Rapport combofix pour debuger internet explor
killerone
-
killerone1 Messages postés 14 Statut Membre -
killerone1 Messages postés 14 Statut Membre -
Bonjour, voici mon rapport. il ne me reste que ca a debuguer et mon ordi esrt comme neuf
ComboFix 08-05-21.3 - Yannick 2008-05-23 17:25:18.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.237 [GMT -4:00]
Endroit: C:\Documents and Settings\Yannick\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Adssite Games Collection
C:\Program Files\Adssite Games Collection\BattlesOfHelicopters.exe
C:\Program Files\Adssite Games Collection\BobAndBill.exe
C:\Program Files\Adssite Games Collection\CrazyBlocks.exe
C:\Program Files\Adssite Games Collection\Lines.exe
C:\Program Files\Adssite Games Collection\uninstall.exe
C:\Program Files\Adssite Games Collection\VideoPool.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\adssite-remove.exe
C:\WINDOWS\system32\byXPFxVl.dll
C:\WINDOWS\system32\citepksh.ini
C:\WINDOWS\system32\gzmrot-uninst.exe
C:\WINDOWS\system32\gzmrt.dll
C:\WINDOWS\system32\lVxFPXyb.ini
C:\WINDOWS\system32\lVxFPXyb.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nprcajpu.ini
C:\WINDOWS\system32\piejgvrq.ini
C:\WINDOWS\system32\rightonadz-uninst.exe
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-23 to 2008-05-23 ))))))))))))))))))))))))))))))))))))
.
2008-05-23 13:34 . 2004-08-20 01:11 4,190,352 --a------ C:\WINDOWS\system32\dllcache\luna.mst
2008-05-23 11:57 . 2008-05-23 11:57 <REP> d-------- C:\WINDOWS\ERUNT
2008-05-23 11:49 . 2008-05-23 12:29 <REP> d-------- C:\SDFix
2008-05-23 11:39 . 2008-05-23 11:39 <REP> d-------- C:\WINDOWS\resources
2008-05-23 11:09 . 2001-08-23 17:47 86,097 --a------ C:\WINDOWS\system32\dllcache\reslog32.dll
2008-05-23 11:09 . 2004-08-03 23:10 59,648 --a------ C:\WINDOWS\system32\dllcache\rfcomm.sys
2008-05-23 11:09 . 2001-08-17 20:12 37,563 --a------ C:\WINDOWS\system32\dllcache\rlnet5.sys
2008-05-23 11:09 . 2001-08-23 17:47 23,040 --a------ C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2008-05-23 11:09 . 2004-08-05 13:00 15,360 --a------ C:\WINDOWS\system32\dllcache\register.exe
2008-05-23 11:09 . 2004-08-03 22:41 13,776 --a------ C:\WINDOWS\system32\dllcache\recagent.sys
2008-05-23 11:08 . 2001-08-23 17:18 899,914 --a------ C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-05-23 11:08 . 2001-08-23 17:18 715,530 --a------ C:\WINDOWS\system32\dllcache\r2mdmkxx.sys
2008-05-23 11:08 . 2004-08-05 13:00 77,824 --a------ C:\WINDOWS\system32\dllcache\quick.ime
2008-05-23 11:08 . 2001-08-23 17:47 41,984 --a------ C:\WINDOWS\system32\dllcache\qvusd.dll
2008-05-23 11:08 . 2004-08-05 13:00 20,736 --a------ C:\WINDOWS\system32\dllcache\ramdisk.sys
2008-05-23 11:08 . 2001-08-17 21:51 19,584 --a------ C:\WINDOWS\system32\dllcache\rasirda.sys
2008-05-23 11:08 . 2004-08-05 13:00 16,896 --a------ C:\WINDOWS\system32\dllcache\quser.exe
2008-05-23 11:08 . 2004-08-05 13:00 10,240 --a------ C:\WINDOWS\system32\dllcache\query.exe
2008-05-23 11:08 . 2004-08-03 23:00 6,016 --a------ C:\WINDOWS\system32\dllcache\qic157.sys
2008-05-23 11:08 . 2001-08-17 21:53 3,328 --a------ C:\WINDOWS\system32\dllcache\qv2kux.sys
2008-05-23 11:06 . 2004-08-05 13:00 482,304 --a------ C:\WINDOWS\system32\dllcache\pintlgnt.ime
2008-05-23 11:05 . 2001-08-17 22:05 351,616 --a------ C:\WINDOWS\system32\dllcache\ovcodek2.sys
2008-05-23 11:04 . 2001-08-17 20:50 198,144 --a------ C:\WINDOWS\system32\dllcache\nv3.sys
