Mon PC ne fonctionne pas en mode normal
jon972_1
Messages postés
5
Statut
Membre
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
J'ai un gros probleme avec mon ordinateur. Quand je le demmare en mode normal le nureau s'affiche mais tout est ralenti je ne peu casiment rien faire au final je sui obligé de l'éteidre en apuyant sur le bouton de l'unité centrale.
Le mode sans echec fonctionne mais il m'est impossible d'instaler un anti-spyware (comme ad-aware) ou autre ligiciel me permetant de trouvé un virus, la restauration systeme ne marche pas, spybot ne trouve aucun espion je ne compren vraiment pas...
j'ai fait un scan avec hijackthis voici le résultat :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:02:38, on 26/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = yahoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {C0A7F9B4-5F16-0839-4EFB-B1A7ABDBDC3A} - (no file)
O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\WINDOWS\system32\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\EoRezo\EoWeather\ItsTV.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Centre de Sécurité Windows 1.20] C:\WINDOWS\system32\DBR120\DXW1\services.exe
O4 - HKLM\..\Run: [Centre de Sécurité Windows 1.16] C:\WINDOWS\system32\DBR116\DB1\services.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [16ball32meta] C:\Documents and Settings\All Users\Application Data\Realtwo16ball\memoeq.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\jojo\LOCALS~1\Temp\IXP000.TMP\"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Steam] "c:\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [MSN Webcam Recorder] "C:\Program Files\MSN Webcam Recorder\ml20gui.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\jojo\APPLIC~1\ELSEPL~1\AXISNEW.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SM.lnk = C:\Program Files\SM\skymessnet.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Micro Application Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet3_88.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab55200.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
J'ai un gros probleme avec mon ordinateur. Quand je le demmare en mode normal le nureau s'affiche mais tout est ralenti je ne peu casiment rien faire au final je sui obligé de l'éteidre en apuyant sur le bouton de l'unité centrale.
Le mode sans echec fonctionne mais il m'est impossible d'instaler un anti-spyware (comme ad-aware) ou autre ligiciel me permetant de trouvé un virus, la restauration systeme ne marche pas, spybot ne trouve aucun espion je ne compren vraiment pas...
j'ai fait un scan avec hijackthis voici le résultat :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:02:38, on 26/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = yahoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {C0A7F9B4-5F16-0839-4EFB-B1A7ABDBDC3A} - (no file)
O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\WINDOWS\system32\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\EoRezo\EoWeather\ItsTV.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Centre de Sécurité Windows 1.20] C:\WINDOWS\system32\DBR120\DXW1\services.exe
O4 - HKLM\..\Run: [Centre de Sécurité Windows 1.16] C:\WINDOWS\system32\DBR116\DB1\services.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [16ball32meta] C:\Documents and Settings\All Users\Application Data\Realtwo16ball\memoeq.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\jojo\LOCALS~1\Temp\IXP000.TMP\"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Steam] "c:\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [MSN Webcam Recorder] "C:\Program Files\MSN Webcam Recorder\ml20gui.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\jojo\APPLIC~1\ELSEPL~1\AXISNEW.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SM.lnk = C:\Program Files\SM\skymessnet.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Micro Application Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet3_88.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab55200.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
A voir également:
- Mon PC ne fonctionne pas en mode normal
- Mon pc est lent - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
- Mode avion - Guide
- Reinitialiser pc - Guide
- Ma cle usb n'est pas reconnu par mon pc - Guide
14 réponses
slt,
il ne faut mettre que avg 7 ou avast sur ton ordi
_____________
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
______________
Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
_________________
fais un scan en ligne en mode sans echec
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
secuser en ligne :
http://www.secuser.com/outils/antivirus.htm
il ne faut mettre que avg 7 ou avast sur ton ordi
_____________
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
______________
Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
_________________
fais un scan en ligne en mode sans echec
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
secuser en ligne :
http://www.secuser.com/outils/antivirus.htm
merci beaucoup de vos réponse je vais essayé ce que tu m'a di jlpjlp
je te di si sa a marché
ps: mon ordi ralenti un peu en mode sans echec mais le mode normal bug telment que je suis obligé d'éteindre l'unité centrale a chaque foi
je te di si sa a marché
ps: mon ordi ralenti un peu en mode sans echec mais le mode normal bug telment que je suis obligé d'éteindre l'unité centrale a chaque foi
[b]SDFix: Version 1.162 [/b]
Run by Administrateur on 26/03/2008 at 22:49
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\ADMINI~1\Bureau\SDFix
[b]Checking Services [/b]:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service
voici le rapport de SDfix je n'ai pas encore eu le temps pour te autre solution je vais voir tout sa demain je poste les rapport demin des que je peux je te remerci encore pour ton aide a demin
Run by Administrateur on 26/03/2008 at 22:49
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\ADMINI~1\Bureau\SDFix
[b]Checking Services [/b]:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service
voici le rapport de SDfix je n'ai pas encore eu le temps pour te autre solution je vais voir tout sa demain je poste les rapport demin des que je peux je te remerci encore pour ton aide a demin
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
BitDefender Online Scanner
Rapport d'analyse généré à: Thu, Mar 27, 2008 - 21:01:40
Voie d'analyse: A:\;C:\;D:\;E:\;G:\;H:\;I:\;J:\;K:\;
Statistiques
Temps
01:48:45
Fichiers
73452
Directoires
11081
Secteurs de boot
2
Archives
1343
Paquets programmes
5096
Résultats
Virus identifiés
9
Fichiers infectés
18
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
18
Info sur les moteurs
Définition virus
1034431
Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Analyse des plugins
16
Archive des plugins
41
Unpack des plugins
7
E-mail plugins
6
Système plugins
5
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\Documents and Settings\jojo\Bureau\mspass.exe
Détecté avec: Application.Tool.232
C:\Documents and Settings\jojo\Bureau\mspass.exe
Echec de la désinfection
C:\Documents and Settings\jojo\Bureau\mspass.exe
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)=>lzma_solid_nsis0005
Détecté avec: Adware.NaviPromo.BYC
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)=>lzma_solid_nsis0005
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Détecté avec: Adware.NaviPromo.BYC
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0005
Détecté avec: Adware.Navipromo.BYN
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0005
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0009
Détecté avec: Adware.SpywareSecure.D
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0009
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Détecté avec: Adware.Navipromo.BYN
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)=>lzma_solid_nsis0005
Détecté avec: Adware.NaviPromo.BYC
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)=>lzma_solid_nsis0005
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Détecté avec: Adware.NaviPromo.BYC
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)
Echec de la mise à jour
C:\Program Files\Mail PassView\mailpv.exe
Détecté avec: Spyware.Pws.Mailpass.D
C:\Program Files\Mail PassView\mailpv.exe
Supprimé
C:\Program Files\Softwin\BitDefender Free Edition\Infected\InternetGameBox_setup.exe
Détecté avec: Adware.Navipromo.BYD
C:\Program Files\Softwin\BitDefender Free Edition\Infected\InternetGameBox_setup.exe
Echec de la désinfection
C:\Program Files\Softwin\BitDefender Free Edition\Infected\InternetGameBox_setup.exe
Supprimé
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008067.exe
Détecté avec: Application.Tool.232
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008067.exe
Echec de la désinfection
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008067.exe
Supprimé
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008068.exe
Détecté avec: Spyware.Pws.Mailpass.D
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008068.exe
Supprimé
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008069.exe
Détecté avec: Adware.Navipromo.BYD
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008069.exe
Echec de la désinfection
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008069.exe
Supprimé
C:\WINDOWS\system32\securitycenter_11893497454007.exe
Infecté par: Generic.Malware.SL!.6BF49FD4
C:\WINDOWS\system32\securitycenter_11893497454007.exe
Echec de la désinfection
C:\WINDOWS\system32\securitycenter_11893497454007.exe
Supprimé
C:\WINDOWS\system32\securitycenter_11893499754336.exe
Infecté par: Generic.Malware.SL!.6BF49FD4
C:\WINDOWS\system32\securitycenter_11893499754336.exe
Echec de la désinfection
C:\WINDOWS\system32\securitycenter_11893499754336.exe
Supprimé
C:\WINDOWS\system32\securitycenter_11893504783966.exe
Infecté par: Generic.Malware.SL!.6BF49FD4
C:\WINDOWS\system32\securitycenter_11893504783966.exe
Echec de la désinfection
C:\WINDOWS\system32\securitycenter_11893504783966.exe
Supprimé
C:\WINDOWS\system32\securitycenter_11905436696630.exe
Infecté par: Generic.Malware.SL!.5B241E49
C:\WINDOWS\system32\securitycenter_11905436696630.exe
Echec de la désinfection
C:\WINDOWS\system32\securitycenter_11905436696630.exe
Supprimé
C:\WINDOWS\system32\securitycenter_11905485016938.exe
Infecté par: BehavesLike:Win32.IRC-Backdoor
C:\WINDOWS\system32\securitycenter_11905485016938.exe
Echec de la désinfection
C:\WINDOWS\system32\securitycenter_11905485016938.exe
Supprimé
voici le rapport de bitdefender en ligne.
pour le rapport de SDfix je pense qu'il est complet il n'y a que ca d'écrit dans le fichier report.txt
voila dit moi ce que tu pense du rapport bitdefender merci a+
Rapport d'analyse généré à: Thu, Mar 27, 2008 - 21:01:40
Voie d'analyse: A:\;C:\;D:\;E:\;G:\;H:\;I:\;J:\;K:\;
Statistiques
Temps
01:48:45
Fichiers
73452
Directoires
11081
Secteurs de boot
2
Archives
1343
Paquets programmes
5096
Résultats
Virus identifiés
9
Fichiers infectés
18
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
18
Info sur les moteurs
Définition virus
1034431
Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Analyse des plugins
16
Archive des plugins
41
Unpack des plugins
7
E-mail plugins
6
Système plugins
5
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\Documents and Settings\jojo\Bureau\mspass.exe
Détecté avec: Application.Tool.232
C:\Documents and Settings\jojo\Bureau\mspass.exe
Echec de la désinfection
C:\Documents and Settings\jojo\Bureau\mspass.exe
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)=>lzma_solid_nsis0005
Détecté avec: Adware.NaviPromo.BYC
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)=>lzma_solid_nsis0005
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Détecté avec: Adware.NaviPromo.BYC
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(2).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0005
Détecté avec: Adware.Navipromo.BYN
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0005
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0009
Détecté avec: Adware.SpywareSecure.D
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0009
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Détecté avec: Adware.Navipromo.BYN
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup(3).exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)=>lzma_solid_nsis0005
Détecté avec: Adware.NaviPromo.BYC
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)=>lzma_solid_nsis0005
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)
Echec de la mise à jour
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Détecté avec: Adware.NaviPromo.BYC
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)=>lzma_solid_nsis0002
Supprimé
C:\Documents and Settings\marie\Bureau\SpywareSecure_trial_setup.exe=>(NSIS 2o)=>lzma_solid_nsis0013=>(NSIS g)
Echec de la mise à jour
C:\Program Files\Mail PassView\mailpv.exe
Détecté avec: Spyware.Pws.Mailpass.D
C:\Program Files\Mail PassView\mailpv.exe
Supprimé
C:\Program Files\Softwin\BitDefender Free Edition\Infected\InternetGameBox_setup.exe
Détecté avec: Adware.Navipromo.BYD
C:\Program Files\Softwin\BitDefender Free Edition\Infected\InternetGameBox_setup.exe
Echec de la désinfection
C:\Program Files\Softwin\BitDefender Free Edition\Infected\InternetGameBox_setup.exe
Supprimé
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008067.exe
Détecté avec: Application.Tool.232
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008067.exe
Echec de la désinfection
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008067.exe
Supprimé
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008068.exe
Détecté avec: Spyware.Pws.Mailpass.D
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008068.exe
Supprimé
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008069.exe
Détecté avec: Adware.Navipromo.BYD
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008069.exe
Echec de la désinfection
C:\System Volume Information\_restore{919663DF-F899-4493-9E00-68FF9C37EB48}\RP3\A0008069.exe
Supprimé
C:\WINDOWS\system32\securitycenter_11893497454007.exe
Infecté par: Generic.Malware.SL!.6BF49FD4
C:\WINDOWS\system32\securitycenter_11893497454007.exe
Echec de la désinfection
C:\WINDOWS\system32\securitycenter_11893497454007.exe
Supprimé
C:\WINDOWS\system32\securitycenter_11893499754336.exe
Infecté par: Generic.Malware.SL!.6BF49FD4
C:\WINDOWS\system32\securitycenter_11893499754336.exe
Echec de la désinfection
C:\WINDOWS\system32\securitycenter_11893499754336.exe
Supprimé
C:\WINDOWS\system32\securitycenter_11893504783966.exe
Infecté par: Generic.Malware.SL!.6BF49FD4
C:\WINDOWS\system32\securitycenter_11893504783966.exe
Echec de la désinfection
C:\WINDOWS\system32\securitycenter_11893504783966.exe
Supprimé
C:\WINDOWS\system32\securitycenter_11905436696630.exe
Infecté par: Generic.Malware.SL!.5B241E49
C:\WINDOWS\system32\securitycenter_11905436696630.exe
Echec de la désinfection
C:\WINDOWS\system32\securitycenter_11905436696630.exe
Supprimé
C:\WINDOWS\system32\securitycenter_11905485016938.exe
Infecté par: BehavesLike:Win32.IRC-Backdoor
C:\WINDOWS\system32\securitycenter_11905485016938.exe
Echec de la désinfection
C:\WINDOWS\system32\securitycenter_11905485016938.exe
Supprimé
voici le rapport de bitdefender en ligne.
