Retour de mail que je n'ai pas envoyé
brandel
Messages postés
52
Date d'inscription
Statut
Membre
Dernière intervention
-
brandel Messages postés 52 Date d'inscription Statut Membre Dernière intervention -
brandel Messages postés 52 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
Depuis 1 semaine je reçois sur ma boite mail thunberdird de retours mails que je n'ai pas envoyé, une centaine par jour
J'ai fait un nettoyage en mode sans échec avec AVG, clenear, et un scan avec nod32
mais toujours le même résultat
Au secours pourriez vous me donner un coup de main
Depuis 1 semaine je reçois sur ma boite mail thunberdird de retours mails que je n'ai pas envoyé, une centaine par jour
J'ai fait un nettoyage en mode sans échec avec AVG, clenear, et un scan avec nod32
mais toujours le même résultat
Au secours pourriez vous me donner un coup de main
A voir également:
- Retour de mail que je n'ai pas envoyé
- Je n'ai plus acces a ma boite mail gmail - Guide
- Envoyé de mon iphone - Guide
- Publipostage mail - Accueil - Word
- Windows live mail - Télécharger - Mail
- Message non envoyé - Forum Mobile
59 réponses
les quatre dernieres lignes c'est les fichiers qu'il y a dans le dossier rar :upload_moi_FAMILLE.tar.gz
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
C:\WINDOWS\System32\logonui.exe.manifest -->06/02/2008 18:04:47
C:\WINDOWS\System32\cdplayer.exe.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\BASSMOD.dll -->12/02/2008 21:40:26
C:\WINDOWS\System32\imon.dll -->06/02/2008 20:28:48
C:\WINDOWS\System32\FNTCACHE.DAT -->17/02/2008 09:35:14
C:\WINDOWS\System32\wpa.dbl -->16/02/2008 23:18:00
C:\WINDOWS\System32\BASSMOD.dll -->12/02/2008 21:40:26
C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->11/02/2008 12:52:50
C:\WINDOWS\System32\lvcoinst.log -->07/02/2008 18:36:29
C:\WINDOWS\System32\mapisvc.inf -->06/02/2008 20:29:13
C:\WINDOWS\System32\imon.dll -->06/02/2008 20:28:48
C:\WINDOWS\System32\h323log.txt -->06/02/2008 18:59:51
C:\WINDOWS\System32\PerfStringBackup.INI -->06/02/2008 18:19:45
C:\WINDOWS\System32\perfh00C.dat -->06/02/2008 18:19:45
C:\WINDOWS\System32\perfh009.dat -->06/02/2008 18:19:45
C:\WINDOWS\System32\perfc00C.dat -->06/02/2008 18:19:45
C:\WINDOWS\System32\perfc009.dat -->06/02/2008 18:19:45
C:\WINDOWS\System32\$winnt$.inf -->06/02/2008 18:10:17
C:\WINDOWS\System32\CONFIG.NT -->06/02/2008 18:06:20
C:\WINDOWS\System32\nscompat.tlb -->06/02/2008 18:06:15
C:\WINDOWS\System32\amcompat.tlb -->06/02/2008 18:06:15
C:\WINDOWS\System32\WindowsLogon.manifest -->06/02/2008 18:04:47
C:\WINDOWS\System32\logonui.exe.manifest -->06/02/2008 18:04:47
C:\WINDOWS\System32\wuaucpl.cpl.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\sapi.cpl.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\nwc.cpl.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\ncpa.cpl.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\cdplayer.exe.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\emptyregdb.dat -->06/02/2008 18:02:48
C:\WINDOWS\QTFont.qfn -->17/02/2008 12:25:41
C:\WINDOWS\QTFont.for -->17/02/2008 12:25:41
C:\WINDOWS\WindowsUpdate.log -->17/02/2008 11:25:39
C:\WINDOWS\wiadebug.log -->17/02/2008 11:21:27
C:\WINDOWS\wiaservc.log -->17/02/2008 11:21:24
C:\WINDOWS\bootstat.dat -->17/02/2008 11:21:13
C:\WINDOWS\S7A883145.tmp -->17/02/2008 09:31:00
C:\WINDOWS\SchedLgU.Txt -->16/02/2008 23:55:24
C:\WINDOWS\system.ini -->16/02/2008 23:14:45
C:\WINDOWS\win.ini -->15/02/2008 22:11:01
C:\WINDOWS\Sti_Trace.log -->14/02/2008 15:22:03
C:\WINDOWS\EPSMTL32.TXT -->07/02/2008 18:39:56
C:\WINDOWS\CDE DX4200EFGIPSD.ini -->07/02/2008 18:39:25
C:\WINDOWS\WMSysPr9.prx -->07/02/2008 18:26:39
C:\WINDOWS\_delis32.ini -->07/02/2008 18:24:45
C:\WINDOWS\System32\cdplayer.exe.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\BASSMOD.dll -->12/02/2008 21:40:26
C:\WINDOWS\System32\imon.dll -->06/02/2008 20:28:48