2008-05-23 11:03 . 2004-08-04 00:47 132,695 --a------ C:\WINDOWS\system32\dllcache\netwlan5.sys
2008-05-23 11:02 . 2004-08-05 13:00 1,875,968 --a------ C:\WINDOWS\system32\dllcache\msir3jp.lex
2008-05-23 11:01 . 2001-08-17 21:28 802,683 --a------ C:\WINDOWS\system32\dllcache\ltsm.sys
2008-05-23 11:00 . 2004-08-05 13:00 1,158,818 --a------ C:\WINDOWS\system32\dllcache\korwbrkr.lex
2008-05-23 10:59 . 2004-08-04 00:54 154,112 --a------ C:\WINDOWS\system32\dllcache\irftp.exe
2008-05-23 10:58 . 2004-08-05 13:00 811,064 --a------ C:\WINDOWS\system32\dllcache\imjp81k.dll
2008-05-23 10:57 . 2004-08-05 13:00 13,463,552 --a------ C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-05-23 10:56 . 2001-08-17 21:28 542,879 --a------ C:\WINDOWS\system32\dllcache\hsf_msft.sys
2008-05-23 10:55 . 2001-08-23 17:19 908,000 --a------ C:\WINDOWS\system32\dllcache\hcf_msft.sys
2008-05-23 10:54 . 2001-08-23 17:46 1,733,120 --a------ C:\WINDOWS\system32\dllcache\g400d.dll
2008-05-23 10:53 . 2001-08-23 17:16 596,319 --a------ C:\WINDOWS\system32\dllcache\es56cvmp.sys
2008-05-23 10:52 . 2001-08-23 17:13 634,166 --a------ C:\WINDOWS\system32\dllcache\el656ct5.sys
2008-05-23 10:51 . 2001-08-17 20:14 952,007 --a------ C:\WINDOWS\system32\dllcache\diwan.sys
2008-05-23 10:50 . 2008-05-23 10:50 <REP> d-------- C:\Program Files\Trend Micro
2008-05-23 10:50 . 2001-08-23 17:47 422,429 --a------ C:\WINDOWS\system32\dllcache\dgconfig.dll
2008-05-23 10:49 . 2004-08-04 00:54 252,416 --a------ C:\WINDOWS\system32\dllcache\ctmasetp.dll
2008-05-23 10:48 . 2004-08-05 13:00 1,677,824 --a------ C:\WINDOWS\system32\dllcache\chsbrkr.dll
2008-05-23 10:47 . 2001-08-23 17:03 715,466 --a------ C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
2008-05-23 10:46 . 2004-08-04 00:40 274,944 --a------ C:\WINDOWS\system32\dllcache\bthport.sys
2008-05-23 10:45 . 2001-08-17 21:28 871,388 --a------ C:\WINDOWS\system32\dllcache\bcmdm.sys
2008-05-23 10:44 . 2004-08-04 00:54 870,784 --a------ C:\WINDOWS\system32\dllcache\ati3d1ag.dll
2008-05-23 10:43 . 2001-08-17 21:28 762,780 --a------ C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-05-23 10:42 . 2004-05-13 00:39 876,653 --a------ C:\WINDOWS\system32\dllcache\fp4awel.dll
2008-05-23 10:41 . 2003-03-24 15:52 188,480 --a------ C:\WINDOWS\system32\dllcache\cfgwiz.exe
2008-05-23 10:41 . 2003-03-24 15:52 20,540 --a------ C:\WINDOWS\system32\dllcache\author.dll
2008-05-23 10:41 . 2003-03-24 15:52 20,540 --a------ C:\WINDOWS\system32\dllcache\admin.dll
2008-05-23 10:41 . 2003-03-24 15:52 16,439 --a------ C:\WINDOWS\system32\dllcache\author.exe
2008-05-23 10:41 . 2003-03-24 15:52 16,439 --a------ C:\WINDOWS\system32\dllcache\admin.exe
2008-05-23 09:51 . 2008-05-23 09:49 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-05-23 09:47 . 2008-05-23 09:51 <REP> d-------- C:\Documents and Settings\Yannick\.housecall6.6
2008-05-23 09:26 . 2008-05-23 09:26 90,624 --a------ C:\WINDOWS\system32\qrvgjeip.dll
2008-05-22 16:50 . 2008-05-23 13:39 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-22 16:50 . 2008-05-22 16:50 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-22 08:41 . 2008-05-22 08:41 77,613 --a------ C:\WINDOWS\system32\scui.cpl
2008-05-21 17:45 . 2008-05-21 17:45 <REP> d-------- C:\Program Files\LabelCommand
2008-05-21 15:55 . 2008-05-21 15:57 <REP> d-------- C:\Documents and Settings\Yannick\Application Data\SpyGuarder