pour le rapport de SDfix je pense qu'il est complet il n'y a que ca d'écrit dans le fichier report.txt
voila dit moi ce que tu pense du rapport bitdefender merci a+
Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
______________
tu as une infection par spyware secure
fais navilog:
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
______________
tu as une infection par spyware secure
fais navilog:
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Search Navipromo version 3.5.1 commencé le 30/03/2008 à 12:20:37,62
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "jojo"
Mise à jour le 23.03.2008 à 22h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Executé en mode sans échec
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***
*** Recherche dossiers dans "C:\Documents and Settings\jojo\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\jojo\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\jojo\menud+~1\progra~1" ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
* Recherche dans "C:\Documents and Settings\jojo\locals~1\applic~1" *
* Recherche dans "C:\docume~1\Administrateur\locals~1\applic~1" *
* Recherche dans "C:\docume~1\Invité\locals~1\applic~1" *
* Recherche dans "C:\docume~1\Invité.JONATHAN\locals~1\applic~1" *
* Recherche dans "C:\docume~1\marie\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans C:\WINDOWS\system32 :
* Dans "C:\Documents and Settings\jojo\locals~1\applic~1" :
* Dans "C:\docume~1\Administrateur\locals~1\applic~1" :
* Dans "C:\docume~1\Invité\locals~1\applic~1" :
* Dans "C:\docume~1\Invité.JONATHAN\locals~1\applic~1" :
* Dans "C:\docume~1\marie\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 30/03/2008 à 12:42:29,60 ***
voila voila
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "jojo"
Mise à jour le 23.03.2008 à 22h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Executé en mode sans échec
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***
*** Recherche dossiers dans "C:\Documents and Settings\jojo\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\jojo\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\jojo\menud+~1\progra~1" ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
* Recherche dans "C:\Documents and Settings\jojo\locals~1\applic~1" *
* Recherche dans "C:\docume~1\Administrateur\locals~1\applic~1" *
* Recherche dans "C:\docume~1\Invité\locals~1\applic~1" *
* Recherche dans "C:\docume~1\Invité.JONATHAN\locals~1\applic~1" *
* Recherche dans "C:\docume~1\marie\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans C:\WINDOWS\system32 :
* Dans "C:\Documents and Settings\jojo\locals~1\applic~1" :
* Dans "C:\docume~1\Administrateur\locals~1\applic~1" :
* Dans "C:\docume~1\Invité\locals~1\applic~1" :
* Dans "C:\docume~1\Invité.JONATHAN\locals~1\applic~1" :
* Dans "C:\docume~1\marie\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 30/03/2008 à 12:42:29,60 ***
voila voila
refais navilog avec l'option 2
_______________
Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
________________
encore des problemes????
recolle un hijakchtis et un bitdefender
a plus
_______________
Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
________________
encore des problemes????
recolle un hijakchtis et un bitdefender
a plus
ComboFix 08-03-29.1 - jojo 2008-03-30 14:44:08.3 - NTFSx86 NETWORK
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.295 [GMT 2:00]
Endroit: C:\Documents and Settings\jojo\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
-- Script messages for sUBs --
VFind -tf "C:\WINDOWS\system32\insatll.~tmp"
((((((((((((((((((((((((((((( Fichiers créés 2008-02-28 to 2008-03-30 ))))))))))))))))))))))))))))))))))))
.
2008-03-29 22:53 . 2008-03-30 14:41 <REP> d-------- C:\Program Files\Navilog1
2008-03-27 19:59 . 2008-03-27 22:01 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-03-26 23:45 . 2008-03-26 23:46 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-26 22:01 . 2008-03-26 22:01 <REP> d-------- C:\Program Files\Trend Micro
2008-03-23 17:05 . 2008-03-23 18:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-23 17:00 . 2008-03-23 17:02 <REP> d-------- C:\WINDOWS\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2008-03-16 12:01 . 2008-03-16 12:01 <REP> d-------- C:\Documents and Settings\jojo\Application Data\Lavasoft
2008-03-15 23:58 . 2008-03-15 23:58 389 --a------ C:\WINDOWS\wininit.ini
2008-03-15 23:01 . 2008-03-15 23:01 691,545 --a------ C:\WINDOWS\unins000.exe
2008-03-15 23:01 . 2008-03-15 23:01 2,547 --a------ C:\WINDOWS\unins000.dat
2008-03-13 21:51 . 2008-03-30 14:31 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-09 19:22 . 2006-06-07 16:26 67,384 --a------ C:\WINDOWS\system32\drivers\btwusb.sys
2008-03-09 03:36 . 2008-03-09 03:36 <REP> d-------- C:\WINDOWS\system32\SYNC_1204845569_130904
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-03-09 03:35 . 2008-03-09 03:35 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2008-03-09 03:32 . 2008-03-09 03:32 <REP> d-------- C:\WINDOWS\system32\SYNC_1204718176_110556
2008-03-09 03:32 . 2008-03-09 03:32 <REP> d-------- C:\WINDOWS\system32\SYNC_1204661694_128184
2008-03-08 01:10 . 2005-05-27 09:31 22,016 --a------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2008-03-07 01:32 . 2008-03-19 16:21 <REP> d-------- C:\Documents and Settings\Administrateur\Contacts
2008-03-07 01:19 . 2008-03-07 01:19 16,384 --a------ C:\WINDOWS\system32\securitycenter_12048455695828.exe
2008-03-07 01:04 . 2008-03-07 01:04 <REP> d-------- C:\Documents and Settings\marie\Application Data\ItsLabel
2008-03-07 01:03 . 2008-03-07 01:03 <REP> d-------- C:\Documents and Settings\marie\Application Data\EoRezo
2008-03-07 00:29 . 2008-03-09 03:29 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-03-07 00:29 . 2008-03-09 03:35 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-03-07 00:29 . 2008-03-09 03:29 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-03-07 00:29 . 2008-03-26 23:48 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-03-05 15:45 . 2007-12-04 15:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-03-05 15:45 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-05 15:45 . 2007-12-04 14:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-03-05 15:45 . 2007-12-04 16:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-05 15:45 . 2007-12-04 16:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-03-05 15:45 . 2007-12-04 16:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-05 15:45 . 2007-12-04 16:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-05 15:45 . 2007-12-04 16:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-05 15:14 . 2008-03-05 15:14 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-03-05 15:10 . 2008-03-09 03:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-03-05 13:56 . 2008-03-05 13:56 16,384 --a------ C:\WINDOWS\system32\securitycenter_12047181766295.exe
2008-03-05 07:25 . 2008-03-05 07:25 <REP> d-------- C:\Documents and Settings\jojo\Application Data\ItsLabel
2008-03-05 01:47 . 2008-03-05 01:47 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046744568146.exe
2008-03-05 00:49 . 2008-03-23 15:48 <REP> d-------- C:\Program Files\EoRezo
2008-03-05 00:49 . 2008-03-23 15:48 <REP> d-------- C:\Documents and Settings\jojo\Application Data\EoRezo
2008-03-04 22:14 . 2008-03-04 22:14 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046616941941.exe
2008-03-04 16:00 . 2008-03-04 16:00 <REP> d-------- C:\WINDOWS\system32\SYNC_1204639246_103676
2008-03-04 16:00 . 2008-03-04 16:00 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046392462013.exe
2008-03-04 15:50 . 2008-03-04 15:50 <REP> d-------- C:\WINDOWS\system32\SYNC_1204638619_111107
2008-03-04 15:50 . 2008-03-04 15:50 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046386195649.exe
2008-03-04 14:56 . 2008-03-04 14:56 <REP> d-------- C:\WINDOWS\system32\SYNC_1204635378_127767
2008-03-04 14:56 . 2008-03-04 14:56 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046353789646.exe
2008-03-04 14:52 . 2008-03-04 14:52 <REP> d-------- C:\WINDOWS\system32\SYNC_1204635174_119733
2008-03-04 14:52 . 2008-03-04 14:52 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046351745578.exe
2008-03-04 00:23 . 2008-03-04 00:23 <REP> d-------- C:\WINDOWS\system32\SYNC_1204583012_102610
2008-03-04 00:23 . 2008-03-04 00:23 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045830124364.exe
2008-03-04 00:04 . 2008-03-04 00:04 <REP> d-------- C:\WINDOWS\system32\SYNC_1204581898_128620
2008-03-04 00:04 . 2008-03-04 00:04 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045818563544.exe
2008-03-03 23:33 . 2008-03-03 23:33 <REP> d-------- C:\WINDOWS\system32\SYNC_1204579995_100307
2008-03-03 23:32 . 2008-03-03 23:32 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045799756420.exe
2008-03-03 22:42 . 2008-03-03 22:42 <REP> d-------- C:\WINDOWS\system32\SYNC_1204576967_120155
2008-03-03 22:42 . 2008-03-03 22:42 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045769673135.exe
2008-03-03 22:14 . 2008-03-03 22:14 <REP> d-------- C:\WINDOWS\system32\SYNC_1204575291_109388
2008-03-03 22:14 . 2008-03-03 22:14 167,936 --a------ C:\WINDOWS\system32\securitycenter_12045752914211.exe
2008-03-03 21:56 . 2008-03-03 21:56 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045741593517.exe
2008-03-03 21:55 . 2008-03-03 21:55 <REP> d-------- C:\WINDOWS\system32\SYNC_1204574159_107913
2008-03-03 20:20 . 2008-03-03 20:20 <REP> d-------- C:\WINDOWS\system32\SYNC_1204568429_124985
2008-03-03 20:19 . 2008-03-03 20:19 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045683965153.exe
2008-03-03 15:29 . 2008-03-03 15:29 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550971_109410
2008-03-03 15:29 . 2008-03-03 15:29 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045509717427.exe
2008-03-03 15:26 . 2008-03-03 15:26 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550770_102965
2008-03-03 15:26 . 2008-03-03 15:26 20,480 --a------ C:\WINDOWS\system32\securitycenter_12045507708975.exe
2008-03-03 15:22 . 2008-03-03 15:22 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550576_103654
2008-03-03 15:22 . 2008-03-03 15:22 20,480 --a------ C:\WINDOWS\system32\securitycenter_12045505779950.exe
2008-03-03 00:40 . 2008-03-03 00:40 <REP> d-------- C:\WINDOWS\system32\SYNC_1204497600_123519
2008-03-03 00:40 . 2008-03-03 00:40 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044976011456.exe
2008-03-02 23:06 . 2008-03-02 23:06 <REP> d-------- C:\WINDOWS\system32\SYNC_1204492010_120729
2008-03-02 23:06 . 2008-03-02 23:06 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044920105163.exe
2008-03-02 22:52 . 2008-03-02 22:52 <REP> d-------- C:\WINDOWS\system32\SYNC_1204491127_123785
2008-03-02 22:52 . 2008-03-02 22:52 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044911289997.exe
2008-03-02 17:45 . 2008-03-02 17:45 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044727009444.exe
2008-03-02 17:42 . 2008-03-02 17:42 <REP> d-------- C:\WINDOWS\system32\SYNC_1204472534_115525
2008-03-02 17:29 . 2008-03-02 17:29 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044717889540.exe
2008-03-02 17:28 . 2008-03-02 17:28 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471705_131972
2008-03-02 17:25 . 2008-03-02 17:25 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044715421082.exe
2008-03-02 17:24 . 2008-03-02 17:24 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471440_127267
2008-03-02 17:18 . 2008-03-02 17:18 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044711154614.exe
2008-03-02 17:17 . 2008-03-02 17:17 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471038_115266
2008-03-02 17:14 . 2008-03-02 17:14 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044708621871.exe
2008-03-02 17:13 . 2008-03-02 17:13 <REP> d-------- C:\WINDOWS\system32\SYNC_1204470823_128833
2008-03-02 16:55 . 2008-03-02 16:55 <REP> d-------- C:\WINDOWS\system32\SYNC_1204469735_104270
2008-03-02 16:55 . 2008-03-02 16:55 20,480 --a------ C:\WINDOWS\system32\securitycenter_12044697549715.exe
2008-03-02 16:51 . 2008-03-02 16:51 <REP> d-------- C:\WINDOWS\system32\SYNC_1204469471_103517
2008-03-02 16:51 . 2008-03-02 16:51 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044694823193.exe
2008-03-02 16:23 . 2008-03-02 16:23 81,920 --a------ C:\WINDOWS\system32\securitycenter_12044677831125.exe
2008-03-02 16:22 . 2008-03-02 16:22 <REP> d-------- C:\WINDOWS\system32\SYNC_1204467778_128339
2008-03-02 16:17 . 2008-03-02 16:17 81,920 --a------ C:\WINDOWS\system32\securitycenter_12044674344205.exe
2008-03-02 16:08 . 2008-03-02 16:08 <REP> d-------- C:\WINDOWS\system32\SYNC_1204466892_127130
2008-03-02 16:02 . 2008-03-02 16:02 <REP> d-------- C:\WINDOWS\system32\SYNC_1204466557_113418
2008-03-02 16:01 . 2008-03-02 16:01 20,480 --a------ C:\WINDOWS\system32\securitycenter_12044664701002.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-27 18:55 --------- d-----w C:\Program Files\Mail PassView
2008-03-26 19:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-23 15:06 --------- d-----w C:\Program Files\Lavasoft
2008-03-22 21:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-15 21:19 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-15 19:42 --------- d-----w C:\Documents and Settings\jojo\Application Data\LimeWire
2008-03-09 01:33 --------- d-----w C:\Program Files\Fichiers communs\Softwin
2008-03-05 15:24 139,776 ----a-w C:\WINDOWS\Internet Logs\xDBDF.tmp
2008-03-05 13:14 --------- d-----w C:\Program Files\Softwin
2008-03-05 08:00 183,296 ----a-w C:\WINDOWS\Internet Logs\xDBDE.tmp
2008-03-05 07:54 44,424 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2008_03_05_08_54_18_small.dmp.zip
2008-02-28 12:12 38,817 ----a-w C:\report.zip
2008-02-19 00:01 --------- d-----w C:\Program Files\Azureus
2008-02-07 23:10 460,800 ----a-w C:\WINDOWS\Internet Logs\xDBDB.tmp
2008-02-07 23:10 1,497,088 ----a-w C:\WINDOWS\Internet Logs\xDBDD.tmp
2008-02-07 20:02 55,808 ----a-w C:\WINDOWS\Internet Logs\xDBDC.tmp
2008-02-07 19:28 75,264 ----a-w C:\WINDOWS\Internet Logs\xDBDA.tmp
2008-02-07 19:04 2,828,800 ----a-w C:\WINDOWS\Internet Logs\xDBFD.tmp
2008-02-07 19:04 1,494,016 ----a-w C:\WINDOWS\Internet Logs\xDBFE.tmp
2008-02-07 18:58 15,832,521 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2008_02_04_22_08_52_full.dmp.zip
2008-01-31 21:55 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018165109057.exe
2008-01-31 21:21 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018145089976.exe
2008-01-31 21:12 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018139505158.exe
2008-01-31 20:53 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018128301886.exe
2008-01-31 19:51 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018090926021.exe
2008-01-31 19:01 2,947,584 ----a-w C:\WINDOWS\Internet Logs\xDBD8.tmp
2008-01-31 19:01 1,523,200 ----a-w C:\WINDOWS\Internet Logs\xDBD9.tmp
2008-01-31 18:47 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018052305786.exe
2008-01-31 17:25 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018003514959.exe
2008-01-31 16:40 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017976288415.exe
2008-01-31 16:04 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017954461465.exe
2008-01-31 15:38 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017939063397.exe
2008-01-31 15:01 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017917077720.exe
2008-01-31 14:26 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017895824668.exe
2008-01-31 12:57 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017842623380.exe
2008-01-31 12:28 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017825341843.exe