C:\WINDOWS\System32\FNTCACHE.DAT -->17/02/2008 09:35:14
C:\WINDOWS\System32\wpa.dbl -->16/02/2008 23:18:00
C:\WINDOWS\System32\BASSMOD.dll -->12/02/2008 21:40:26
C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->11/02/2008 12:52:50
C:\WINDOWS\System32\lvcoinst.log -->07/02/2008 18:36:29
C:\WINDOWS\System32\mapisvc.inf -->06/02/2008 20:29:13
C:\WINDOWS\System32\imon.dll -->06/02/2008 20:28:48
C:\WINDOWS\System32\h323log.txt -->06/02/2008 18:59:51
C:\WINDOWS\System32\PerfStringBackup.INI -->06/02/2008 18:19:45
C:\WINDOWS\System32\perfh00C.dat -->06/02/2008 18:19:45
C:\WINDOWS\System32\perfh009.dat -->06/02/2008 18:19:45
C:\WINDOWS\System32\perfc00C.dat -->06/02/2008 18:19:45
C:\WINDOWS\System32\perfc009.dat -->06/02/2008 18:19:45
C:\WINDOWS\System32\$winnt$.inf -->06/02/2008 18:10:17
C:\WINDOWS\System32\CONFIG.NT -->06/02/2008 18:06:20
C:\WINDOWS\System32\nscompat.tlb -->06/02/2008 18:06:15
C:\WINDOWS\System32\amcompat.tlb -->06/02/2008 18:06:15
C:\WINDOWS\System32\WindowsLogon.manifest -->06/02/2008 18:04:47
C:\WINDOWS\System32\logonui.exe.manifest -->06/02/2008 18:04:47
C:\WINDOWS\System32\wuaucpl.cpl.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\sapi.cpl.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\nwc.cpl.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\ncpa.cpl.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\cdplayer.exe.manifest -->06/02/2008 18:04:37
C:\WINDOWS\System32\emptyregdb.dat -->06/02/2008 18:02:48
C:\WINDOWS\QTFont.qfn -->17/02/2008 12:25:41
C:\WINDOWS\QTFont.for -->17/02/2008 12:25:41
C:\WINDOWS\WindowsUpdate.log -->17/02/2008 11:25:39
C:\WINDOWS\wiadebug.log -->17/02/2008 11:21:27
C:\WINDOWS\wiaservc.log -->17/02/2008 11:21:24
C:\WINDOWS\bootstat.dat -->17/02/2008 11:21:13
C:\WINDOWS\S7A883145.tmp -->17/02/2008 09:31:00
C:\WINDOWS\SchedLgU.Txt -->16/02/2008 23:55:24
C:\WINDOWS\system.ini -->16/02/2008 23:14:45
C:\WINDOWS\win.ini -->15/02/2008 22:11:01
C:\WINDOWS\Sti_Trace.log -->14/02/2008 15:22:03
C:\WINDOWS\EPSMTL32.TXT -->07/02/2008 18:39:56
C:\WINDOWS\CDE DX4200EFGIPSD.ini -->07/02/2008 18:39:25
C:\WINDOWS\WMSysPr9.prx -->07/02/2008 18:26:39
C:\WINDOWS\_delis32.ini -->07/02/2008 18:24:45
voila
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:57:04, on 17/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\Smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\avg\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\TribalWeb.net\tribalweb.exe
D:\Program Files\TurboLaunch\TurboLaunch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\PopTray\PopTray.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ccleaner] "D:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: TribalWeb.lnk = D:\Program Files\TribalWeb.net\tribalweb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D8CE594-61A7-4AF0-8904-31FD9DAD125C}: NameServer = 212.27.53.252,212.27.54.252
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\avg\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:57:04, on 17/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\Smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\avg\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\TribalWeb.net\tribalweb.exe
D:\Program Files\TurboLaunch\TurboLaunch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\PopTray\PopTray.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ccleaner] "D:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: TribalWeb.lnk = D:\Program Files\TribalWeb.net\tribalweb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D8CE594-61A7-4AF0-8904-31FD9DAD125C}: NameServer = 212.27.53.252,212.27.54.252
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\avg\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\Smc.exe
Bonjour,
Nous sommes le jeudi 21/02 et pour l'instant j'ai reçu seulement 3 retour de mail
C'est super, mais cela est il normal de continuer d'en reçevoir ??