2008-05-21 15:54 . 2008-05-21 15:54 27,648 --a------ C:\Documents and Settings\Yannick\redir.dll
2008-05-21 15:36 . 2008-05-22 09:19 <REP> d-------- C:\Documents and Settings\Yannick\Application Data\TmpRecentIcons
2008-05-21 13:11 . 2008-05-21 11:43 94,208 --a------ C:\WINDOWS\elsq.exe
2008-05-21 11:15 . 2008-05-21 11:15 122,880 --a------ C:\WINDOWS\lcmmfu.cpl
2008-05-21 11:15 . 2008-05-23 17:33 1,217 --ahs---- C:\WINDOWS\system32\mmf.sys
2008-05-21 11:14 . 2008-05-21 11:14 48,640 --a------ C:\WINDOWS\mmfs.dll
2008-05-21 11:14 . 2008-05-21 11:14 2,560 --a------ C:\WINDOWS\Runservice.exe
2008-05-21 11:13 . 2008-05-21 11:13 <REP> d-------- C:\Program Files\Battlefront
2008-05-20 20:15 . 2008-05-20 20:15 <REP> d-------- C:\Program Files\DAEMON Tools
2008-05-20 20:15 . 2008-05-20 20:15 223,128 --a------ C:\WINDOWS\system32\drivers\dtscsi.sys
2008-05-20 19:15 . 2008-05-20 19:15 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-05-20 19:14 . 2008-05-20 19:14 <REP> d-------- C:\Documents and Settings\Yannick\Application Data\DAEMON Tools
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-23 21:33 35,766,560 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-05-23 21:32 678,432 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-05-23 21:31 64,628 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-05-23 21:31 480,068 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-05-23 17:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-23 16:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-23 15:29 4,498 ----a-w C:\WINDOWS\system32\tmp.reg
2008-05-23 13:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-05-19 01:40 82,944 ----a-w C:\WINDOWS\system32\IEDFix.exe
2008-05-19 01:40 82,944 ----a-w C:\WINDOWS\system32\404Fix.exe
2008-05-16 03:22 86,528 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-04-26 18:09 --------- d-----w C:\Program Files\LimeWire
2008-04-17 15:05 96,645 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-04-17 15:05 87,941 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-04-07 22:12 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-23 18:57 --------- d-----w C:\Program Files\WarZone
2008-03-23 18:56 --------- d-----w C:\Documents and Settings\Yannick\Application Data\WarZone
2008-03-23 11:15 499,200 ----a-w C:\WINDOWS\system32\WZDPlay.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-18 16:43 84,729 ----a-w C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
2008-03-13 16:35 60,416 ----a-w C:\WINDOWS\system32\rgtndz.dll
2008-03-04 00:18 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-03-01 22:28 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-03-01 18:01 46,300 ----a-w C:\WINDOWS\system32\AdssiteSocial-uninstall.exe
2008-02-29 08:57 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-19 00:49 284 ----a-w C:\Documents and Settings\Yannick\Application Data\ViewerApp.dat
2007-12-15 15:50 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-10-29 13:12 42,952 ----a-w C:\Documents and Settings\Yannick\Application Data\GDIPFONTCACHEV1.DAT
2005-09-25 14:25 90,702 ----a-w C:\Documents and Settings\Yannick\BlindTop.zip
2005-09-25 14:25 74,052 ----a-w C:\Documents and Settings\Yannick\ZapWars.zip
2005-09-25 14:25 255,840 ----a-w C:\Documents and Settings\Yannick\Raj.zip
2005-09-19 20:58 298 ----a-w C:\Program Files\INSTALL.LOG
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{09A78B33-C7F6-465D-9CCA-98D5B98B78CB}]