2008-01-31 01:29 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017429769152.exe
2008-01-30 21:32 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017287318035.exe
2008-01-30 18:48 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017189306807.exe
2008-01-30 18:39 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017183776410.exe
2008-01-30 18:17 --------- d-----w C:\Program Files\SM
2008-01-30 18:10 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017166003684.exe
2008-01-30 18:06 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017164024767.exe
2008-01-30 17:59 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017159971504.exe
2008-01-30 17:48 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017153029994.exe
2008-01-30 17:27 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017140572423.exe
2008-01-30 14:28 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017033173635.exe
2008-01-30 14:13 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017024354471.exe
2008-01-30 14:11 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017023171727.exe
2008-01-30 14:10 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017022599678.exe
2008-01-30 12:50 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016974363696.exe
2008-01-30 12:37 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12016966721700.exe
2008-01-30 00:00 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016512538556.exe
2008-01-29 23:07 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016480258186.exe
2008-01-29 23:04 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016478766611.exe
2008-01-29 22:52 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016471303877.exe
2008-01-29 20:59 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12016403733953.exe
2008-01-29 20:08 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016373203736.exe
2008-01-29 20:04 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016370864498.exe
2008-01-28 00:47 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014812394814.exe
2008-01-27 20:39 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014663715909.exe
2008-01-27 20:07 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12014644545577.exe
2008-01-27 19:25 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12014619378781.exe
2008-01-27 19:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014607914255.exe
2008-01-27 19:03 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014606109922.exe
2008-01-27 18:33 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014588112107.exe
2008-01-27 18:12 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014575704388.exe
2008-01-27 17:56 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014565898920.exe
2008-01-26 21:46 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12013839722028.exe
2008-01-26 20:52 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013807753675.exe
2008-01-26 20:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013780087430.exe
2008-01-26 19:57 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013774617459.exe
2008-01-26 17:31 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013686888648.exe
2008-01-26 13:36 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013546101780.exe
2008-01-26 13:35 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013545531746.exe
2008-01-26 12:40 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013512408845.exe
2008-01-25 21:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012951994875.exe
2008-01-25 20:49 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12012941479721.exe
2008-01-25 19:41 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012900923749.exe
2008-01-24 20:53 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12012080145656.exe
2008-01-24 20:20 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012060277920.exe
2008-01-24 18:15 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011985531567.exe
2008-01-24 17:56 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011973933758.exe
2008-01-24 17:35 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011961332259.exe
2008-01-24 17:20 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011952312392.exe
2008-01-24 15:15 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011876994831.exe
2008-01-24 14:56 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011865738803.exe
2008-01-24 13:53 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011827939004.exe
2008-01-24 13:41 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011820696749.exe
2008-01-24 13:08 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011801067567.exe
2008-01-24 11:41 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011749052775.exe
2008-01-24 00:20 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011340293884.exe
2008-01-23 23:58 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011326905880.exe
2008-01-23 21:11 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011226681607.exe
2008-01-23 21:09 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011225575617.exe
2008-01-23 21:05 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011223045274.exe
2008-01-23 21:03 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011222216679.exe
2008-01-23 20:54 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011216713206.exe
2008-01-23 20:21 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011196877341.exe
2008-01-23 20:03 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011186208925.exe
2005-05-13 15:12 217,073 -csha-r C:\WINDOWS\meta4.exe
2005-10-24 09:13 66,560 -csha-r C:\WINDOWS\MOTA113.exe
2005-10-13 19:27 422,400 -csha-r C:\WINDOWS\x2.64.exe
2005-10-07 17:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
2005-07-14 10:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 13:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 20:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2007-02-03 15:07 8 --sha-r C:\WINDOWS\system32\D26A0750DE.sys
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2007-02-03 15:27 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2006-04-27 08:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.
------- Sigcheck -------
2005-03-02 20:20 578048 c34920eb988ce98910bd6b0417f334eb C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 17:50 579072 4d88aaf39adabfe45958ea1384e2c4ff C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
2004-08-05 05:00 578048 e46fb493e3b33704f0715020cf52106b C:\WINDOWS\$NtUninstallKB890859$\user32.dll
2005-03-02 20:10 578048 0df75fb73f705b011630159a43d7c354 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
2007-03-08 17:37 572928 2b49e0737444475873196b826ea3ae9e C:\WINDOWS\system32\user32.dll
2007-03-08 17:37 572928 2b49e0737444475873196b826ea3ae9e C:\WINDOWS\system32\dllcache\user32.dll
2007-06-13 15:22 3909632 6fece61be138e7cb78db573154dca5ca C:\WINDOWS\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-05 05:00 1884672 90e794c5d2d368686fe71b4a0354462c C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:22 3909632 6fece61be138e7cb78db573154dca5ca C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-03-29_22.25.24.81 )))))))))))))))))))))))))))))))))))))))))
.
- 2000-08-31 07:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
- 2000-08-31 07:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C0A7F9B4-5F16-0839-4EFB-B1A7ABDBDC3A}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [ ]
"Steam"="c:\valve\steam\steam.exe" [2007-12-31 18:36 1266936]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [ ]
"MSN Webcam Recorder"="C:\Program Files\MSN Webcam Recorder\ml20gui.exe" [2006-01-31 02:14 131072]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2005-08-31 20:27 1658592]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [ ]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29 165784]
"book ante"="C:\DOCUME~1\jojo\APPLIC~1\ELSEPL~1\AXISNEW.exe" [ ]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2006-10-09 11:28 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EoEngine"="C:\Program Files\EoRezo\EoEngine.exe" [ ]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-09-13 18:24 39424]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 18:19 15872]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 03:52 36975]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-06-05 21:34 77824]
"nwiz"="nwiz.exe" [2007-06-29 00:43 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-29 00:43 81920]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-29 00:43 8466432]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [ ]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"LVCOMS"="C:\WINDOWS\system32\LVCOMS.EXE" [ ]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\WINDOWS\KHALMNPR.Exe]
"ItsTV"="C:\Program Files\EoRezo\EoWeather\ItsTV.exe" [2007-04-26 17:19 2908160]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"EoWeather"="" []
"Centre de Sécurité Windows 1.20"="C:\WINDOWS\system32\DBR120\DXW1\services.exe" [2007-12-28 22:34 712704]
"Centre de Sécurité Windows 1.16"="C:\WINDOWS\system32\DBR116\DB1\services.exe" [2007-09-06 12:06 610304]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [ ]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
"AudioDeck"="C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe" [2006-11-02 16:57 528384]
"ATIPTA"="" []
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 12:01 88209 C:\WINDOWS\AGRSMMSG.exe]
"16ball32meta"="C:\Documents and Settings\All Users\Application Data\Realtwo16ball\memoeq.exe" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [ ]
"SDFix"="C:\DOCUME~1\ADMINI~1\Bureau\SDFix\RunThis.bat /second" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]
C:\Documents and Settings\jojo\Menu D‚marrer\Programmes\D‚marrage\
SM.lnk - C:\Program Files\SM\skymessnet.exe [2007-09-28 09:42:08 651264]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-09-23 11:10 143360 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zone Labs Client]
C:\WINDOWS\zonecl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
S1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys []
S2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-09-01 12:32]
S2 PPPoESupport;Support du transport PPPoE;"C:\WINDOWS\system32\DBR120\DXW2\svchost.exe" -service []
S2 Vcs;Vcs support;C:\WINDOWS\system32\Drivers\Vcs.sys [2002-12-10 09:11]
S3 DIGIRPS;Pilote PortServer Digi;C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-23 17:10]
S3 DMSKSSRh;DMSKSSRh;C:\DOCUME~1\jojo\LOCALS~1\Temp\DMSKSSRh.sys []
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 18:08]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 18:11]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 18:11]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 18:15]
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 p2psvc;Réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52da2faa-9b7d-11dc-b2c0-000d877c01b6}]
\Shell\AutoRun\command - start.exe
\Shell\iledefrance\command - start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ca45e12-fffc-11db-b26d-000d877c01b6}]
\Shell\AutoRun\command - L:\Installer.exe
*Newly Created Service* - LBEEPKE
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-25 07:30:38 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-25 15:01:38 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-30 14:48:37
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\tsd32.dll
.
Temps d'accomplissement: 2008-03-30 14:50:46
ComboFix-quarantined-files.txt 2008-03-30 12:50:19
ComboFix2.txt 2008-03-29 21:26:06
Pre-Run: 2,864,160,768 octets libres
Post-Run: 2,855,546,880 octets libres
.
2007-12-09 19:07:22 --- E O F ---
ComboFix 08-03-29.1 - jojo 2008-03-30 14:44:08.3 - NTFSx86 NETWORK
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.295 [GMT 2:00]
Endroit: C:\Documents and Settings\jojo\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
-- Script messages for sUBs --
VFind -tf "C:\WINDOWS\system32\insatll.~tmp"
((((((((((((((((((((((((((((( Fichiers créés 2008-02-28 to 2008-03-30 ))))))))))))))))))))))))))))))))))))
.
2008-03-29 22:53 . 2008-03-30 14:41 <REP> d-------- C:\Program Files\Navilog1
2008-03-27 19:59 . 2008-03-27 22:01 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-03-26 23:45 . 2008-03-26 23:46 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-26 22:01 . 2008-03-26 22:01 <REP> d-------- C:\Program Files\Trend Micro
2008-03-23 17:05 . 2008-03-23 18:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-23 17:00 . 2008-03-23 17:02 <REP> d-------- C:\WINDOWS\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2008-03-16 12:01 . 2008-03-16 12:01 <REP> d-------- C:\Documents and Settings\jojo\Application Data\Lavasoft
2008-03-15 23:58 . 2008-03-15 23:58 389 --a------ C:\WINDOWS\wininit.ini
2008-03-15 23:01 . 2008-03-15 23:01 691,545 --a------ C:\WINDOWS\unins000.exe
2008-03-15 23:01 . 2008-03-15 23:01 2,547 --a------ C:\WINDOWS\unins000.dat
2008-03-13 21:51 . 2008-03-30 14:31 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-09 19:22 . 2006-06-07 16:26 67,384 --a------ C:\WINDOWS\system32\drivers\btwusb.sys
2008-03-09 03:36 . 2008-03-09 03:36 <REP> d-------- C:\WINDOWS\system32\SYNC_1204845569_130904
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-03-09 03:35 . 2008-03-09 03:35 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2008-03-09 03:32 . 2008-03-09 03:32 <REP> d-------- C:\WINDOWS\system32\SYNC_1204718176_110556
2008-03-09 03:32 . 2008-03-09 03:32 <REP> d-------- C:\WINDOWS\system32\SYNC_1204661694_128184
2008-03-08 01:10 . 2005-05-27 09:31 22,016 --a------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2008-03-07 01:32 . 2008-03-19 16:21 <REP> d-------- C:\Documents and Settings\Administrateur\Contacts
2008-03-07 01:19 . 2008-03-07 01:19 16,384 --a------ C:\WINDOWS\system32\securitycenter_12048455695828.exe
2008-03-07 01:04 . 2008-03-07 01:04 <REP> d-------- C:\Documents and Settings\marie\Application Data\ItsLabel
2008-03-07 01:03 . 2008-03-07 01:03 <REP> d-------- C:\Documents and Settings\marie\Application Data\EoRezo
2008-03-07 00:29 . 2008-03-09 03:29 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-03-07 00:29 . 2008-03-09 03:35 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-03-07 00:29 . 2008-03-09 03:29 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-03-07 00:29 . 2008-03-26 23:48 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-03-05 15:45 . 2007-12-04 15:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-03-05 15:45 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-05 15:45 . 2007-12-04 14:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-03-05 15:45 . 2007-12-04 16:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-05 15:45 . 2007-12-04 16:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-03-05 15:45 . 2007-12-04 16:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-05 15:45 . 2007-12-04 16:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-05 15:45 . 2007-12-04 16:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-05 15:14 . 2008-03-05 15:14 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-03-05 15:10 . 2008-03-09 03:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-03-05 13:56 . 2008-03-05 13:56 16,384 --a------ C:\WINDOWS\system32\securitycenter_12047181766295.exe
2008-03-05 07:25 . 2008-03-05 07:25 <REP> d-------- C:\Documents and Settings\jojo\Application Data\ItsLabel
2008-03-05 01:47 . 2008-03-05 01:47 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046744568146.exe
2008-03-05 00:49 . 2008-03-23 15:48 <REP> d-------- C:\Program Files\EoRezo