Nous sommes le jeudi 21/02 et pour l'instant j'ai reçu seulement 3 retour de mail
C'est super, mais cela est il normal de continuer d'en reçevoir ??
ComboFix 08-02-25.3 - bolo 2008-02-26 6:44:51.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.594 [GMT 1:00]
Endroit: C:\Documents and Settings\bolo\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-26 to 2008-02-26 ))))))))))))))))))))))))))))))))))))
.
2008-02-22 17:02 . 2008-02-22 17:05 136 --a------ C:\WINDOWS\system32\test.aok
2008-02-21 20:50 . 2007-04-12 14:19 129,024 --a------ C:\WINDOWS\system32\AVERM.dll
2008-02-21 20:50 . 2006-09-26 13:57 28,672 --a------ C:\WINDOWS\system32\AVEQT.dll
2008-02-21 10:05 . 2008-02-21 10:05 20,848 --a------ C:\Documents and Settings\bolo\Application Data\GDIPFONTCACHEV1.DAT
2008-02-18 15:51 . 2008-02-18 21:09 1,292 --a------ C:\WINDOWS\mozver.dat
2008-02-17 12:25 . 2008-02-23 09:21 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-17 12:25 . 2008-02-17 12:25 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-17 12:21 . 2008-02-17 12:21 3,241 --a------ C:\WINDOWS\jrgtm16.ini
2008-02-17 12:21 . 2008-02-17 12:21 1,432 --a------ C:\WINDOWS\ckmc_rz16.ini
2008-02-14 16:52 . 2008-02-25 22:46 <REP> d-------- C:\Program Files\Mozilla Thunderbird
2008-02-14 12:54 . 2004-03-08 23:00 152,848 --a------ C:\WINDOWS\system32\comdlg32.ocx
2008-02-13 13:52 . 2008-02-13 13:52 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-02-13 12:49 . 2007-12-07 03:08 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-02-13 12:49 . 2007-04-17 10:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-02-13 12:49 . 2007-03-08 06:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-02-13 12:49 . 2007-12-07 03:08 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-02-13 12:49 . 2007-12-07 03:08 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-02-13 12:49 . 2007-12-07 03:08 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-02-13 12:49 . 2007-12-07 03:08 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-02-13 12:49 . 2007-12-07 03:08 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-02-13 12:49 . 2007-12-06 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-13 08:21 . 2008-02-23 11:48 <REP> d-------- C:\Documents and Settings\bolo\Application Data\DVD Flick
2008-02-13 08:20 . 2004-03-09 00:00 662,288 --a------ C:\WINDOWS\system32\mscomct2.ocx
2008-02-13 08:20 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\richtx32.ocx
2008-02-13 08:20 . 2000-05-19 17:56 81,920 --a------ C:\WINDOWS\system32\mbmouse.ocx
2008-02-13 08:20 . 2000-11-05 15:27 36,864 --a------ C:\WINDOWS\system32\trayicon.ocx
2008-02-13 07:46 . 2008-02-17 23:13 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-02-12 19:55 . 2008-02-12 19:58 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-02-12 19:15 . 2004-08-19 12:09 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-02-12 19:15 . 2004-08-19 12:09 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2008-02-12 15:12 . 2008-02-12 15:12 <REP> d-------- C:\Documents and Settings\bolo\Application Data\Grisoft
2008-02-12 15:11 . 2008-02-12 15:11 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-02-12 15:11 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-11 12:55 . 2008-02-12 22:56 <REP> d-------- C:\Documents and Settings\bolo\Application Data\OpenOffice.org2
2008-02-11 12:52 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-11 10:25 . 2008-02-23 10:03 <REP> d-------- C:\Documents and Settings\bolo\Application Data\dvdcss
2008-02-09 14:15 . 2008-02-09 14:15 <REP> d-------- C:\Program Files\MSXML 4.0
2008-02-09 14:07 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-02-09 13:18 . 2007-05-16 16:13 1,314,816 -----c--- C:\WINDOWS\system32\dllcache\msoe.dll
2008-02-09 13:18 . 2007-10-29 23:43 1,293,824 -----c--- C:\WINDOWS\system32\dllcache\quartz.dll
2008-02-09 13:18 . 2007-05-16 16:13 510,976 -----c--- C:\WINDOWS\system32\dllcache\wab32.dll