C:\WINDOWS\system32\urqNHBRI.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18CB1A7B-94CD-4582-8022-ADA16851E44B}]
2008-03-27 08:57 247296 --a------ C:\Program Files\LabelCommand\LabelCommand.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3642B57-3EA8-4EEA-A643-9DE138381A57}]
2008-05-21 15:54 27648 --a------ C:\Documents and Settings\Yannick\redir.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04 1415824]
"MsnMsgr"="~C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-01-18 18:07 196608]
"LDM"="\Program\BackWeb-8876480.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-21 20:10 68856]
"MétéoIMédia"="C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe" [ ]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-07-25 16:35 102512]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 20:10 1688872]
"SpyGuarder"="C:\Documents and Settings\Yannick\spyguarder.exe" [ ]
"KvmSecure.exe"="C:\Program Files\KvmSecure\KvmSecure.exe" [ ]
"WinSpywareProtect (ver. 5.1)"="C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 00:20 339968 C:\WINDOWS\STSYSTRA.EXE]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 23:32 53248]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"Mercora"="C:\Program Files\Mercora\MercoraClient.exe" [ ]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 12:52 221184]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 18:37 217088]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 18:47 458752]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 17:50 81920]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 17:50 221184]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 17:19 53248]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 02:05 127035]
"StandardInstall"="" []
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 02:02 86016]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [ ]
"TXP"="c:\program files\topthemesxp\txp.exe" [ ]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-12 21:40 185632]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00 267064]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 15:21 2213160]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-11-08 18:00 128920]
"38fa179e"="C:\WINDOWS\system32\qrvgjeip.dll" [2008-05-23 09:26 90624]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 13:51 218376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RealUpgradeHelper"="C:\Program Files\Fichiers communs\Real\Update_OB\upgrdhlp.exe" [2007-09-12 21:40 335872]
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Documents and Settings\Yannick\Mes documents\Mes images\Famille Tremblay\graduation nelly\30 juin 2007 071.jpg
FriendlyName=
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
Source= C:\Documents and Settings\Yannick\Mes documents\Mes images\Famille Tremblay\noel maison 2006\fete Yan et Noemy 038.jpg
FriendlyName=
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 14:11 233472]
"{09A78B33-C7F6-465D-9CCA-98D5B98B78CB}"= C:\WINDOWS\system32\urqNHBRI.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqNHBRI]
urqNHBRI.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2004-10-22 15:44 393216 C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\thrones.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\JVTorrent\\btdownloadgui.exe"=
"C:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"C:\\Program Files\\Steam\\steamapps\\rambobaseball\\day of defeat source\\hl2.exe"=
