
    version (major): 8
    version (minor): 5
    estimated size: 43533
    install date: 20071209
    install location: G:\partition mag\partition magic soft\
    install source: D:\Setup\
    uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{21DBBDD6-93A5-4326-9A04-C9A5C9148502}
    publisher: Symantec
    comments: Symantec Inc.
    contact: Customer Support Department
    help link: https://support.broadcom.com/security
    help telephone: 1-801-226-6834
    readme: Readme.txt

    Far Cry 1.00.0000 (InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC})
    version: 16777216
    version (major): 1
    estimated size: 3150744
    install date: 20080126
    install location: E:\far cry\
    install source: D:\
    uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC} /l1036
    publisher: Nom de votre société

    (KB884016)

    (KB884267)

    (KB885353)

    (KB886612)

    (KB887078)

    (KB887626)

    (KB888656)

    (KB889858)

    (KB891122)

    Windows Genuine Advantage Validation Tool (KB892130) (KB892130)
    install date: 20070922
    publisher: Microsoft Corporation
    help link: https://www.microsoft.com/en-us/howtotell/default.aspx

    (KB892313)

    (KB893240)

    (KB893241)

    (KB893803)

    (KB895181)

    (KB895316)

    (KB895572)

    (KB897586)

    (KB898549)

    (KB900399)

    (KB902344)

    (KB907658)

    (KB911565)

    (KB911854)

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) 20070117.120000 (KB928090-IE7)
    install date: 20070217
    uninstall cmd: "C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/928090

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) 20061222.120000 (KB929969)
    install date: 20070110
    uninstall cmd: "C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/929969

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) 1 (KB931768-IE7)
    install date: 20070525
    uninstall cmd: "C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/931768

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) 1 (KB933566-IE7)
    install date: 20070615
    uninstall cmd: "C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/933566/ms07-033-cumulative-security-update-for-internet-explorer

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) 1 (KB937143-IE7)
    install date: 20070815
    uninstall cmd: "C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/937143/ms07-045-cumulative-security-update-for-internet-explorer

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) 1 (KB938127-IE7)
    install date: 20070815
    uninstall cmd: "C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/938127

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) 1 (KB939653-IE7)
    install date: 20071027
    uninstall cmd: "C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/939653

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) 1 (KB942615-IE7)
    install date: 20071212
    uninstall cmd: "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/942615

    KORG Legacy Collection v1.1.3 (KORG Legacy Collection v1.1.3 )
    uninstall cmd: E:\PROGRA~1\KORGLE~1.3-H\KORG\KORGLE~1\UNWISE.EXE E:\PROGRA~1\KORGLE~1.3-H\KORG\KORGLE~1\INSTALL.LOG

    Lexmark 2500 Series (Lexmark 2500 Series)
    uninstall cmd: C:\Program Files\Lexmark 2500 Series\Install\x86\Uninst.exe
    publisher: Lexmark International, Inc.
    help link: http://support.lexmark.com/index?page=productSelection&channel=supportAndDownloads&locale=en&userlocale=EN_US

    Solutions de télécopie Lexmark (Lexmark Fax Solutions)
    uninstall cmd: C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe /R:faxunst
    help link: http://support.lexmark.com/index?page=productSelection&channel=supportAndDownloads&locale=en&userlocale=EN_US

    L&H TTS3000 Français (LHTTSFRF)
    uninstall cmd: RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall

    Microsoft .NET Framework 1.1 Hotfix (KB928366) (M928366)
    uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

    Magic ISO Maker v5.4 (build 0245) (Magic ISO Maker v5.4 (build 0245))
    uninstall cmd: G:\PARTIT~1\MAGICI~1.KEY\MagicISO\UNWISE.EXE G:\PARTIT~1\MAGICI~1.KEY\MagicISO\INSTALL.LOG

    Mercury 1 (Mercury 1)
    uninstall cmd: E:\PROGRA~1\TCWorks\Mercury\UNWISE.EXE E:\PROGRA~1\TCWorks\Mercury\INSTALL.LOG

    Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
    uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

    (Microsoft NetShow Player 2.0)

    (MobileOptionPack)

    Mozilla Firefox (2.0.0.11) 2.0.0.11 (fr) (Mozilla Firefox (2.0.0.11))
    install location: E:\fire-fox navigateur
    uninstall cmd: E:\fire-fox navigateur\uninstall\helper.exe
    publisher: Mozilla
    comments: Mozilla Firefox

    (MPlayer2)

    Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)
    install date: 20061224
    uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: https://www.microsoft.com/fr-fr/?ref=go

    (MSI30-Beta1)

    (MSI30-Beta2)

    (MSI30-KB884016)

    (MSI30-RC1)

    (MSI30-RC2)

    (MSI30a-KB884016)

    (MSI31-Beta)

    (MSI31-RC1)

    (Nero - Burning Rom!UninstallKey)
    uninstall cmd: E:\Nero-Gravure\nero\uninstall\UNNERO.exe /UNINSTALL

    Nero Suite (NeroMultiInstaller!UninstallKey)
    uninstall cmd: C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""

    (NetMeeting)

    Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping)
    install date: 20061205
    uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation

    Nuendo Dolby Digital Encoder 1.01 (Nuendo Dolby Digital Encoder 1.01)
    uninstall cmd: C:\PROGRA~1\SPECTR~1\UNINST~1\NUENDO~1\UNWISE.EXE C:\PROGRA~1\SPECTR~1\UNINST~1\NUENDO~1\INSTALL.LOG

    NVIDIA Drivers (NVIDIA Drivers)
    uninstall cmd: C:\WINDOWS\system32\nvudisp.exe UninstallGUI

    (OutlookExpress)

    (PCHealth)
    uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

    PowerISO (PowerISO)
    uninstall cmd: "F:\power iso\PowerISO\uninstall.exe"

    PSP Nitro VST and DX 1.0 (PSP_Nitro)
    uninstall cmd: C:\WINDOWS\iun6002.exe "G:\program yan\irunin.ini"

    (RealJukebox 1.0)
    uninstall cmd: C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

    RealPlayer (RealPlayer 6.0)
    uninstall cmd: C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

    Riva FLV Encoder 2.0 2.00.0004 (Riva FLV Encoder 2.0_is1)
    install location: G:\riva encoder\Riva FLV Encoder 2.0\
    uninstall cmd: "G:\riva encoder\Riva FLV Encoder 2.0\unins000.exe"
    publisher: Rothenberger & Partner
    help link: http://www.rivavx.de

    (SchedulingAgent)

    Shockwave (Shockwave)
    uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log

    9.0.115.0 (ShockwaveFlash)

    Sinus Peak Compressor v2.5 VST (Sinus Peak Compressor v2.5 VST)
    uninstall cmd: E:\PROGRA~1\emagic\LOGIC5~1\VSTPLU~1\Sinus\PEAKCO~1\UNWISE.EXE E:\PROGRA~1\emagic\LOGIC5~1\VSTPLU~1\Sinus\PEAKCO~1\INSTALL.LOG

    SpywareBlaster v3.5.1 3.5.1 (SpywareBlaster_is1)
    install location: C:\Program Files\SpywareBlaster\
    uninstall cmd: "C:\Program Files\SpywareBlaster\unins000.exe"
    publisher: Javacool Software LLC

    LeTraducteur (ST4UNST #1)
    uninstall cmd: C:\WINDOWS\ST4UNST.EXE -n "C:\Language\Fran-Ang.4-9\ST4UNST.LOG"

    VideoLAN VLC media player 0.8.4a 0.8.4a (VLC media player)
    uninstall cmd: E:\VLC\uninstall.exe
    publisher: VideoLAN Team

    VIA Rhine-Family Fast Ethernet Adapter (VN_VUIns_Rhine_VIA)
    uninstall cmd: Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA

    Wave Arts Power Suite 4.08 (Wave Arts Power Suite)
    uninstall cmd: C:\PROGRA~1\WAVEAR~1\POWERS~1\UNWISE.EXE C:\PROGRA~1\WAVEAR~1\POWERS~1\INSTAL~1.LOG
    publisher: Wave Arts, Inc.
    help link: https://wavearts.com/support/
    help telephone: +1 (781) 646-3794

    Windows Genuine Advantage Validation Tool (KB892130) 1.7.0059.1 (WGA)
    install date: 20061015
    publisher: Microsoft Corporation
    help link: https://www.microsoft.com/en-us/howtotell/default.aspx

    Windows Genuine Advantage Notifications (KB905474) 1.7.0018.7 (WgaNotify)
    install date: 20070302
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/905474

    Windows Live Toolbar 03.01.0146 (Windows Live Toolbar)
    uninstall cmd: "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
    publisher: Microsoft Corporation

    Windows Media Format 11 runtime (Windows Media Format Runtime)
    uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    help link: https://support.microsoft.com/en-us

    Lecteur Windows Media 11 (Windows Media Player)
    uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

    Windows XP Service Pack 2 20040819.151636 (Windows XP Service Pack)
    uninstall cmd: C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/811113

    Archiveur WinRAR (WinRAR archiver)
    uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

    (WMCSetup)

    Windows Media Format 11 runtime (WMFDist11)
    install date: 20061224
    uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDi
    0
  16. g!rly Messages postés 18462 Statut Contributeur 407
     
    re,

    je vais pas tarder...

    t´as t-il detecté des fichiers infectés et lesquels ?

    @+
    0
  17. Harry Seldon Messages postés 191 Statut Membre 1
     
    non; aucun fichier détecté comme suspect.
    0
  18. g!rly Messages postés 18462 Statut Contributeur 407
     
    ok

    c´est bizar qu´il te fasse ramer la connection?!

    c´est seulement sur ccm ou en general?

    @+
    0
  19. Harry Seldon Messages postés 191 Statut Membre 1
     
    je te demandé à mon message precedent que dois je faire de spybot? ma navigation et tres alléatoire ca rame de plus en plus et il m'est difficile d'accéder au forum et d'un coup ca retrace quand je deconnecte et reconnecte, ca c'est agravé depuis l'installation de spybot, mais le problème est present depuis quelques heures avant.
    0
  20. Harry Seldon Messages postés 191 Statut Membre 1
     
    non c'est toute ma navigation qui rame pas seulement ccm!
    ps: excuse moi pour le message, je pensé que tu n'avais pas tout lu (il est tard)lol!
    0
  • 1
  • 2
  • 3
  • 4