2008-02-09 13:18 . 2007-05-16 16:13 85,504 -----c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2008-02-09 13:17 . 2007-10-25 17:56 8,510,976 -----c--- C:\WINDOWS\system32\dllcache\shell32.dll
2008-02-09 13:17 . 2007-08-21 07:17 683,520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-02-09 13:17 . 2006-08-14 11:34 332,928 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-02-09 13:16 . 2007-02-28 17:02 2,182,400 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-02-09 13:16 . 2007-02-28 17:02 2,138,112 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-02-09 13:16 . 2007-02-28 17:02 2,059,648 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-02-09 13:16 . 2007-02-28 17:02 2,017,792 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-02-09 13:16 . 2007-04-23 11:32 364,160 -----c--- C:\WINDOWS\system32\dllcache\update.sys
2008-02-09 13:16 . 2007-10-30 18:20 360,064 -----c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2008-02-09 13:16 . 2006-08-17 13:29 332,288 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-02-09 13:16 . 2007-06-19 14:32 282,112 -----c--- C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-09 13:16 . 2006-10-13 13:36 65,536 -----c--- C:\WINDOWS\system32\dllcache\nwwks.dll
2008-02-09 13:15 . 2007-03-08 16:33 1,843,712 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-02-09 13:15 . 2007-03-08 16:37 578,560 -----c--- C:\WINDOWS\system32\dllcache\user32.dll
2008-02-09 13:15 . 2007-03-17 14:44 293,376 -----c--- C:\WINDOWS\system32\dllcache\winsrv.dll
2008-02-09 13:15 . 2006-06-01 19:48 163,840 -----c--- C:\WINDOWS\system32\dllcache\jgdw400.dll
2008-02-09 13:15 . 2006-07-21 09:27 72,704 -----c--- C:\WINDOWS\system32\dllcache\hlink.dll
2008-02-09 13:15 . 2006-06-01 19:48 27,648 -----c--- C:\WINDOWS\system32\dllcache\jgpl400.dll
2008-02-09 13:13 . 2007-11-07 10:28 728,576 -----c--- C:\WINDOWS\system32\dllcache\lsasrv.dll
2008-02-09 13:13 . 2007-03-09 14:48 57,344 --a--c--- C:\WINDOWS\system32\dllcache\agentdpv.dll
2008-02-09 13:12 . 2006-05-05 10:41 453,120 -----c--- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2008-02-09 13:12 . 2006-05-05 10:47 174,592 -----c--- C:\WINDOWS\system32\dllcache\rdbss.sys
2008-02-09 13:11 . 2007-07-09 14:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-02-09 13:11 . 2007-01-23 20:31 546,304 -----c--- C:\WINDOWS\system32\dllcache\hhctrl.ocx
2008-02-09 13:08 . 2006-12-07 06:29 2,374,472 -----c--- C:\WINDOWS\system32\dllcache\wmvcore.dll
2008-02-09 13:03 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-02-09 13:03 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-02-09 13:03 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-02-09 13:03 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-02-09 12:59 . 2008-02-09 12:59 <REP> d-------- C:\Documents and Settings\bolo\Application Data\AdobeUM
2008-02-09 10:53 . 2008-02-23 17:31 <REP> d-------- C:\Documents and Settings\bolo\Application Data\CopyToDvd
2008-02-09 10:36 . 2008-02-09 10:36 <REP> d-------- C:\Program Files\Fichiers communs\EZB Systems
2008-02-09 09:30 . 2008-02-26 06:43 <REP> d-------- C:\Documents and Settings\bolo\Application Data\GrabIt
2008-02-07 19:45 . 2008-02-07 19:45 <REP> d-------- C:\Program Files\Realtek AC97
2008-02-07 19:45 . 2006-11-17 05:40 18,804,736 --a------ C:\WINDOWS\system32\alsndmgr.cpl
2008-02-07 19:45 . 2006-12-08 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2008-02-07 19:45 . 2008-01-24 16:36 4,127,488 -ra------ C:\WINDOWS\system32\drivers\alcxwdm.sys
2008-02-07 19:45 . 2007-04-16 15:28 577,536 --a------ C:\WINDOWS\soundman.exe
2008-02-07 19:45 . 2006-07-31 11:19 315,392 --a------ C:\WINDOWS\alcupd.exe
2008-02-07 19:45 . 2006-07-31 11:27 217,088 --a------ C:\WINDOWS\Alcrmv.exe
2008-02-07 19:45 . 2006-10-18 02:53 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2008-02-07 19:45 . 2002-02-05 13:54 141,016 --a------ C:\WINDOWS\system32\alsndmgr.wav