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\patriots.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Microprose\\Risk II\\RiskII.exe"=
"C:\\Program Files\\WarZone\\LobbyClient.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\French\\setup.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R1 mchInjDrv;madCodeHook DLL injection driver;C:\WINDOWS\system32\Drivers\mchInjDrv.sys [2007-12-31 09:16]
R2 LicCtrlService;LicCtrl Service;C:\WINDOWS\runservice.exe [2008-05-21 11:14]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 15:58]
S3 NAL;Nal Service ;C:\WINDOWS\system32\Drivers\iqvw32.sys [2004-11-02 16:12]
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2002-10-15 23:41]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-23 21:42:01 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
"2008-05-23 20:58:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
ComboFix 08-05-21.3 - Yannick 2008-05-23 17:25:18.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.237 [GMT -4:00]
Endroit: C:\Documents and Settings\Yannick\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Adssite Games Collection
C:\Program Files\Adssite Games Collection\BattlesOfHelicopters.exe
C:\Program Files\Adssite Games Collection\BobAndBill.exe
C:\Program Files\Adssite Games Collection\CrazyBlocks.exe
C:\Program Files\Adssite Games Collection\Lines.exe
C:\Program Files\Adssite Games Collection\uninstall.exe
C:\Program Files\Adssite Games Collection\VideoPool.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\adssite-remove.exe
C:\WINDOWS\system32\byXPFxVl.dll
C:\WINDOWS\system32\citepksh.ini
C:\WINDOWS\system32\gzmrot-uninst.exe
C:\WINDOWS\system32\gzmrt.dll
C:\WINDOWS\system32\lVxFPXyb.ini
C:\WINDOWS\system32\lVxFPXyb.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nprcajpu.ini
C:\WINDOWS\system32\piejgvrq.ini
C:\WINDOWS\system32\rightonadz-uninst.exe
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-23 to 2008-05-23 ))))))))))))))))))))))))))))))))))))
.
2008-05-23 13:34 . 2004-08-20 01:11 4,190,352 --a------ C:\WINDOWS\system32\dllcache\luna.mst
2008-05-23 11:57 . 2008-05-23 11:57 <REP> d-------- C:\WINDOWS\ERUNT
2008-05-23 11:49 . 2008-05-23 12:29 <REP> d-------- C:\SDFix
2008-05-23 11:39 . 2008-05-23 11:39 <REP> d-------- C:\WINDOWS\resources
2008-05-23 11:09 . 2001-08-23 17:47 86,097 --a------ C:\WINDOWS\system32\dllcache\reslog32.dll
2008-05-23 11:09 . 2004-08-03 23:10 59,648 --a------ C:\WINDOWS\system32\dllcache\rfcomm.sys
2008-05-23 11:09 . 2001-08-17 20:12 37,563 --a------ C:\WINDOWS\system32\dllcache\rlnet5.sys
2008-05-23 11:09 . 2001-08-23 17:47 23,040 --a------ C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2008-05-23 11:09 . 2004-08-05 13:00 15,360 --a------ C:\WINDOWS\system32\dllcache\register.exe
2008-05-23 11:09 . 2004-08-03 22:41 13,776 --a------ C:\WINDOWS\system32\dllcache\recagent.sys
2008-05-23 11:08 . 2001-08-23 17:18 899,914 --a------ C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-05-23 11:08 . 2001-08-23 17:18 715,530 --a------ C:\WINDOWS\system32\dllcache\r2mdmkxx.sys
2008-05-23 11:08 . 2004-08-05 13:00 77,824 --a------ C:\WINDOWS\system32\dllcache\quick.ime
2008-05-23 11:08 . 2001-08-23 17:47 41,984 --a------ C:\WINDOWS\system32\dllcache\qvusd.dll
2008-05-23 11:08 . 2004-08-05 13:00 20,736 --a------ C:\WINDOWS\system32\dllcache\ramdisk.sys