2008-03-05 00:49 . 2008-03-23 15:48 <REP> d-------- C:\Documents and Settings\jojo\Application Data\EoRezo
2008-03-04 22:14 . 2008-03-04 22:14 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046616941941.exe
2008-03-04 16:00 . 2008-03-04 16:00 <REP> d-------- C:\WINDOWS\system32\SYNC_1204639246_103676
2008-03-04 16:00 . 2008-03-04 16:00 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046392462013.exe
2008-03-04 15:50 . 2008-03-04 15:50 <REP> d-------- C:\WINDOWS\system32\SYNC_1204638619_111107
2008-03-04 15:50 . 2008-03-04 15:50 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046386195649.exe
2008-03-04 14:56 . 2008-03-04 14:56 <REP> d-------- C:\WINDOWS\system32\SYNC_1204635378_127767
2008-03-04 14:56 . 2008-03-04 14:56 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046353789646.exe
2008-03-04 14:52 . 2008-03-04 14:52 <REP> d-------- C:\WINDOWS\system32\SYNC_1204635174_119733
2008-03-04 14:52 . 2008-03-04 14:52 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046351745578.exe
2008-03-04 00:23 . 2008-03-04 00:23 <REP> d-------- C:\WINDOWS\system32\SYNC_1204583012_102610
2008-03-04 00:23 . 2008-03-04 00:23 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045830124364.exe
2008-03-04 00:04 . 2008-03-04 00:04 <REP> d-------- C:\WINDOWS\system32\SYNC_1204581898_128620
2008-03-04 00:04 . 2008-03-04 00:04 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045818563544.exe
2008-03-03 23:33 . 2008-03-03 23:33 <REP> d-------- C:\WINDOWS\system32\SYNC_1204579995_100307
2008-03-03 23:32 . 2008-03-03 23:32 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045799756420.exe
2008-03-03 22:42 . 2008-03-03 22:42 <REP> d-------- C:\WINDOWS\system32\SYNC_1204576967_120155
2008-03-03 22:42 . 2008-03-03 22:42 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045769673135.exe
2008-03-03 22:14 . 2008-03-03 22:14 <REP> d-------- C:\WINDOWS\system32\SYNC_1204575291_109388
2008-03-03 22:14 . 2008-03-03 22:14 167,936 --a------ C:\WINDOWS\system32\securitycenter_12045752914211.exe
2008-03-03 21:56 . 2008-03-03 21:56 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045741593517.exe
2008-03-03 21:55 . 2008-03-03 21:55 <REP> d-------- C:\WINDOWS\system32\SYNC_1204574159_107913
2008-03-03 20:20 . 2008-03-03 20:20 <REP> d-------- C:\WINDOWS\system32\SYNC_1204568429_124985
2008-03-03 20:19 . 2008-03-03 20:19 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045683965153.exe
2008-03-03 15:29 . 2008-03-03 15:29 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550971_109410
2008-03-03 15:29 . 2008-03-03 15:29 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045509717427.exe
2008-03-03 15:26 . 2008-03-03 15:26 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550770_102965
2008-03-03 15:26 . 2008-03-03 15:26 20,480 --a------ C:\WINDOWS\system32\securitycenter_12045507708975.exe
2008-03-03 15:22 . 2008-03-03 15:22 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550576_103654
2008-03-03 15:22 . 2008-03-03 15:22 20,480 --a------ C:\WINDOWS\system32\securitycenter_12045505779950.exe
2008-03-03 00:40 . 2008-03-03 00:40 <REP> d-------- C:\WINDOWS\system32\SYNC_1204497600_123519
2008-03-03 00:40 . 2008-03-03 00:40 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044976011456.exe
2008-03-02 23:06 . 2008-03-02 23:06 <REP> d-------- C:\WINDOWS\system32\SYNC_1204492010_120729
2008-03-02 23:06 . 2008-03-02 23:06 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044920105163.exe
2008-03-02 22:52 . 2008-03-02 22:52 <REP> d-------- C:\WINDOWS\system32\SYNC_1204491127_123785
2008-03-02 22:52 . 2008-03-02 22:52 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044911289997.exe
2008-03-02 17:45 . 2008-03-02 17:45 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044727009444.exe
2008-03-02 17:42 . 2008-03-02 17:42 <REP> d-------- C:\WINDOWS\system32\SYNC_1204472534_115525
2008-03-02 17:29 . 2008-03-02 17:29 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044717889540.exe
2008-03-02 17:28 . 2008-03-02 17:28 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471705_131972
2008-03-02 17:25 . 2008-03-02 17:25 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044715421082.exe
2008-03-02 17:24 . 2008-03-02 17:24 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471440_127267
2008-03-02 17:18 . 2008-03-02 17:18 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044711154614.exe
2008-03-02 17:17 . 2008-03-02 17:17 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471038_115266
2008-03-02 17:14 . 2008-03-02 17:14 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044708621871.exe
2008-03-02 17:13 . 2008-03-02 17:13 <REP> d-------- C:\WINDOWS\system32\SYNC_1204470823_128833
2008-03-02 16:55 . 2008-03-02 16:55 <REP> d-------- C:\WINDOWS\system32\SYNC_1204469735_104270
2008-03-02 16:55 . 2008-03-02 16:55 20,480 --a------ C:\WINDOWS\system32\securitycenter_12044697549715.exe
2008-03-02 16:51 . 2008-03-02 16:51 <REP> d-------- C:\WINDOWS\system32\SYNC_1204469471_103517
2008-03-02 16:51 . 2008-03-02 16:51 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044694823193.exe
2008-03-02 16:23 . 2008-03-02 16:23 81,920 --a------ C:\WINDOWS\system32\securitycenter_12044677831125.exe
2008-03-02 16:22 . 2008-03-02 16:22 <REP> d-------- C:\WINDOWS\system32\SYNC_1204467778_128339
2008-03-02 16:17 . 2008-03-02 16:17 81,920 --a------ C:\WINDOWS\system32\securitycenter_12044674344205.exe
2008-03-02 16:08 . 2008-03-02 16:08 <REP> d-------- C:\WINDOWS\system32\SYNC_1204466892_127130
2008-03-02 16:02 . 2008-03-02 16:02 <REP> d-------- C:\WINDOWS\system32\SYNC_1204466557_113418
2008-03-02 16:01 . 2008-03-02 16:01 20,480 --a------ C:\WINDOWS\system32\securitycenter_12044664701002.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-27 18:55 --------- d-----w C:\Program Files\Mail PassView
2008-03-26 19:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-23 15:06 --------- d-----w C:\Program Files\Lavasoft
2008-03-22 21:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-15 21:19 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-15 19:42 --------- d-----w C:\Documents and Settings\jojo\Application Data\LimeWire
2008-03-09 01:33 --------- d-----w C:\Program Files\Fichiers communs\Softwin
2008-03-05 15:24 139,776 ----a-w C:\WINDOWS\Internet Logs\xDBDF.tmp
2008-03-05 13:14 --------- d-----w C:\Program Files\Softwin
2008-03-05 08:00 183,296 ----a-w C:\WINDOWS\Internet Logs\xDBDE.tmp
2008-03-05 07:54 44,424 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2008_03_05_08_54_18_small.dmp.zip
2008-02-28 12:12 38,817 ----a-w C:\report.zip
2008-02-19 00:01 --------- d-----w C:\Program Files\Azureus
2008-02-07 23:10 460,800 ----a-w C:\WINDOWS\Internet Logs\xDBDB.tmp
2008-02-07 23:10 1,497,088 ----a-w C:\WINDOWS\Internet Logs\xDBDD.tmp
2008-02-07 20:02 55,808 ----a-w C:\WINDOWS\Internet Logs\xDBDC.tmp
2008-02-07 19:28 75,264 ----a-w C:\WINDOWS\Internet Logs\xDBDA.tmp
2008-02-07 19:04 2,828,800 ----a-w C:\WINDOWS\Internet Logs\xDBFD.tmp
2008-02-07 19:04 1,494,016 ----a-w C:\WINDOWS\Internet Logs\xDBFE.tmp
2008-02-07 18:58 15,832,521 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2008_02_04_22_08_52_full.dmp.zip
2008-01-31 21:55 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018165109057.exe
2008-01-31 21:21 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018145089976.exe
2008-01-31 21:12 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018139505158.exe
2008-01-31 20:53 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018128301886.exe
2008-01-31 19:51 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018090926021.exe
2008-01-31 19:01 2,947,584 ----a-w C:\WINDOWS\Internet Logs\xDBD8.tmp
2008-01-31 19:01 1,523,200 ----a-w C:\WINDOWS\Internet Logs\xDBD9.tmp
2008-01-31 18:47 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018052305786.exe
2008-01-31 17:25 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018003514959.exe
2008-01-31 16:40 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017976288415.exe
2008-01-31 16:04 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017954461465.exe
2008-01-31 15:38 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017939063397.exe
2008-01-31 15:01 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017917077720.exe
2008-01-31 14:26 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017895824668.exe
2008-01-31 12:57 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017842623380.exe
2008-01-31 12:28 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017825341843.exe
2008-01-31 01:29 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017429769152.exe
2008-01-30 21:32 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017287318035.exe
2008-01-30 18:48 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017189306807.exe
2008-01-30 18:39 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017183776410.exe
2008-01-30 18:17 --------- d-----w C:\Program Files\SM
2008-01-30 18:10 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017166003684.exe
2008-01-30 18:06 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017164024767.exe
2008-01-30 17:59 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017159971504.exe
2008-01-30 17:48 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017153029994.exe
2008-01-30 17:27 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017140572423.exe
2008-01-30 14:28 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017033173635.exe
2008-01-30 14:13 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017024354471.exe
2008-01-30 14:11 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017023171727.exe
2008-01-30 14:10 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017022599678.exe
2008-01-30 12:50 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016974363696.exe
2008-01-30 12:37 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12016966721700.exe
2008-01-30 00:00 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016512538556.exe
2008-01-29 23:07 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016480258186.exe
2008-01-29 23:04 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016478766611.exe
2008-01-29 22:52 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016471303877.exe
2008-01-29 20:59 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12016403733953.exe
2008-01-29 20:08 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016373203736.exe
2008-01-29 20:04 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016370864498.exe
2008-01-28 00:47 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014812394814.exe
2008-01-27 20:39 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014663715909.exe
2008-01-27 20:07 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12014644545577.exe
2008-01-27 19:25 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12014619378781.exe
2008-01-27 19:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014607914255.exe
2008-01-27 19:03 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014606109922.exe
2008-01-27 18:33 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014588112107.exe
2008-01-27 18:12 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014575704388.exe
2008-01-27 17:56 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014565898920.exe
2008-01-26 21:46 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12013839722028.exe
2008-01-26 20:52 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013807753675.exe
2008-01-26 20:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013780087430.exe
2008-01-26 19:57 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013774617459.exe
2008-01-26 17:31 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013686888648.exe
2008-01-26 13:36 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013546101780.exe
2008-01-26 13:35 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013545531746.exe
2008-01-26 12:40 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013512408845.exe
2008-01-25 21:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012951994875.exe
2008-01-25 20:49 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12012941479721.exe
2008-01-25 19:41 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012900923749.exe
2008-01-24 20:53 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12012080145656.exe
2008-01-24 20:20 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012060277920.exe
2008-01-24 18:15 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011985531567.exe
2008-01-24 17:56 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011973933758.exe
2008-01-24 17:35 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011961332259.exe
2008-01-24 17:20 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011952312392.exe
2008-01-24 15:15 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011876994831.exe
2008-01-24 14:56 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011865738803.exe
2008-01-24 13:53 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011827939004.exe
2008-01-24 13:41 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011820696749.exe
2008-01-24 13:08 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011801067567.exe
2008-01-24 11:41 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011749052775.exe
2008-01-24 00:20 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011340293884.exe
2008-01-23 23:58 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011326905880.exe
2008-01-23 21:11 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011226681607.exe
2008-01-23 21:09 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011225575617.exe
2008-01-23 21:05 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011223045274.exe
2008-01-23 21:03 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011222216679.exe
2008-01-23 20:54 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011216713206.exe
2008-01-23 20:21 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011196877341.exe
2008-01-23 20:03 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011186208925.exe
2005-05-13 15:12 217,073 -csha-r C:\WINDOWS\meta4.exe
2005-10-24 09:13 66,560 -csha-r C:\WINDOWS\MOTA113.exe
2005-10-13 19:27 422,400 -csha-r C:\WINDOWS\x2.64.exe
2005-10-07 17:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
2005-07-14 10:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 13:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 20:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2007-02-03 15:07 8 --sha-r C:\WINDOWS\system32\D26A0750DE.sys
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2007-02-03 15:27 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2006-04-27 08:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.
------- Sigcheck -------
2005-03-02 20:20 578048 c34920eb988ce98910bd6b0417f334eb C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 17:50 579072 4d88aaf39adabfe45958ea1384e2c4ff C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
2004-08-05 05:00 578048 e46fb493e3b33704f0715020cf52106b C:\WINDOWS\$NtUninstallKB890859$\user32.dll
2005-03-02 20:10 578048 0df75fb73f705b011630159a43d7c354 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
2007-03-08 17:37 572928 2b49e0737444475873196b826ea3ae9e C:\WINDOWS\system32\user32.dll
2007-03-08 17:37 572928 2b49e0737444475873196b826ea3ae9e C:\WINDOWS\system32\dllcache\user32.dll
2007-06-13 15:22 3909632 6fece61be138e7cb78db573154dca5ca C:\WINDOWS\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-05 05:00 1884672 90e794c5d2d368686fe71b4a0354462c C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:22 3909632 6fece61be138e7cb78db573154dca5ca C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-03-29_22.25.24.81 )))))))))))))))))))))))))))))))))))))))))
.