2008-02-07 19:45 . 2006-08-01 15:02 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-02-07 19:34 . 2008-02-07 19:35 <REP> d-------- C:\Documents and Settings\bolo\Application Data\ma-config.com
2008-02-07 18:42 . 2008-02-07 18:43 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\UDL
2008-02-07 18:39 . 2005-02-25 00:00 46,080 --a------ C:\WINDOWS\system32\escimgd.dll
2008-02-07 18:39 . 2005-02-25 00:00 29,696 --a------ C:\WINDOWS\system32\escwiad.dll
2008-02-07 18:39 . 2005-02-25 00:00 22,016 --a------ C:\WINDOWS\system32\esccmd.dll
2008-02-07 18:39 . 2008-02-07 18:39 25 --a------ C:\WINDOWS\CDE DX4200EFGIPSD.ini
2008-02-07 18:36 . 2006-06-14 09:47 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2008-02-07 18:24 . 1998-11-13 13:16 308,224 --a------ C:\WINDOWS\IsUn040c.exe
2008-02-07 18:24 . 2008-02-07 18:24 256 --a------ C:\WINDOWS\_delis32.ini
2008-02-07 18:17 . 2008-02-07 18:17 <REP> d-------- C:\WINDOWS\Applian FLV Player
2008-02-07 17:43 . 2008-02-07 17:43 <REP> d--hs---- C:\Documents and Settings\bolo\UserData
2008-02-06 23:17 . 2008-02-19 13:34 <REP> d-------- C:\Documents and Settings\bolo\Contacts
2008-02-06 23:14 . 2008-02-06 23:16 <REP> d-------- C:\Program Files\MSN Messenger
2008-02-06 23:09 . 2008-02-06 23:09 244 --ah----- C:\sqmnoopt01.sqm
2008-02-06 23:09 . 2008-02-06 23:09 232 --ah----- C:\sqmdata01.sqm
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-11 11:52 --------- d-----w C:\Program Files\Java
2008-02-09 11:56 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-07 21:49 --------- d-----w C:\Program Files\Eset
2008-02-07 18:45 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-07 17:42 --------- d-----w C:\Program Files\epson
2008-02-06 21:34 --------- d-----w C:\Documents and Settings\Bruno\Application Data\Bluefive software
2008-02-06 21:03 --------- d-----w C:\Program Files\QuickTime
2008-02-05 22:56 290,419 ---h--w C:\Documents and Settings\Bruno\Application Data\TurboLaunch_IconCache.dat
2008-02-04 17:25 --------- d-----w C:\Documents and Settings\Bruno\Application Data\dvdcss
2008-02-03 09:31 --------- d-----w C:\Documents and Settings\Bruno\Application Data\Vso
2008-01-30 19:05 --------- d-----w C:\Documents and Settings\Bruno\Application Data\TribalWeb
2008-01-22 19:11 --------- d-----w C:\Documents and Settings\Bruno\Application Data\U3
2008-01-18 08:54 47,360 ----a-w C:\Documents and Settings\Bruno\Application Data\pcouffin.sys
2008-01-18 08:54 --------- d-----w C:\Program Files\vso
2008-01-17 22:49 --------- d-----w C:\Documents and Settings\Bruno\Application Data\CopyToDvd
2008-01-10 16:40 --------- d-----w C:\Documents and Settings\Bruno\Application Data\AdobeUM
2008-01-01 15:30 --------- d-----w C:\Documents and Settings\Bruno\Application Data\Apple Computer
2008-01-01 13:22 --------- d-----w C:\Program Files\iPod
2008-01-01 13:20 --------- d-----w C:\Program Files\Apple Software Update
2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-04-04 13:43 87,608 ----a-w C:\Documents and Settings\Bruno\Application Data\ezpinst.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="D:\Program Files\CCleaner\ccleaner.exe" [2008-02-20 15:15 816368]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-02-06 20:28 921600]
"SmcService"="C:\PROGRA~1\Sygate\SPF\Smc.exe" [2003-01-21 14:55 2015303]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Config"="C:\WINDOWS\system32\run.cmd" [2006-02-14 11:24 248]
"nlsf"="cmd.exe" [2004-08-19 16:09 400896 C:\WINDOWS\system32\cmd.exe]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 15:52 44544]
C:\Documents and Settings\Bruno\Menu D‚marrer\Programmes\D‚marrage\
TribalWeb.lnk - D:\Program Files\TribalWeb.net\tribalweb.exe [2007-01-16 22:25:04 1077248]
C:\Documents and Settings\bolo\Menu D‚marrer\Programmes\D‚marrage\
TribalWeb.lnk - D:\Program Files\TribalWeb.net\tribalweb.exe [2007-01-16 22:25:04 1077248]
C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-26 06:46:40
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-02-26 6:47:09
.