2008-05-23 11:08 . 2001-08-17 21:51 19,584 --a------ C:\WINDOWS\system32\dllcache\rasirda.sys
2008-05-23 11:08 . 2004-08-05 13:00 16,896 --a------ C:\WINDOWS\system32\dllcache\quser.exe
2008-05-23 11:08 . 2004-08-05 13:00 10,240 --a------ C:\WINDOWS\system32\dllcache\query.exe
2008-05-23 11:08 . 2004-08-03 23:00 6,016 --a------ C:\WINDOWS\system32\dllcache\qic157.sys
2008-05-23 11:08 . 2001-08-17 21:53 3,328 --a------ C:\WINDOWS\system32\dllcache\qv2kux.sys
2008-05-23 11:06 . 2004-08-05 13:00 482,304 --a------ C:\WINDOWS\system32\dllcache\pintlgnt.ime
2008-05-23 11:05 . 2001-08-17 22:05 351,616 --a------ C:\WINDOWS\system32\dllcache\ovcodek2.sys
2008-05-23 11:04 . 2001-08-17 20:50 198,144 --a------ C:\WINDOWS\system32\dllcache\nv3.sys
2008-05-23 11:03 . 2004-08-04 00:47 132,695 --a------ C:\WINDOWS\system32\dllcache\netwlan5.sys
2008-05-23 11:02 . 2004-08-05 13:00 1,875,968 --a------ C:\WINDOWS\system32\dllcache\msir3jp.lex
2008-05-23 11:01 . 2001-08-17 21:28 802,683 --a------ C:\WINDOWS\system32\dllcache\ltsm.sys
2008-05-23 11:00 . 2004-08-05 13:00 1,158,818 --a------ C:\WINDOWS\system32\dllcache\korwbrkr.lex
2008-05-23 10:59 . 2004-08-04 00:54 154,112 --a------ C:\WINDOWS\system32\dllcache\irftp.exe
2008-05-23 10:58 . 2004-08-05 13:00 811,064 --a------ C:\WINDOWS\system32\dllcache\imjp81k.dll
2008-05-23 10:57 . 2004-08-05 13:00 13,463,552 --a------ C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-05-23 10:56 . 2001-08-17 21:28 542,879 --a------ C:\WINDOWS\system32\dllcache\hsf_msft.sys
2008-05-23 10:55 . 2001-08-23 17:19 908,000 --a------ C:\WINDOWS\system32\dllcache\hcf_msft.sys
2008-05-23 10:54 . 2001-08-23 17:46 1,733,120 --a------ C:\WINDOWS\system32\dllcache\g400d.dll
2008-05-23 10:53 . 2001-08-23 17:16 596,319 --a------ C:\WINDOWS\system32\dllcache\es56cvmp.sys
2008-05-23 10:52 . 2001-08-23 17:13 634,166 --a------ C:\WINDOWS\system32\dllcache\el656ct5.sys
2008-05-23 10:51 . 2001-08-17 20:14 952,007 --a------ C:\WINDOWS\system32\dllcache\diwan.sys
2008-05-23 10:50 . 2008-05-23 10:50 <REP> d-------- C:\Program Files\Trend Micro
2008-05-23 10:50 . 2001-08-23 17:47 422,429 --a------ C:\WINDOWS\system32\dllcache\dgconfig.dll
2008-05-23 10:49 . 2004-08-04 00:54 252,416 --a------ C:\WINDOWS\system32\dllcache\ctmasetp.dll
2008-05-23 10:48 . 2004-08-05 13:00 1,677,824 --a------ C:\WINDOWS\system32\dllcache\chsbrkr.dll
2008-05-23 10:47 . 2001-08-23 17:03 715,466 --a------ C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
2008-05-23 10:46 . 2004-08-04 00:40 274,944 --a------ C:\WINDOWS\system32\dllcache\bthport.sys
2008-05-23 10:45 . 2001-08-17 21:28 871,388 --a------ C:\WINDOWS\system32\dllcache\bcmdm.sys
2008-05-23 10:44 . 2004-08-04 00:54 870,784 --a------ C:\WINDOWS\system32\dllcache\ati3d1ag.dll
2008-05-23 10:43 . 2001-08-17 21:28 762,780 --a------ C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-05-23 10:42 . 2004-05-13 00:39 876,653 --a------ C:\WINDOWS\system32\dllcache\fp4awel.dll
2008-05-23 10:41 . 2003-03-24 15:52 188,480 --a------ C:\WINDOWS\system32\dllcache\cfgwiz.exe
2008-05-23 10:41 . 2003-03-24 15:52 20,540 --a------ C:\WINDOWS\system32\dllcache\author.dll
2008-05-23 10:41 . 2003-03-24 15:52 20,540 --a------ C:\WINDOWS\system32\dllcache\admin.dll
2008-05-23 10:41 . 2003-03-24 15:52 16,439 --a------ C:\WINDOWS\system32\dllcache\author.exe
2008-05-23 10:41 . 2003-03-24 15:52 16,439 --a------ C:\WINDOWS\system32\dllcache\admin.exe