- 2000-08-31 07:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
- 2000-08-31 07:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C0A7F9B4-5F16-0839-4EFB-B1A7ABDBDC3A}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [ ]
"Steam"="c:\valve\steam\steam.exe" [2007-12-31 18:36 1266936]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [ ]
"MSN Webcam Recorder"="C:\Program Files\MSN Webcam Recorder\ml20gui.exe" [2006-01-31 02:14 131072]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2005-08-31 20:27 1658592]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [ ]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29 165784]
"book ante"="C:\DOCUME~1\jojo\APPLIC~1\ELSEPL~1\AXISNEW.exe" [ ]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2006-10-09 11:28 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EoEngine"="C:\Program Files\EoRezo\EoEngine.exe" [ ]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-09-13 18:24 39424]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 18:19 15872]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 03:52 36975]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-06-05 21:34 77824]
"nwiz"="nwiz.exe" [2007-06-29 00:43 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-29 00:43 81920]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-29 00:43 8466432]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [ ]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"LVCOMS"="C:\WINDOWS\system32\LVCOMS.EXE" [ ]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\WINDOWS\KHALMNPR.Exe]
"ItsTV"="C:\Program Files\EoRezo\EoWeather\ItsTV.exe" [2007-04-26 17:19 2908160]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"EoWeather"="" []
"Centre de Sécurité Windows 1.20"="C:\WINDOWS\system32\DBR120\DXW1\services.exe" [2007-12-28 22:34 712704]
"Centre de Sécurité Windows 1.16"="C:\WINDOWS\system32\DBR116\DB1\services.exe" [2007-09-06 12:06 610304]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [ ]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
"AudioDeck"="C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe" [2006-11-02 16:57 528384]
"ATIPTA"="" []
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 12:01 88209 C:\WINDOWS\AGRSMMSG.exe]
"16ball32meta"="C:\Documents and Settings\All Users\Application Data\Realtwo16ball\memoeq.exe" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [ ]
"SDFix"="C:\DOCUME~1\ADMINI~1\Bureau\SDFix\RunThis.bat /second" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]
C:\Documents and Settings\jojo\Menu D‚marrer\Programmes\D‚marrage\
SM.lnk - C:\Program Files\SM\skymessnet.exe [2007-09-28 09:42:08 651264]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-09-23 11:10 143360 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zone Labs Client]
C:\WINDOWS\zonecl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
S1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys []
S2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-09-01 12:32]
S2 PPPoESupport;Support du transport PPPoE;"C:\WINDOWS\system32\DBR120\DXW2\svchost.exe" -service []
S2 Vcs;Vcs support;C:\WINDOWS\system32\Drivers\Vcs.sys [2002-12-10 09:11]
S3 DIGIRPS;Pilote PortServer Digi;C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-23 17:10]
S3 DMSKSSRh;DMSKSSRh;C:\DOCUME~1\jojo\LOCALS~1\Temp\DMSKSSRh.sys []
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 18:08]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 18:11]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 18:11]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 18:15]
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 p2psvc;Réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52da2faa-9b7d-11dc-b2c0-000d877c01b6}]
\Shell\AutoRun\command - start.exe
\Shell\iledefrance\command - start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ca45e12-fffc-11db-b26d-000d877c01b6}]
\Shell\AutoRun\command - L:\Installer.exe
*Newly Created Service* - LBEEPKE
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-25 07:30:38 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-25 15:01:38 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
.
*******************************************
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.295 [GMT 2:00]
Endroit: C:\Documents and Settings\jojo\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
-- Script messages for sUBs --
VFind -tf "C:\WINDOWS\system32\insatll.~tmp"
((((((((((((((((((((((((((((( Fichiers créés 2008-02-28 to 2008-03-30 ))))))))))))))))))))))))))))))))))))
.
2008-03-29 22:53 . 2008-03-30 14:41 <REP> d-------- C:\Program Files\Navilog1
2008-03-27 19:59 . 2008-03-27 22:01 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-03-26 23:45 . 2008-03-26 23:46 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-26 22:01 . 2008-03-26 22:01 <REP> d-------- C:\Program Files\Trend Micro
2008-03-23 17:05 . 2008-03-23 18:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-23 17:00 . 2008-03-23 17:02 <REP> d-------- C:\WINDOWS\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2008-03-16 12:01 . 2008-03-16 12:01 <REP> d-------- C:\Documents and Settings\jojo\Application Data\Lavasoft
2008-03-15 23:58 . 2008-03-15 23:58 389 --a------ C:\WINDOWS\wininit.ini
2008-03-15 23:01 . 2008-03-15 23:01 691,545 --a------ C:\WINDOWS\unins000.exe
2008-03-15 23:01 . 2008-03-15 23:01 2,547 --a------ C:\WINDOWS\unins000.dat
2008-03-13 21:51 . 2008-03-30 14:31 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-09 19:22 . 2006-06-07 16:26 67,384 --a------ C:\WINDOWS\system32\drivers\btwusb.sys
2008-03-09 03:36 . 2008-03-09 03:36 <REP> d-------- C:\WINDOWS\system32\SYNC_1204845569_130904
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-03-09 03:35 . 2008-03-09 03:35 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2008-03-09 03:32 . 2008-03-09 03:32 <REP> d-------- C:\WINDOWS\system32\SYNC_1204718176_110556
2008-03-09 03:32 . 2008-03-09 03:32 <REP> d-------- C:\WINDOWS\system32\SYNC_1204661694_128184
2008-03-08 01:10 . 2005-05-27 09:31 22,016 --a------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2008-03-07 01:32 . 2008-03-19 16:21 <REP> d-------- C:\Documents and Settings\Administrateur\Contacts
2008-03-07 01:19 . 2008-03-07 01:19 16,384 --a------ C:\WINDOWS\system32\securitycenter_12048455695828.exe
2008-03-07 01:04 . 2008-03-07 01:04 <REP> d-------- C:\Documents and Settings\marie\Application Data\ItsLabel
2008-03-07 01:03 . 2008-03-07 01:03 <REP> d-------- C:\Documents and Settings\marie\Application Data\EoRezo
2008-03-07 00:29 . 2008-03-09 03:29 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-03-07 00:29 . 2008-03-09 03:35 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-03-07 00:29 . 2008-03-09 03:29 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-03-07 00:29 . 2008-03-26 23:48 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-03-05 15:45 . 2007-12-04 15:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-03-05 15:45 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-05 15:45 . 2007-12-04 14:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-03-05 15:45 . 2007-12-04 16:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-05 15:45 . 2007-12-04 16:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-03-05 15:45 . 2007-12-04 16:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-05 15:45 . 2007-12-04 16:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-05 15:45 . 2007-12-04 16:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-05 15:14 . 2008-03-05 15:14 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-03-05 15:10 . 2008-03-09 03:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-03-05 13:56 . 2008-03-05 13:56 16,384 --a------ C:\WINDOWS\system32\securitycenter_12047181766295.exe
2008-03-05 07:25 . 2008-03-05 07:25 <REP> d-------- C:\Documents and Settings\jojo\Application Data\ItsLabel
2008-03-05 01:47 . 2008-03-05 01:47 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046744568146.exe
2008-03-05 00:49 . 2008-03-23 15:48 <REP> d-------- C:\Program Files\EoRezo
2008-03-05 00:49 . 2008-03-23 15:48 <REP> d-------- C:\Documents and Settings\jojo\Application Data\EoRezo
2008-03-04 22:14 . 2008-03-04 22:14 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046616941941.exe
2008-03-04 16:00 . 2008-03-04 16:00 <REP> d-------- C:\WINDOWS\system32\SYNC_1204639246_103676
2008-03-04 16:00 . 2008-03-04 16:00 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046392462013.exe
2008-03-04 15:50 . 2008-03-04 15:50 <REP> d-------- C:\WINDOWS\system32\SYNC_1204638619_111107
2008-03-04 15:50 . 2008-03-04 15:50 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046386195649.exe
2008-03-04 14:56 . 2008-03-04 14:56 <REP> d-------- C:\WINDOWS\system32\SYNC_1204635378_127767
2008-03-04 14:56 . 2008-03-04 14:56 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046353789646.exe
2008-03-04 14:52 . 2008-03-04 14:52 <REP> d-------- C:\WINDOWS\system32\SYNC_1204635174_119733
2008-03-04 14:52 . 2008-03-04 14:52 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046351745578.exe
2008-03-04 00:23 . 2008-03-04 00:23 <REP> d-------- C:\WINDOWS\system32\SYNC_1204583012_102610
2008-03-04 00:23 . 2008-03-04 00:23 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045830124364.exe
2008-03-04 00:04 . 2008-03-04 00:04 <REP> d-------- C:\WINDOWS\system32\SYNC_1204581898_128620
2008-03-04 00:04 . 2008-03-04 00:04 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045818563544.exe
2008-03-03 23:33 . 2008-03-03 23:33 <REP> d-------- C:\WINDOWS\system32\SYNC_1204579995_100307
2008-03-03 23:32 . 2008-03-03 23:32 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045799756420.exe
2008-03-03 22:42 . 2008-03-03 22:42 <REP> d-------- C:\WINDOWS\system32\SYNC_1204576967_120155
2008-03-03 22:42 . 2008-03-03 22:42 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045769673135.exe
2008-03-03 22:14 . 2008-03-03 22:14 <REP> d-------- C:\WINDOWS\system32\SYNC_1204575291_109388
2008-03-03 22:14 . 2008-03-03 22:14 167,936 --a------ C:\WINDOWS\system32\securitycenter_12045752914211.exe
2008-03-03 21:56 . 2008-03-03 21:56 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045741593517.exe
2008-03-03 21:55 . 2008-03-03 21:55 <REP> d-------- C:\WINDOWS\system32\SYNC_1204574159_107913
2008-03-03 20:20 . 2008-03-03 20:20 <REP> d-------- C:\WINDOWS\system32\SYNC_1204568429_124985
2008-03-03 20:19 . 2008-03-03 20:19 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045683965153.exe
2008-03-03 15:29 . 2008-03-03 15:29 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550971_109410
2008-03-03 15:29 . 2008-03-03 15:29 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045509717427.exe
2008-03-03 15:26 . 2008-03-03 15:26 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550770_102965
2008-03-03 15:26 . 2008-03-03 15:26 20,480 --a------ C:\WINDOWS\system32\securitycenter_12045507708975.exe
2008-03-03 15:22 . 2008-03-03 15:22 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550576_103654
2008-03-03 15:22 . 2008-03-03 15:22 20,480 --a------ C:\WINDOWS\system32\securitycenter_12045505779950.exe
2008-03-03 00:40 . 2008-03-03 00:40 <REP> d-------- C:\WINDOWS\system32\SYNC_1204497600_123519
2008-03-03 00:40 . 2008-03-03 00:40 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044976011456.exe
2008-03-02 23:06 . 2008-03-02 23:06 <REP> d-------- C:\WINDOWS\system32\SYNC_1204492010_120729
2008-03-02 23:06 . 2008-03-02 23:06 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044920105163.exe
2008-03-02 22:52 . 2008-03-02 22:52 <REP> d-------- C:\WINDOWS\system32\SYNC_1204491127_123785
2008-03-02 22:52 . 2008-03-02 22:52 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044911289997.exe
2008-03-02 17:45 . 2008-03-02 17:45 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044727009444.exe
2008-03-02 17:42 . 2008-03-02 17:42 <REP> d-------- C:\WINDOWS\system32\SYNC_1204472534_115525
2008-03-02 17:29 . 2008-03-02 17:29 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044717889540.exe
2008-03-02 17:28 . 2008-03-02 17:28 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471705_131972
2008-03-02 17:25 . 2008-03-02 17:25 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044715421082.exe
2008-03-02 17:24 . 2008-03-02 17:24 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471440_127267
2008-03-02 17:18 . 2008-03-02 17:18 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044711154614.exe
2008-03-02 17:17 . 2008-03-02 17:17 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471038_115266
2008-03-02 17:14 . 2008-03-02 17:14 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044708621871.exe
2008-03-02 17:13 . 2008-03-02 17:13 <REP> d-------- C:\WINDOWS\system32\SYNC_1204470823_128833
2008-03-02 16:55 . 2008-03-02 16:55 <REP> d-------- C:\WINDOWS\system32\SYNC_1204469735_104270
2008-03-02 16:55 . 2008-03-02 16:55 20,480 --a------ C:\WINDOWS\system32\securitycenter_12044697549715.exe
2008-03-02 16:51 . 2008-03-02 16:51 <REP> d-------- C:\WINDOWS\system32\SYNC_1204469471_103517
2008-03-02 16:51 . 2008-03-02 16:51 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044694823193.exe
2008-03-02 16:23 . 2008-03-02 16:23 81,920 --a------ C:\WINDOWS\system32\securitycenter_12044677831125.exe
2008-03-02 16:22 . 2008-03-02 16:22 <REP> d-------- C:\WINDOWS\system32\SYNC_1204467778_128339
2008-03-02 16:17 . 2008-03-02 16:17 81,920 --a------ C:\WINDOWS\system32\securitycenter_12044674344205.exe
2008-03-02 16:08 . 2008-03-02 16:08 <REP> d-------- C:\WINDOWS\system32\SYNC_1204466892_127130
2008-03-02 16:02 . 2008-03-02 16:02 <REP> d-------- C:\WINDOWS\system32\SYNC_1204466557_113418
2008-03-02 16:01 . 2008-03-02 16:01 20,480 --a------ C:\WINDOWS\system32\securitycenter_12044664701002.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-27 18:55 --------- d-----w C:\Program Files\Mail PassView
2008-03-26 19:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-23 15:06 --------- d-----w C:\Program Files\Lavasoft
2008-03-22 21:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-15 21:19 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-15 19:42 --------- d-----w C:\Documents and Settings\jojo\Application Data\LimeWire
2008-03-09 01:33 --------- d-----w C:\Program Files\Fichiers communs\Softwin
2008-03-05 15:24 139,776 ----a-w C:\WINDOWS\Internet Logs\xDBDF.tmp
2008-03-05 13:14 --------- d-----w C:\Program Files\Softwin
2008-03-05 08:00 183,296 ----a-w C:\WINDOWS\Internet Logs\xDBDE.tmp
2008-03-05 07:54 44,424 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2008_03_05_08_54_18_small.dmp.zip
2008-02-28 12:12 38,817 ----a-w C:\report.zip
2008-02-19 00:01 --------- d-----w C:\Program Files\Azureus
2008-02-07 23:10 460,800 ----a-w C:\WINDOWS\Internet Logs\xDBDB.tmp
2008-02-07 23:10 1,497,088 ----a-w C:\WINDOWS\Internet Logs\xDBDD.tmp
2008-02-07 20:02 55,808 ----a-w C:\WINDOWS\Internet Logs\xDBDC.tmp
2008-02-07 19:28 75,264 ----a-w C:\WINDOWS\Internet Logs\xDBDA.tmp
2008-02-07 19:04 2,828,800 ----a-w C:\WINDOWS\Internet Logs\xDBFD.tmp
2008-02-07 19:04 1,494,016 ----a-w C:\WINDOWS\Internet Logs\xDBFE.tmp
2008-02-07 18:58 15,832,521 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2008_02_04_22_08_52_full.dmp.zip
2008-01-31 21:55 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018165109057.exe
2008-01-31 21:21 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018145089976.exe
2008-01-31 21:12 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018139505158.exe
2008-01-31 20:53 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018128301886.exe
2008-01-31 19:51 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018090926021.exe
2008-01-31 19:01 2,947,584 ----a-w C:\WINDOWS\Internet Logs\xDBD8.tmp
2008-01-31 19:01 1,523,200 ----a-w C:\WINDOWS\Internet Logs\xDBD9.tmp
2008-01-31 18:47 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018052305786.exe
2008-01-31 17:25 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018003514959.exe
2008-01-31 16:40 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017976288415.exe