2008-02-17 22:26:26 --- E O F ---
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.594 [GMT 1:00]
Endroit: C:\Documents and Settings\bolo\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-26 to 2008-02-26 ))))))))))))))))))))))))))))))))))))
.
2008-02-22 17:02 . 2008-02-22 17:05 136 --a------ C:\WINDOWS\system32\test.aok
2008-02-21 20:50 . 2007-04-12 14:19 129,024 --a------ C:\WINDOWS\system32\AVERM.dll
2008-02-21 20:50 . 2006-09-26 13:57 28,672 --a------ C:\WINDOWS\system32\AVEQT.dll
2008-02-21 10:05 . 2008-02-21 10:05 20,848 --a------ C:\Documents and Settings\bolo\Application Data\GDIPFONTCACHEV1.DAT
2008-02-18 15:51 . 2008-02-18 21:09 1,292 --a------ C:\WINDOWS\mozver.dat
2008-02-17 12:25 . 2008-02-23 09:21 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-17 12:25 . 2008-02-17 12:25 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-17 12:21 . 2008-02-17 12:21 3,241 --a------ C:\WINDOWS\jrgtm16.ini
2008-02-17 12:21 . 2008-02-17 12:21 1,432 --a------ C:\WINDOWS\ckmc_rz16.ini
2008-02-14 16:52 . 2008-02-25 22:46 <REP> d-------- C:\Program Files\Mozilla Thunderbird
2008-02-14 12:54 . 2004-03-08 23:00 152,848 --a------ C:\WINDOWS\system32\comdlg32.ocx
2008-02-13 13:52 . 2008-02-13 13:52 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-02-13 12:49 . 2007-12-07 03:08 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-02-13 12:49 . 2007-04-17 10:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-02-13 12:49 . 2007-03-08 06:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-02-13 12:49 . 2007-12-07 03:08 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-02-13 12:49 . 2007-12-07 03:08 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-02-13 12:49 . 2007-12-07 03:08 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-02-13 12:49 . 2007-12-07 03:08 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-02-13 12:49 . 2007-12-07 03:08 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-02-13 12:49 . 2007-12-06 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-13 08:21 . 2008-02-23 11:48 <REP> d-------- C:\Documents and Settings\bolo\Application Data\DVD Flick
2008-02-13 08:20 . 2004-03-09 00:00 662,288 --a------ C:\WINDOWS\system32\mscomct2.ocx
2008-02-13 08:20 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\richtx32.ocx
2008-02-13 08:20 . 2000-05-19 17:56 81,920 --a------ C:\WINDOWS\system32\mbmouse.ocx
2008-02-13 08:20 . 2000-11-05 15:27 36,864 --a------ C:\WINDOWS\system32\trayicon.ocx
2008-02-13 07:46 . 2008-02-17 23:13 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-02-12 19:55 . 2008-02-12 19:58 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-02-12 19:15 . 2004-08-19 12:09 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-02-12 19:15 . 2004-08-19 12:09 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2008-02-12 15:12 . 2008-02-12 15:12 <REP> d-------- C:\Documents and Settings\bolo\Application Data\Grisoft
2008-02-12 15:11 . 2008-02-12 15:11 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-02-12 15:11 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-11 12:55 . 2008-02-12 22:56 <REP> d-------- C:\Documents and Settings\bolo\Application Data\OpenOffice.org2
2008-02-11 12:52 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-11 10:25 . 2008-02-23 10:03 <REP> d-------- C:\Documents and Settings\bolo\Application Data\dvdcss
2008-02-09 14:15 . 2008-02-09 14:15 <REP> d-------- C:\Program Files\MSXML 4.0
2008-02-09 14:07 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-02-09 13:18 . 2007-05-16 16:13 1,314,816 -----c--- C:\WINDOWS\system32\dllcache\msoe.dll
2008-02-09 13:18 . 2007-10-29 23:43 1,293,824 -----c--- C:\WINDOWS\system32\dllcache\quartz.dll
2008-02-09 13:18 . 2007-05-16 16:13 510,976 -----c--- C:\WINDOWS\system32\dllcache\wab32.dll
2008-02-09 13:18 . 2007-05-16 16:13 85,504 -----c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2008-02-09 13:17 . 2007-10-25 17:56 8,510,976 -----c--- C:\WINDOWS\system32\dllcache\shell32.dll