2008-05-23 09:51 . 2008-05-23 09:49 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-05-23 09:47 . 2008-05-23 09:51 <REP> d-------- C:\Documents and Settings\Yannick\.housecall6.6
2008-05-23 09:26 . 2008-05-23 09:26 90,624 --a------ C:\WINDOWS\system32\qrvgjeip.dll
2008-05-22 16:50 . 2008-05-23 13:39 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-22 16:50 . 2008-05-22 16:50 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-22 08:41 . 2008-05-22 08:41 77,613 --a------ C:\WINDOWS\system32\scui.cpl
2008-05-21 17:45 . 2008-05-21 17:45 <REP> d-------- C:\Program Files\LabelCommand
2008-05-21 15:55 . 2008-05-21 15:57 <REP> d-------- C:\Documents and Settings\Yannick\Application Data\SpyGuarder
2008-05-21 15:54 . 2008-05-21 15:54 27,648 --a------ C:\Documents and Settings\Yannick\redir.dll
2008-05-21 15:36 . 2008-05-22 09:19 <REP> d-------- C:\Documents and Settings\Yannick\Application Data\TmpRecentIcons
2008-05-21 13:11 . 2008-05-21 11:43 94,208 --a------ C:\WINDOWS\elsq.exe
2008-05-21 11:15 . 2008-05-21 11:15 122,880 --a------ C:\WINDOWS\lcmmfu.cpl
2008-05-21 11:15 . 2008-05-23 17:33 1,217 --ahs---- C:\WINDOWS\system32\mmf.sys
2008-05-21 11:14 . 2008-05-21 11:14 48,640 --a------ C:\WINDOWS\mmfs.dll
2008-05-21 11:14 . 2008-05-21 11:14 2,560 --a------ C:\WINDOWS\Runservice.exe
2008-05-21 11:13 . 2008-05-21 11:13 <REP> d-------- C:\Program Files\Battlefront
2008-05-20 20:15 . 2008-05-20 20:15 <REP> d-------- C:\Program Files\DAEMON Tools
2008-05-20 20:15 . 2008-05-20 20:15 223,128 --a------ C:\WINDOWS\system32\drivers\dtscsi.sys
2008-05-20 19:15 . 2008-05-20 19:15 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-05-20 19:14 . 2008-05-20 19:14 <REP> d-------- C:\Documents and Settings\Yannick\Application Data\DAEMON Tools
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-23 21:33 35,766,560 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-05-23 21:32 678,432 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-05-23 21:31 64,628 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-05-23 21:31 480,068 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-05-23 17:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-23 16:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-23 15:29 4,498 ----a-w C:\WINDOWS\system32\tmp.reg
2008-05-23 13:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-05-19 01:40 82,944 ----a-w C:\WINDOWS\system32\IEDFix.exe
2008-05-19 01:40 82,944 ----a-w C:\WINDOWS\system32\404Fix.exe
2008-05-16 03:22 86,528 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-04-26 18:09 --------- d-----w C:\Program Files\LimeWire
2008-04-17 15:05 96,645 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-04-17 15:05 87,941 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-04-07 22:12 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-23 18:57 --------- d-----w C:\Program Files\WarZone
2008-03-23 18:56 --------- d-----w C:\Documents and Settings\Yannick\Application Data\WarZone
2008-03-23 11:15 499,200 ----a-w C:\WINDOWS\system32\WZDPlay.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-18 16:43 84,729 ----a-w C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
2008-03-13 16:35 60,416 ----a-w C:\WINDOWS\system32\rgtndz.dll
2008-03-04 00:18 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-03-01 22:28 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-03-01 18:01 46,300 ----a-w C:\WINDOWS\system32\AdssiteSocial-uninstall.exe