2008-01-31 16:04 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017954461465.exe
2008-01-31 15:38 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017939063397.exe
2008-01-31 15:01 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017917077720.exe
2008-01-31 14:26 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017895824668.exe
2008-01-31 12:57 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017842623380.exe
2008-01-31 12:28 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017825341843.exe
2008-01-31 01:29 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017429769152.exe
2008-01-30 21:32 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017287318035.exe
2008-01-30 18:48 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017189306807.exe
2008-01-30 18:39 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017183776410.exe
2008-01-30 18:17 --------- d-----w C:\Program Files\SM
2008-01-30 18:10 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017166003684.exe
2008-01-30 18:06 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017164024767.exe
2008-01-30 17:59 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017159971504.exe
2008-01-30 17:48 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017153029994.exe
2008-01-30 17:27 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017140572423.exe
2008-01-30 14:28 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017033173635.exe
2008-01-30 14:13 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017024354471.exe
2008-01-30 14:11 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017023171727.exe
2008-01-30 14:10 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017022599678.exe
2008-01-30 12:50 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016974363696.exe
2008-01-30 12:37 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12016966721700.exe
2008-01-30 00:00 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016512538556.exe
2008-01-29 23:07 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016480258186.exe
2008-01-29 23:04 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016478766611.exe
2008-01-29 22:52 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016471303877.exe
2008-01-29 20:59 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12016403733953.exe
2008-01-29 20:08 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016373203736.exe
2008-01-29 20:04 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016370864498.exe
2008-01-28 00:47 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014812394814.exe
2008-01-27 20:39 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014663715909.exe
2008-01-27 20:07 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12014644545577.exe
2008-01-27 19:25 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12014619378781.exe
2008-01-27 19:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014607914255.exe
2008-01-27 19:03 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014606109922.exe
2008-01-27 18:33 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014588112107.exe
2008-01-27 18:12 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014575704388.exe
2008-01-27 17:56 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014565898920.exe
2008-01-26 21:46 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12013839722028.exe
2008-01-26 20:52 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013807753675.exe
2008-01-26 20:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013780087430.exe
2008-01-26 19:57 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013774617459.exe
2008-01-26 17:31 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013686888648.exe
2008-01-26 13:36 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013546101780.exe
2008-01-26 13:35 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013545531746.exe
2008-01-26 12:40 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013512408845.exe
2008-01-25 21:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012951994875.exe
2008-01-25 20:49 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12012941479721.exe
2008-01-25 19:41 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012900923749.exe
2008-01-24 20:53 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12012080145656.exe
2008-01-24 20:20 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012060277920.exe
2008-01-24 18:15 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011985531567.exe
2008-01-24 17:56 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011973933758.exe
2008-01-24 17:35 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011961332259.exe
2008-01-24 17:20 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011952312392.exe
2008-01-24 15:15 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011876994831.exe
2008-01-24 14:56 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011865738803.exe
2008-01-24 13:53 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011827939004.exe
2008-01-24 13:41 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011820696749.exe
2008-01-24 13:08 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011801067567.exe
2008-01-24 11:41 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011749052775.exe
2008-01-24 00:20 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011340293884.exe
2008-01-23 23:58 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011326905880.exe
2008-01-23 21:11 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011226681607.exe
2008-01-23 21:09 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011225575617.exe
2008-01-23 21:05 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011223045274.exe
2008-01-23 21:03 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011222216679.exe
2008-01-23 20:54 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011216713206.exe
2008-01-23 20:21 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011196877341.exe
2008-01-23 20:03 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011186208925.exe
2005-05-13 15:12 217,073 -csha-r C:\WINDOWS\meta4.exe
2005-10-24 09:13 66,560 -csha-r C:\WINDOWS\MOTA113.exe
2005-10-13 19:27 422,400 -csha-r C:\WINDOWS\x2.64.exe
2005-10-07 17:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
2005-07-14 10:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 13:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 20:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2007-02-03 15:07 8 --sha-r C:\WINDOWS\system32\D26A0750DE.sys
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2007-02-03 15:27 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2006-04-27 08:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.
------- Sigcheck -------
2005-03-02 20:20 578048 c34920eb988ce98910bd6b0417f334eb C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 17:50 579072 4d88aaf39adabfe45958ea1384e2c4ff C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
2004-08-05 05:00 578048 e46fb493e3b33704f0715020cf52106b C:\WINDOWS\$NtUninstallKB890859$\user32.dll
2005-03-02 20:10 578048 0df75fb73f705b011630159a43d7c354 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
2007-03-08 17:37 572928 2b49e0737444475873196b826ea3ae9e C:\WINDOWS\system32\user32.dll
2007-03-08 17:37 572928 2b49e0737444475873196b826ea3ae9e C:\WINDOWS\system32\dllcache\user32.dll
2007-06-13 15:22 3909632 6fece61be138e7cb78db573154dca5ca C:\WINDOWS\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-05 05:00 1884672 90e794c5d2d368686fe71b4a0354462c C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:22 3909632 6fece61be138e7cb78db573154dca5ca C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-03-29_22.25.24.81 )))))))))))))))))))))))))))))))))))))))))
.
- 2000-08-31 07:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
- 2000-08-31 07:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C0A7F9B4-5F16-0839-4EFB-B1A7ABDBDC3A}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [ ]
"Steam"="c:\valve\steam\steam.exe" [2007-12-31 18:36 1266936]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [ ]
"MSN Webcam Recorder"="C:\Program Files\MSN Webcam Recorder\ml20gui.exe" [2006-01-31 02:14 131072]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2005-08-31 20:27 1658592]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [ ]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29 165784]
"book ante"="C:\DOCUME~1\jojo\APPLIC~1\ELSEPL~1\AXISNEW.exe" [ ]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2006-10-09 11:28 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EoEngine"="C:\Program Files\EoRezo\EoEngine.exe" [ ]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-09-13 18:24 39424]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 18:19 15872]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 03:52 36975]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-06-05 21:34 77824]
"nwiz"="nwiz.exe" [2007-06-29 00:43 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-29 00:43 81920]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-29 00:43 8466432]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [ ]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"LVCOMS"="C:\WINDOWS\system32\LVCOMS.EXE" [ ]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\WINDOWS\KHALMNPR.Exe]
"ItsTV"="C:\Program Files\EoRezo\EoWeather\ItsTV.exe" [2007-04-26 17:19 2908160]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"EoWeather"="" []
"Centre de Sécurité Windows 1.20"="C:\WINDOWS\system32\DBR120\DXW1\services.exe" [2007-12-28 22:34 712704]
"Centre de Sécurité Windows 1.16"="C:\WINDOWS\system32\DBR116\DB1\services.exe" [2007-09-06 12:06 610304]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [ ]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
"AudioDeck"="C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe" [2006-11-02 16:57 528384]
"ATIPTA"="" []
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 12:01 88209 C:\WINDOWS\AGRSMMSG.exe]
"16ball32meta"="C:\Documents and Settings\All Users\Application Data\Realtwo16ball\memoeq.exe" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [ ]
"SDFix"="C:\DOCUME~1\ADMINI~1\Bureau\SDFix\RunThis.bat /second" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]
C:\Documents and Settings\jojo\Menu D‚marrer\Programmes\D‚marrage\
SM.lnk - C:\Program Files\SM\skymessnet.exe [2007-09-28 09:42:08 651264]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-09-23 11:10 143360 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zone Labs Client]
C:\WINDOWS\zonecl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
S1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys []
S2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-09-01 12:32]
S2 PPPoESupport;Support du transport PPPoE;"C:\WINDOWS\system32\DBR120\DXW2\svchost.exe" -service []
S2 Vcs;Vcs support;C:\WINDOWS\system32\Drivers\Vcs.sys [2002-12-10 09:11]
S3 DIGIRPS;Pilote PortServer Digi;C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-23 17:10]
S3 DMSKSSRh;DMSKSSRh;C:\DOCUME~1\jojo\LOCALS~1\Temp\DMSKSSRh.sys []
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 18:08]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 18:11]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 18:11]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 18:15]
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 p2psvc;Réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52da2faa-9b7d-11dc-b2c0-000d877c01b6}]
\Shell\AutoRun\command - start.exe
\Shell\iledefrance\command - start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ca45e12-fffc-11db-b26d-000d877c01b6}]
\Shell\AutoRun\command - L:\Installer.exe
*Newly Created Service* - LBEEPKE
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-25 07:30:38 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-25 15:01:38 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-30 14:48:37
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\tsd32.dll
.
Temps d'accomplissement: 2008-03-30 14:50:46
ComboFix-quarantined-files.txt 2008-03-30 12:50:19
ComboFix2.txt 2008-03-29 21:26:06
Pre-Run: 2,864,160,768 octets libres
Post-Run: 2,855,546,880 octets libres
.
2007-12-09 19:07:22 --- E O F ---
ComboFix 08-03-29.1 - jojo 2008-03-30 14:44:08.3 - NTFSx86 NETWORK
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.295 [GMT 2:00]
Endroit: C:\Documents and Settings\jojo\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
-- Script messages for sUBs --
VFind -tf "C:\WINDOWS\system32\insatll.~tmp"
((((((((((((((((((((((((((((( Fichiers créés 2008-02-28 to 2008-03-30 ))))))))))))))))))))))))))))))))))))
.
2008-03-29 22:53 . 2008-03-30 14:41 <REP> d-------- C:\Program Files\Navilog1
2008-03-27 19:59 . 2008-03-27 22:01 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-03-26 23:45 . 2008-03-26 23:46 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-26 22:01 . 2008-03-26 22:01 <REP> d-------- C:\Program Files\Trend Micro
2008-03-23 17:05 . 2008-03-23 18:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-23 17:00 . 2008-03-23 17:02 <REP> d-------- C:\WINDOWS\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2008-03-16 12:01 . 2008-03-16 12:01 <REP> d-------- C:\Documents and Settings\jojo\Application Data\Lavasoft
2008-03-15 23:58 . 2008-03-15 23:58 389 --a------ C:\WINDOWS\wininit.ini
2008-03-15 23:01 . 2008-03-15 23:01 691,545 --a------ C:\WINDOWS\unins000.exe
2008-03-15 23:01 . 2008-03-15 23:01 2,547 --a------ C:\WINDOWS\unins000.dat
2008-03-13 21:51 . 2008-03-30 14:31 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-09 19:22 . 2006-06-07 16:26 67,384 --a------ C:\WINDOWS\system32\drivers\btwusb.sys
2008-03-09 03:36 . 2008-03-09 03:36 <REP> d-------- C:\WINDOWS\system32\SYNC_1204845569_130904
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-03-09 03:35 . 2008-03-09 03:35 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-03-09 03:35 . 2008-03-09 03:35 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2008-03-09 03:32 . 2008-03-09 03:32 <REP> d-------- C:\WINDOWS\system32\SYNC_1204718176_110556
2008-03-09 03:32 . 2008-03-09 03:32 <REP> d-------- C:\WINDOWS\system32\SYNC_1204661694_128184
2008-03-08 01:10 . 2005-05-27 09:31 22,016 --a------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2008-03-07 01:32 . 2008-03-19 16:21 <REP> d-------- C:\Documents and Settings\Administrateur\Contacts
2008-03-07 01:19 . 2008-03-07 01:19 16,384 --a------ C:\WINDOWS\system32\securitycenter_12048455695828.exe
2008-03-07 01:04 . 2008-03-07 01:04 <REP> d-------- C:\Documents and Settings\marie\Application Data\ItsLabel
2008-03-07 01:03 . 2008-03-07 01:03 <REP> d-------- C:\Documents and Settings\marie\Application Data\EoRezo
2008-03-07 00:29 . 2008-03-09 03:29 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-03-07 00:29 . 2008-03-09 03:35 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-03-07 00:29 . 2008-03-09 03:29 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-03-07 00:29 . 2008-03-26 23:48 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-03-05 15:45 . 2007-12-04 15:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-03-05 15:45 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-05 15:45 . 2007-12-04 14:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-03-05 15:45 . 2007-12-04 16:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-05 15:45 . 2007-12-04 16:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-03-05 15:45 . 2007-12-04 16:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-05 15:45 . 2007-12-04 16:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-05 15:45 . 2007-12-04 16:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-05 15:14 . 2008-03-05 15:14 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-03-05 15:10 . 2008-03-09 03:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-03-05 13:56 . 2008-03-05 13:56 16,384 --a------ C:\WINDOWS\system32\securitycenter_12047181766295.exe