2008-02-09 13:17 . 2007-08-21 07:17 683,520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-02-09 13:17 . 2006-08-14 11:34 332,928 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-02-09 13:16 . 2007-02-28 17:02 2,182,400 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-02-09 13:16 . 2007-02-28 17:02 2,138,112 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-02-09 13:16 . 2007-02-28 17:02 2,059,648 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-02-09 13:16 . 2007-02-28 17:02 2,017,792 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-02-09 13:16 . 2007-04-23 11:32 364,160 -----c--- C:\WINDOWS\system32\dllcache\update.sys
2008-02-09 13:16 . 2007-10-30 18:20 360,064 -----c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2008-02-09 13:16 . 2006-08-17 13:29 332,288 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-02-09 13:16 . 2007-06-19 14:32 282,112 -----c--- C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-09 13:16 . 2006-10-13 13:36 65,536 -----c--- C:\WINDOWS\system32\dllcache\nwwks.dll
2008-02-09 13:15 . 2007-03-08 16:33 1,843,712 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-02-09 13:15 . 2007-03-08 16:37 578,560 -----c--- C:\WINDOWS\system32\dllcache\user32.dll
2008-02-09 13:15 . 2007-03-17 14:44 293,376 -----c--- C:\WINDOWS\system32\dllcache\winsrv.dll
2008-02-09 13:15 . 2006-06-01 19:48 163,840 -----c--- C:\WINDOWS\system32\dllcache\jgdw400.dll
2008-02-09 13:15 . 2006-07-21 09:27 72,704 -----c--- C:\WINDOWS\system32\dllcache\hlink.dll
2008-02-09 13:15 . 2006-06-01 19:48 27,648 -----c--- C:\WINDOWS\system32\dllcache\jgpl400.dll
2008-02-09 13:13 . 2007-11-07 10:28 728,576 -----c--- C:\WINDOWS\system32\dllcache\lsasrv.dll
2008-02-09 13:13 . 2007-03-09 14:48 57,344 --a--c--- C:\WINDOWS\system32\dllcache\agentdpv.dll
2008-02-09 13:12 . 2006-05-05 10:41 453,120 -----c--- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2008-02-09 13:12 . 2006-05-05 10:47 174,592 -----c--- C:\WINDOWS\system32\dllcache\rdbss.sys
2008-02-09 13:11 . 2007-07-09 14:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-02-09 13:11 . 2007-01-23 20:31 546,304 -----c--- C:\WINDOWS\system32\dllcache\hhctrl.ocx
2008-02-09 13:08 . 2006-12-07 06:29 2,374,472 -----c--- C:\WINDOWS\system32\dllcache\wmvcore.dll
2008-02-09 13:03 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-02-09 13:03 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-02-09 13:03 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-02-09 13:03 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-02-09 12:59 . 2008-02-09 12:59 <REP> d-------- C:\Documents and Settings\bolo\Application Data\AdobeUM
2008-02-09 10:53 . 2008-02-23 17:31 <REP> d-------- C:\Documents and Settings\bolo\Application Data\CopyToDvd
2008-02-09 10:36 . 2008-02-09 10:36 <REP> d-------- C:\Program Files\Fichiers communs\EZB Systems
2008-02-09 09:30 . 2008-02-26 06:43 <REP> d-------- C:\Documents and Settings\bolo\Application Data\GrabIt
2008-02-07 19:45 . 2008-02-07 19:45 <REP> d-------- C:\Program Files\Realtek AC97
2008-02-07 19:45 . 2006-11-17 05:40 18,804,736 --a------ C:\WINDOWS\system32\alsndmgr.cpl
2008-02-07 19:45 . 2006-12-08 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2008-02-07 19:45 . 2008-01-24 16:36 4,127,488 -ra------ C:\WINDOWS\system32\drivers\alcxwdm.sys
2008-02-07 19:45 . 2007-04-16 15:28 577,536 --a------ C:\WINDOWS\soundman.exe
2008-02-07 19:45 . 2006-07-31 11:19 315,392 --a------ C:\WINDOWS\alcupd.exe
2008-02-07 19:45 . 2006-07-31 11:27 217,088 --a------ C:\WINDOWS\Alcrmv.exe
2008-02-07 19:45 . 2006-10-18 02:53 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2008-02-07 19:45 . 2002-02-05 13:54 141,016 --a------ C:\WINDOWS\system32\alsndmgr.wav
2008-02-07 19:45 . 2006-08-01 15:02 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-02-07 19:34 . 2008-02-07 19:35 <REP> d-------- C:\Documents and Settings\bolo\Application Data\ma-config.com