2008-03-05 07:25 . 2008-03-05 07:25 <REP> d-------- C:\Documents and Settings\jojo\Application Data\ItsLabel
2008-03-05 01:47 . 2008-03-05 01:47 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046744568146.exe
2008-03-05 00:49 . 2008-03-23 15:48 <REP> d-------- C:\Program Files\EoRezo
2008-03-05 00:49 . 2008-03-23 15:48 <REP> d-------- C:\Documents and Settings\jojo\Application Data\EoRezo
2008-03-04 22:14 . 2008-03-04 22:14 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046616941941.exe
2008-03-04 16:00 . 2008-03-04 16:00 <REP> d-------- C:\WINDOWS\system32\SYNC_1204639246_103676
2008-03-04 16:00 . 2008-03-04 16:00 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046392462013.exe
2008-03-04 15:50 . 2008-03-04 15:50 <REP> d-------- C:\WINDOWS\system32\SYNC_1204638619_111107
2008-03-04 15:50 . 2008-03-04 15:50 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046386195649.exe
2008-03-04 14:56 . 2008-03-04 14:56 <REP> d-------- C:\WINDOWS\system32\SYNC_1204635378_127767
2008-03-04 14:56 . 2008-03-04 14:56 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046353789646.exe
2008-03-04 14:52 . 2008-03-04 14:52 <REP> d-------- C:\WINDOWS\system32\SYNC_1204635174_119733
2008-03-04 14:52 . 2008-03-04 14:52 16,384 --a------ C:\WINDOWS\system32\securitycenter_12046351745578.exe
2008-03-04 00:23 . 2008-03-04 00:23 <REP> d-------- C:\WINDOWS\system32\SYNC_1204583012_102610
2008-03-04 00:23 . 2008-03-04 00:23 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045830124364.exe
2008-03-04 00:04 . 2008-03-04 00:04 <REP> d-------- C:\WINDOWS\system32\SYNC_1204581898_128620
2008-03-04 00:04 . 2008-03-04 00:04 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045818563544.exe
2008-03-03 23:33 . 2008-03-03 23:33 <REP> d-------- C:\WINDOWS\system32\SYNC_1204579995_100307
2008-03-03 23:32 . 2008-03-03 23:32 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045799756420.exe
2008-03-03 22:42 . 2008-03-03 22:42 <REP> d-------- C:\WINDOWS\system32\SYNC_1204576967_120155
2008-03-03 22:42 . 2008-03-03 22:42 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045769673135.exe
2008-03-03 22:14 . 2008-03-03 22:14 <REP> d-------- C:\WINDOWS\system32\SYNC_1204575291_109388
2008-03-03 22:14 . 2008-03-03 22:14 167,936 --a------ C:\WINDOWS\system32\securitycenter_12045752914211.exe
2008-03-03 21:56 . 2008-03-03 21:56 81,920 --a------ C:\WINDOWS\system32\securitycenter_12045741593517.exe
2008-03-03 21:55 . 2008-03-03 21:55 <REP> d-------- C:\WINDOWS\system32\SYNC_1204574159_107913
2008-03-03 20:20 . 2008-03-03 20:20 <REP> d-------- C:\WINDOWS\system32\SYNC_1204568429_124985
2008-03-03 20:19 . 2008-03-03 20:19 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045683965153.exe
2008-03-03 15:29 . 2008-03-03 15:29 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550971_109410
2008-03-03 15:29 . 2008-03-03 15:29 16,384 --a------ C:\WINDOWS\system32\securitycenter_12045509717427.exe
2008-03-03 15:26 . 2008-03-03 15:26 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550770_102965
2008-03-03 15:26 . 2008-03-03 15:26 20,480 --a------ C:\WINDOWS\system32\securitycenter_12045507708975.exe
2008-03-03 15:22 . 2008-03-03 15:22 <REP> d-------- C:\WINDOWS\system32\SYNC_1204550576_103654
2008-03-03 15:22 . 2008-03-03 15:22 20,480 --a------ C:\WINDOWS\system32\securitycenter_12045505779950.exe
2008-03-03 00:40 . 2008-03-03 00:40 <REP> d-------- C:\WINDOWS\system32\SYNC_1204497600_123519
2008-03-03 00:40 . 2008-03-03 00:40 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044976011456.exe
2008-03-02 23:06 . 2008-03-02 23:06 <REP> d-------- C:\WINDOWS\system32\SYNC_1204492010_120729
2008-03-02 23:06 . 2008-03-02 23:06 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044920105163.exe
2008-03-02 22:52 . 2008-03-02 22:52 <REP> d-------- C:\WINDOWS\system32\SYNC_1204491127_123785
2008-03-02 22:52 . 2008-03-02 22:52 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044911289997.exe
2008-03-02 17:45 . 2008-03-02 17:45 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044727009444.exe
2008-03-02 17:42 . 2008-03-02 17:42 <REP> d-------- C:\WINDOWS\system32\SYNC_1204472534_115525
2008-03-02 17:29 . 2008-03-02 17:29 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044717889540.exe
2008-03-02 17:28 . 2008-03-02 17:28 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471705_131972
2008-03-02 17:25 . 2008-03-02 17:25 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044715421082.exe
2008-03-02 17:24 . 2008-03-02 17:24 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471440_127267
2008-03-02 17:18 . 2008-03-02 17:18 167,936 --a------ C:\WINDOWS\system32\securitycenter_12044711154614.exe
2008-03-02 17:17 . 2008-03-02 17:17 <REP> d-------- C:\WINDOWS\system32\SYNC_1204471038_115266
2008-03-02 17:14 . 2008-03-02 17:14 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044708621871.exe
2008-03-02 17:13 . 2008-03-02 17:13 <REP> d-------- C:\WINDOWS\system32\SYNC_1204470823_128833
2008-03-02 16:55 . 2008-03-02 16:55 <REP> d-------- C:\WINDOWS\system32\SYNC_1204469735_104270
2008-03-02 16:55 . 2008-03-02 16:55 20,480 --a------ C:\WINDOWS\system32\securitycenter_12044697549715.exe
2008-03-02 16:51 . 2008-03-02 16:51 <REP> d-------- C:\WINDOWS\system32\SYNC_1204469471_103517
2008-03-02 16:51 . 2008-03-02 16:51 16,384 --a------ C:\WINDOWS\system32\securitycenter_12044694823193.exe
2008-03-02 16:23 . 2008-03-02 16:23 81,920 --a------ C:\WINDOWS\system32\securitycenter_12044677831125.exe
2008-03-02 16:22 . 2008-03-02 16:22 <REP> d-------- C:\WINDOWS\system32\SYNC_1204467778_128339
2008-03-02 16:17 . 2008-03-02 16:17 81,920 --a------ C:\WINDOWS\system32\securitycenter_12044674344205.exe
2008-03-02 16:08 . 2008-03-02 16:08 <REP> d-------- C:\WINDOWS\system32\SYNC_1204466892_127130
2008-03-02 16:02 . 2008-03-02 16:02 <REP> d-------- C:\WINDOWS\system32\SYNC_1204466557_113418
2008-03-02 16:01 . 2008-03-02 16:01 20,480 --a------ C:\WINDOWS\system32\securitycenter_12044664701002.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-27 18:55 --------- d-----w C:\Program Files\Mail PassView
2008-03-26 19:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-23 15:06 --------- d-----w C:\Program Files\Lavasoft
2008-03-22 21:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-15 21:19 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-15 19:42 --------- d-----w C:\Documents and Settings\jojo\Application Data\LimeWire
2008-03-09 01:33 --------- d-----w C:\Program Files\Fichiers communs\Softwin
2008-03-05 15:24 139,776 ----a-w C:\WINDOWS\Internet Logs\xDBDF.tmp
2008-03-05 13:14 --------- d-----w C:\Program Files\Softwin
2008-03-05 08:00 183,296 ----a-w C:\WINDOWS\Internet Logs\xDBDE.tmp
2008-03-05 07:54 44,424 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2008_03_05_08_54_18_small.dmp.zip
2008-02-28 12:12 38,817 ----a-w C:\report.zip
2008-02-19 00:01 --------- d-----w C:\Program Files\Azureus
2008-02-07 23:10 460,800 ----a-w C:\WINDOWS\Internet Logs\xDBDB.tmp
2008-02-07 23:10 1,497,088 ----a-w C:\WINDOWS\Internet Logs\xDBDD.tmp
2008-02-07 20:02 55,808 ----a-w C:\WINDOWS\Internet Logs\xDBDC.tmp
2008-02-07 19:28 75,264 ----a-w C:\WINDOWS\Internet Logs\xDBDA.tmp
2008-02-07 19:04 2,828,800 ----a-w C:\WINDOWS\Internet Logs\xDBFD.tmp
2008-02-07 19:04 1,494,016 ----a-w C:\WINDOWS\Internet Logs\xDBFE.tmp
2008-02-07 18:58 15,832,521 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2008_02_04_22_08_52_full.dmp.zip
2008-01-31 21:55 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018165109057.exe
2008-01-31 21:21 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018145089976.exe
2008-01-31 21:12 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018139505158.exe
2008-01-31 20:53 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018128301886.exe
2008-01-31 19:51 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018090926021.exe
2008-01-31 19:01 2,947,584 ----a-w C:\WINDOWS\Internet Logs\xDBD8.tmp
2008-01-31 19:01 1,523,200 ----a-w C:\WINDOWS\Internet Logs\xDBD9.tmp
2008-01-31 18:47 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018052305786.exe
2008-01-31 17:25 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12018003514959.exe
2008-01-31 16:40 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017976288415.exe
2008-01-31 16:04 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017954461465.exe
2008-01-31 15:38 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017939063397.exe
2008-01-31 15:01 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017917077720.exe
2008-01-31 14:26 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017895824668.exe
2008-01-31 12:57 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017842623380.exe
2008-01-31 12:28 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017825341843.exe
2008-01-31 01:29 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017429769152.exe
2008-01-30 21:32 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017287318035.exe
2008-01-30 18:48 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12017189306807.exe
2008-01-30 18:39 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017183776410.exe
2008-01-30 18:17 --------- d-----w C:\Program Files\SM
2008-01-30 18:10 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017166003684.exe
2008-01-30 18:06 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017164024767.exe
2008-01-30 17:59 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017159971504.exe
2008-01-30 17:48 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12017153029994.exe
2008-01-30 17:27 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017140572423.exe
2008-01-30 14:28 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017033173635.exe
2008-01-30 14:13 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12017024354471.exe
2008-01-30 14:11 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017023171727.exe
2008-01-30 14:10 36,864 ----a-w C:\WINDOWS\system32\securitycenter_12017022599678.exe
2008-01-30 12:50 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016974363696.exe
2008-01-30 12:37 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12016966721700.exe
2008-01-30 00:00 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016512538556.exe
2008-01-29 23:07 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016480258186.exe
2008-01-29 23:04 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016478766611.exe
2008-01-29 22:52 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016471303877.exe
2008-01-29 20:59 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12016403733953.exe
2008-01-29 20:08 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016373203736.exe
2008-01-29 20:04 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12016370864498.exe
2008-01-28 00:47 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014812394814.exe
2008-01-27 20:39 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014663715909.exe
2008-01-27 20:07 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12014644545577.exe
2008-01-27 19:25 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12014619378781.exe
2008-01-27 19:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014607914255.exe
2008-01-27 19:03 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014606109922.exe
2008-01-27 18:33 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014588112107.exe
2008-01-27 18:12 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014575704388.exe
2008-01-27 17:56 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12014565898920.exe
2008-01-26 21:46 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12013839722028.exe
2008-01-26 20:52 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013807753675.exe
2008-01-26 20:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013780087430.exe
2008-01-26 19:57 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013774617459.exe
2008-01-26 17:31 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013686888648.exe
2008-01-26 13:36 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013546101780.exe
2008-01-26 13:35 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12013545531746.exe
2008-01-26 12:40 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12013512408845.exe
2008-01-25 21:06 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012951994875.exe
2008-01-25 20:49 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12012941479721.exe
2008-01-25 19:41 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012900923749.exe
2008-01-24 20:53 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12012080145656.exe
2008-01-24 20:20 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12012060277920.exe
2008-01-24 18:15 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011985531567.exe
2008-01-24 17:56 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011973933758.exe
2008-01-24 17:35 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011961332259.exe
2008-01-24 17:20 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011952312392.exe
2008-01-24 15:15 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011876994831.exe
2008-01-24 14:56 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011865738803.exe
2008-01-24 13:53 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011827939004.exe
2008-01-24 13:41 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011820696749.exe
2008-01-24 13:08 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011801067567.exe
2008-01-24 11:41 81,920 ----a-w C:\WINDOWS\system32\securitycenter_12011749052775.exe
2008-01-24 00:20 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011340293884.exe
2008-01-23 23:58 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011326905880.exe
2008-01-23 21:11 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011226681607.exe
2008-01-23 21:09 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011225575617.exe
2008-01-23 21:05 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011223045274.exe
2008-01-23 21:03 20,480 ----a-w C:\WINDOWS\system32\securitycenter_12011222216679.exe
2008-01-23 20:54 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011216713206.exe
2008-01-23 20:21 77,824 ----a-w C:\WINDOWS\system32\securitycenter_12011196877341.exe
2008-01-23 20:03 167,936 ----a-w C:\WINDOWS\system32\securitycenter_12011186208925.exe
2005-05-13 15:12 217,073 -csha-r C:\WINDOWS\meta4.exe
2005-10-24 09:13 66,560 -csha-r C:\WINDOWS\MOTA113.exe
2005-10-13 19:27 422,400 -csha-r C:\WINDOWS\x2.64.exe
2005-10-07 17:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
2005-07-14 10:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 13:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 20:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2007-02-03 15:07 8 --sha-r C:\WINDOWS\system32\D26A0750DE.sys
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2007-02-03 15:27 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2006-04-27 08:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.
------- Sigcheck -------
2005-03-02 20:20 578048 c34920eb988ce98910bd6b0417f334eb C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 17:50 579072 4d88aaf39adabfe45958ea1384e2c4ff C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
2004-08-05 05:00 578048 e46fb493e3b33704f0715020cf52106b C:\WINDOWS\$NtUninstallKB890859$\user32.dll
2005-03-02 20:10 578048 0df75fb73f705b011630159a43d7c354 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
2007-03-08 17:37 572928 2b49e0737444475873196b826ea3ae9e C:\WINDOWS\system32\user32.dll
2007-03-08 17:37 572928 2b49e0737444475873196b826ea3ae9e C:\WINDOWS\system32\dllcache\user32.dll
2007-06-13 15:22 3909632 6fece61be138e7cb78db573154dca5ca C:\WINDOWS\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-05 05:00 1884672 90e794c5d2d368686fe71b4a0354462c C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:22 3909632 6fece61be138e7cb78db573154dca5ca C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-03-29_22.25.24.81 )))))))))))))))))))))))))))))))))))))))))
.
- 2000-08-31 07:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
- 2000-08-31 07:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C0A7F9B4-5F16-0839-4EFB-B1A7ABDBDC3A}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [ ]
"Steam"="c:\valve\steam\steam.exe" [2007-12-31 18:36 1266936]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [ ]
"MSN Webcam Recorder"="C:\Program Files\MSN Webcam Recorder\ml20gui.exe" [2006-01-31 02:14 131072]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2005-08-31 20:27 1658592]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [ ]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29 165784]
"book ante"="C:\DOCUME~1\jojo\APPLIC~1\ELSEPL~1\AXISNEW.exe" [ ]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2006-10-09 11:28 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EoEngine"="C:\Program Files\EoRezo\EoEngine.exe" [ ]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-09-13 18:24 39424]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 18:19 15872]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 03:52 36975]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-06-05 21:34 77824]
"nwiz"="nwiz.exe" [2007-06-29 00:43 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-29 00:43 81920]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-29 00:43 8466432]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [ ]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"LVCOMS"="C:\WINDOWS\system32\LVCOMS.EXE" [ ]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\WINDOWS\KHALMNPR.Exe]
"ItsTV"="C:\Program Files\EoRezo\EoWeather\ItsTV.exe" [2007-04-26 17:19 2908160]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"EoWeather"="" []
"Centre de Sécurité Windows 1.20"="C:\WINDOWS\system32\DBR120\DXW1\services.exe" [2007-12-28 22:34 712704]
"Centre de Sécurité Windows 1.16"="C:\WINDOWS\system32\DBR116\DB1\services.exe" [2007-09-06 12:06 610304]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [ ]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
"AudioDeck"="C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe" [2006-11-02 16:57 528384]
"ATIPTA"="" []
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 12:01 88209 C:\WINDOWS\AGRSMMSG.exe]
"16ball32meta"="C:\Documents and Settings\All Users\Application Data\Realtwo16ball\memoeq.exe" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [ ]
"SDFix"="C:\DOCUME~1\ADMINI~1\Bureau\SDFix\RunThis.bat /second" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]
C:\Documents and Settings\jojo\Menu D‚marrer\Programmes\D‚marrage\
SM.lnk - C:\Program Files\SM\skymessnet.exe [2007-09-28 09:42:08 651264]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-09-23 11:10 143360 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zone Labs Client]
C:\WINDOWS\zonecl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
S1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys []
S2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-09-01 12:32]
S2 PPPoESupport;Support du transport PPPoE;"C:\WINDOWS\system32\DBR120\DXW2\svchost.exe" -service []
S2 Vcs;Vcs support;C:\WINDOWS\system32\Drivers\Vcs.sys [2002-12-10 09:11]
S3 DIGIRPS;Pilote PortServer Digi;C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-23 17:10]
S3 DMSKSSRh;DMSKSSRh;C:\DOCUME~1\jojo\LOCALS~1\Temp\DMSKSSRh.sys []
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 18:08]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 18:11]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 18:11]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 18:15]
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 p2psvc;Réseau homologue;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52da2faa-9b7d-11dc-b2c0-000d877c01b6}]
\Shell\AutoRun\command - start.exe
\Shell\iledefrance\command - start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ca45e12-fffc-11db-b26d-000d877c01b6}]
\Shell\AutoRun\command - L:\Installer.exe
*Newly Created Service* - LBEEPKE
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-25 07:30:38 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-25 15:01:38 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
.
*******************************************
Mon PC est plus rapide au démarage mais il est encore presque inutilisable en mode normal je vais faire ce que tu ma dit merci de vos réponse a pluss
analyse sur virus total ce fichier et colle moi le rapport: https://www.virustotal.com/gui/
C:\WINDOWS\system32\securitycenter_12045683965153.exe
______________
tu as ceci??? regarde le lien: et dis moi si c'est le cas
https://forum.malekal.com/viewtopic.php?f=12&t=5996
__________
smit fraud fix (colle le rapport)
1/ telecharger :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes.
je me mets de coté:
C:\WINDOWS\system32\securitycenter_12018165109057.exe
C:\WINDOWS\system32\securitycenter_12018145089976.exe
C:\WINDOWS\system32\securitycenter_12018139505158.exe
C:\WINDOWS\system32\securitycenter_12018128301886.exe
C:\WINDOWS\system32\securitycenter_12018090926021.exe
C:\WINDOWS\system32\securitycenter_12018052305786.exe
C:\WINDOWS\system32\securitycenter_12018003514959.exe
C:\WINDOWS\system32\securitycenter_12017976288415.exe
C:\WINDOWS\system32\securitycenter_12017954461465.exe
C:\WINDOWS\system32\securitycenter_12017939063397.exe
C:\WINDOWS\system32\securitycenter_12017917077720.exe
C:\WINDOWS\system32\securitycenter_12017895824668.exe
C:\WINDOWS\system32\securitycenter_12017842623380.exe
C:\WINDOWS\system32\securitycenter_12017825341843.exe
C:\WINDOWS\system32\securitycenter_12017429769152.exe
C:\WINDOWS\system32\securitycenter_12017287318035.exe
C:\WINDOWS\system32\securitycenter_12017189306807.exe
C:\WINDOWS\system32\securitycenter_12017183776410.exe
C:\WINDOWS\system32\securitycenter_12017166003684.exe
C:\WINDOWS\system32\securitycenter_12017164024767.exe
C:\WINDOWS\system32\securitycenter_12017159971504.exe
C:\WINDOWS\system32\securitycenter_12017153029994.exe
C:\WINDOWS\system32\securitycenter_12017140572423.exe
C:\WINDOWS\system32\securitycenter_12017033173635.exe
C:\WINDOWS\system32\securitycenter_12017024354471.exe
C:\WINDOWS\system32\securitycenter_12017023171727.exe
C:\WINDOWS\system32\securitycenter_12017022599678.exe
C:\WINDOWS\system32\securitycenter_12016974363696.exe
C:\WINDOWS\system32\securitycenter_12016966721700.exe
C:\WINDOWS\system32\securitycenter_12016512538556.exe
C:\WINDOWS\system32\securitycenter_12016480258186.exe
C:\WINDOWS\system32\securitycenter_12016478766611.exe
C:\WINDOWS\system32\securitycenter_12016471303877.exe
C:\WINDOWS\system32\securitycenter_12016403733953.exe
C:\WINDOWS\system32\securitycenter_12016373203736.exe
C:\WINDOWS\system32\securitycenter_12016370864498.exe
C:\WINDOWS\system32\securitycenter_12014812394814.exe
C:\WINDOWS\system32\securitycenter_12014663715909.exe
C:\WINDOWS\system32\securitycenter_12014644545577.exe
C:\WINDOWS\system32\securitycenter_12014619378781.exe
C:\WINDOWS\system32\securitycenter_12014607914255.exe
C:\WINDOWS\system32\securitycenter_12014606109922.exe
C:\WINDOWS\system32\securitycenter_12014588112107.exe
C:\WINDOWS\system32\securitycenter_12014575704388.exe
C:\WINDOWS\system32\securitycenter_12014565898920.exe
C:\WINDOWS\system32\securitycenter_12013839722028.exe
C:\WINDOWS\system32\securitycenter_12013807753675.exe
C:\WINDOWS\system32\securitycenter_12013780087430.exe
C:\WINDOWS\system32\securitycenter_12013774617459.exe
C:\WINDOWS\system32\securitycenter_12013546101780.exe
C:\WINDOWS\system32\securitycenter_12013545531746.exe
C:\WINDOWS\system32\securitycenter_12013512408845.exe
C:\WINDOWS\system32\securitycenter_12012951994875.exe
C:\WINDOWS\system32\securitycenter_12012941479721.exe
C:\WINDOWS\system32\securitycenter_12012900923749.exe
C:\WINDOWS\system32\securitycenter_12012080145656.exe
C:\WINDOWS\system32\securitycenter_12012060277920.exe
C:\WINDOWS\system32\securitycenter_12011985531567.exe
C:\WINDOWS\system32\securitycenter_12011973933758.exe
C:\WINDOWS\system32\securitycenter_12011961332259.exe
C:\WINDOWS\system32\securitycenter_12011952312392.exe
C:\WINDOWS\system32\securitycenter_12011876994831.exe
C:\WINDOWS\system32\securitycenter_12011865738803.exe
C:\WINDOWS\system32\securitycenter_12011827939004.exe
C:\WINDOWS\system32\securitycenter_12011820696749.exe
C:\WINDOWS\system32\securitycenter_12011801067567.exe
C:\WINDOWS\system32\securitycenter_12011749052775.exe
C:\WINDOWS\system32\securitycenter_12011340293884.exe
C:\WINDOWS\system32\securitycenter_12011326905880.exe
C:\WINDOWS\system32\securitycenter_12011226681607.exe
C:\WINDOWS\system32\securitycenter_12011225575617.exe
C:\WINDOWS\system32\securitycenter_12011223045274.exe
C:\WINDOWS\system32\securitycenter_12011222216679.exe
C:\WINDOWS\system32\securitycenter_12011216713206.exe
C:\WINDOWS\system32\securitycenter_12011196877341.exe
C:\WINDOWS\system32\securitycenter_12011186208925.exe
C:\WINDOWS\system32\securitycenter_12047181766295.exe
C:\WINDOWS\system32\securitycenter_12045683965153.exe
______________
tu as ceci??? regarde le lien: et dis moi si c'est le cas
https://forum.malekal.com/viewtopic.php?f=12&t=5996
__________
smit fraud fix (colle le rapport)
1/ telecharger :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes.
je me mets de coté:
C:\WINDOWS\system32\securitycenter_12018165109057.exe
C:\WINDOWS\system32\securitycenter_12018145089976.exe
C:\WINDOWS\system32\securitycenter_12018139505158.exe
C:\WINDOWS\system32\securitycenter_12018128301886.exe
C:\WINDOWS\system32\securitycenter_12018090926021.exe
C:\WINDOWS\system32\securitycenter_12018052305786.exe
C:\WINDOWS\system32\securitycenter_12018003514959.exe
C:\WINDOWS\system32\securitycenter_12017976288415.exe
C:\WINDOWS\system32\securitycenter_12017954461465.exe
C:\WINDOWS\system32\securitycenter_12017939063397.exe
C:\WINDOWS\system32\securitycenter_12017917077720.exe
C:\WINDOWS\system32\securitycenter_12017895824668.exe
C:\WINDOWS\system32\securitycenter_12017842623380.exe
C:\WINDOWS\system32\securitycenter_12017825341843.exe
C:\WINDOWS\system32\securitycenter_12017429769152.exe
C:\WINDOWS\system32\securitycenter_12017287318035.exe
C:\WINDOWS\system32\securitycenter_12017189306807.exe
C:\WINDOWS\system32\securitycenter_12017183776410.exe
C:\WINDOWS\system32\securitycenter_12017166003684.exe
C:\WINDOWS\system32\securitycenter_12017164024767.exe
C:\WINDOWS\system32\securitycenter_12017159971504.exe
C:\WINDOWS\system32\securitycenter_12017153029994.exe
C:\WINDOWS\system32\securitycenter_12017140572423.exe
C:\WINDOWS\system32\securitycenter_12017033173635.exe
C:\WINDOWS\system32\securitycenter_12017024354471.exe
C:\WINDOWS\system32\securitycenter_12017023171727.exe
C:\WINDOWS\system32\securitycenter_12017022599678.exe
C:\WINDOWS\system32\securitycenter_12016974363696.exe
C:\WINDOWS\system32\securitycenter_12016966721700.exe
C:\WINDOWS\system32\securitycenter_12016512538556.exe
C:\WINDOWS\system32\securitycenter_12016480258186.exe
C:\WINDOWS\system32\securitycenter_12016478766611.exe
C:\WINDOWS\system32\securitycenter_12016471303877.exe
C:\WINDOWS\system32\securitycenter_12016403733953.exe
C:\WINDOWS\system32\securitycenter_12016373203736.exe
C:\WINDOWS\system32\securitycenter_12016370864498.exe
C:\WINDOWS\system32\securitycenter_12014812394814.exe
C:\WINDOWS\system32\securitycenter_12014663715909.exe
C:\WINDOWS\system32\securitycenter_12014644545577.exe
C:\WINDOWS\system32\securitycenter_12014619378781.exe
C:\WINDOWS\system32\securitycenter_12014607914255.exe
C:\WINDOWS\system32\securitycenter_12014606109922.exe
C:\WINDOWS\system32\securitycenter_12014588112107.exe
C:\WINDOWS\system32\securitycenter_12014575704388.exe
C:\WINDOWS\system32\securitycenter_12014565898920.exe
C:\WINDOWS\system32\securitycenter_12013839722028.exe
C:\WINDOWS\system32\securitycenter_12013807753675.exe
C:\WINDOWS\system32\securitycenter_12013780087430.exe
C:\WINDOWS\system32\securitycenter_12013774617459.exe
C:\WINDOWS\system32\securitycenter_12013546101780.exe
C:\WINDOWS\system32\securitycenter_12013545531746.exe
C:\WINDOWS\system32\securitycenter_12013512408845.exe
C:\WINDOWS\system32\securitycenter_12012951994875.exe
C:\WINDOWS\system32\securitycenter_12012941479721.exe
C:\WINDOWS\system32\securitycenter_12012900923749.exe
C:\WINDOWS\system32\securitycenter_12012080145656.exe
C:\WINDOWS\system32\securitycenter_12012060277920.exe
C:\WINDOWS\system32\securitycenter_12011985531567.exe
C:\WINDOWS\system32\securitycenter_12011973933758.exe
C:\WINDOWS\system32\securitycenter_12011961332259.exe
C:\WINDOWS\system32\securitycenter_12011952312392.exe
C:\WINDOWS\system32\securitycenter_12011876994831.exe
C:\WINDOWS\system32\securitycenter_12011865738803.exe
C:\WINDOWS\system32\securitycenter_12011827939004.exe
C:\WINDOWS\system32\securitycenter_12011820696749.exe
C:\WINDOWS\system32\securitycenter_12011801067567.exe
C:\WINDOWS\system32\securitycenter_12011749052775.exe
C:\WINDOWS\system32\securitycenter_12011340293884.exe
C:\WINDOWS\system32\securitycenter_12011326905880.exe
C:\WINDOWS\system32\securitycenter_12011226681607.exe
C:\WINDOWS\system32\securitycenter_12011225575617.exe
C:\WINDOWS\system32\securitycenter_12011223045274.exe
C:\WINDOWS\system32\securitycenter_12011222216679.exe
C:\WINDOWS\system32\securitycenter_12011216713206.exe
C:\WINDOWS\system32\securitycenter_12011196877341.exe
C:\WINDOWS\system32\securitycenter_12011186208925.exe
C:\WINDOWS\system32\securitycenter_12047181766295.exe