2008-02-07 18:42 . 2008-02-07 18:43 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\UDL
2008-02-07 18:39 . 2005-02-25 00:00 46,080 --a------ C:\WINDOWS\system32\escimgd.dll
2008-02-07 18:39 . 2005-02-25 00:00 29,696 --a------ C:\WINDOWS\system32\escwiad.dll
2008-02-07 18:39 . 2005-02-25 00:00 22,016 --a------ C:\WINDOWS\system32\esccmd.dll
2008-02-07 18:39 . 2008-02-07 18:39 25 --a------ C:\WINDOWS\CDE DX4200EFGIPSD.ini
2008-02-07 18:36 . 2006-06-14 09:47 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2008-02-07 18:24 . 1998-11-13 13:16 308,224 --a------ C:\WINDOWS\IsUn040c.exe
2008-02-07 18:24 . 2008-02-07 18:24 256 --a------ C:\WINDOWS\_delis32.ini
2008-02-07 18:17 . 2008-02-07 18:17 <REP> d-------- C:\WINDOWS\Applian FLV Player
2008-02-07 17:43 . 2008-02-07 17:43 <REP> d--hs---- C:\Documents and Settings\bolo\UserData
2008-02-06 23:17 . 2008-02-19 13:34 <REP> d-------- C:\Documents and Settings\bolo\Contacts
2008-02-06 23:14 . 2008-02-06 23:16 <REP> d-------- C:\Program Files\MSN Messenger
2008-02-06 23:09 . 2008-02-06 23:09 244 --ah----- C:\sqmnoopt01.sqm
2008-02-06 23:09 . 2008-02-06 23:09 232 --ah----- C:\sqmdata01.sqm
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-11 11:52 --------- d-----w C:\Program Files\Java
2008-02-09 11:56 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-07 21:49 --------- d-----w C:\Program Files\Eset
2008-02-07 18:45 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-07 17:42 --------- d-----w C:\Program Files\epson
2008-02-06 21:34 --------- d-----w C:\Documents and Settings\Bruno\Application Data\Bluefive software
2008-02-06 21:03 --------- d-----w C:\Program Files\QuickTime
2008-02-05 22:56 290,419 ---h--w C:\Documents and Settings\Bruno\Application Data\TurboLaunch_IconCache.dat
2008-02-04 17:25 --------- d-----w C:\Documents and Settings\Bruno\Application Data\dvdcss
2008-02-03 09:31 --------- d-----w C:\Documents and Settings\Bruno\Application Data\Vso
2008-01-30 19:05 --------- d-----w C:\Documents and Settings\Bruno\Application Data\TribalWeb
2008-01-22 19:11 --------- d-----w C:\Documents and Settings\Bruno\Application Data\U3
2008-01-18 08:54 47,360 ----a-w C:\Documents and Settings\Bruno\Application Data\pcouffin.sys
2008-01-18 08:54 --------- d-----w C:\Program Files\vso
2008-01-17 22:49 --------- d-----w C:\Documents and Settings\Bruno\Application Data\CopyToDvd
2008-01-10 16:40 --------- d-----w C:\Documents and Settings\Bruno\Application Data\AdobeUM
2008-01-01 15:30 --------- d-----w C:\Documents and Settings\Bruno\Application Data\Apple Computer
2008-01-01 13:22 --------- d-----w C:\Program Files\iPod
2008-01-01 13:20 --------- d-----w C:\Program Files\Apple Software Update
2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-04-04 13:43 87,608 ----a-w C:\Documents and Settings\Bruno\Application Data\ezpinst.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="D:\Program Files\CCleaner\ccleaner.exe" [2008-02-20 15:15 816368]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-02-06 20:28 921600]
"SmcService"="C:\PROGRA~1\Sygate\SPF\Smc.exe" [2003-01-21 14:55 2015303]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Config"="C:\WINDOWS\system32\run.cmd" [2006-02-14 11:24 248]
"nlsf"="cmd.exe" [2004-08-19 16:09 400896 C:\WINDOWS\system32\cmd.exe]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 15:52 44544]
C:\Documents and Settings\Bruno\Menu D‚marrer\Programmes\D‚marrage\
TribalWeb.lnk - D:\Program Files\TribalWeb.net\tribalweb.exe [2007-01-16 22:25:04 1077248]
C:\Documents and Settings\bolo\Menu D‚marrer\Programmes\D‚marrage\
TribalWeb.lnk - D:\Program Files\TribalWeb.net\tribalweb.exe [2007-01-16 22:25:04 1077248]
C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-26 06:46:40
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-02-26 6:47:09
.
2008-02-17 22:26:26 --- E O F ---