2008-02-29 08:57 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-19 00:49 284 ----a-w C:\Documents and Settings\Yannick\Application Data\ViewerApp.dat
2007-12-15 15:50 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-10-29 13:12 42,952 ----a-w C:\Documents and Settings\Yannick\Application Data\GDIPFONTCACHEV1.DAT
2005-09-25 14:25 90,702 ----a-w C:\Documents and Settings\Yannick\BlindTop.zip
2005-09-25 14:25 74,052 ----a-w C:\Documents and Settings\Yannick\ZapWars.zip
2005-09-25 14:25 255,840 ----a-w C:\Documents and Settings\Yannick\Raj.zip
2005-09-19 20:58 298 ----a-w C:\Program Files\INSTALL.LOG
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{09A78B33-C7F6-465D-9CCA-98D5B98B78CB}]
C:\WINDOWS\system32\urqNHBRI.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18CB1A7B-94CD-4582-8022-ADA16851E44B}]
2008-03-27 08:57 247296 --a------ C:\Program Files\LabelCommand\LabelCommand.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3642B57-3EA8-4EEA-A643-9DE138381A57}]
2008-05-21 15:54 27648 --a------ C:\Documents and Settings\Yannick\redir.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04 1415824]
"MsnMsgr"="~C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-01-18 18:07 196608]
"LDM"="\Program\BackWeb-8876480.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-21 20:10 68856]
"MétéoIMédia"="C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe" [ ]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-07-25 16:35 102512]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 20:10 1688872]
"SpyGuarder"="C:\Documents and Settings\Yannick\spyguarder.exe" [ ]
"KvmSecure.exe"="C:\Program Files\KvmSecure\KvmSecure.exe" [ ]
"WinSpywareProtect (ver. 5.1)"="C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 00:20 339968 C:\WINDOWS\STSYSTRA.EXE]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 23:32 53248]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"Mercora"="C:\Program Files\Mercora\MercoraClient.exe" [ ]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 12:52 221184]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 18:37 217088]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 18:47 458752]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 17:50 81920]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 17:50 221184]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 17:19 53248]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 02:05 127035]
"StandardInstall"="" []
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 02:02 86016]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [ ]
"TXP"="c:\program files\topthemesxp\txp.exe" [ ]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-12 21:40 185632]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00 267064]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 15:21 2213160]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-11-08 18:00 128920]
"38fa179e"="C:\WINDOWS\system32\qrvgjeip.dll" [2008-05-23 09:26 90624]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 13:51 218376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RealUpgradeHelper"="C:\Program Files\Fichiers communs\Real\Update_OB\upgrdhlp.exe" [2007-09-12 21:40 335872]
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Documents and Settings\Yannick\Mes documents\Mes images\Famille Tremblay\graduation nelly\30 juin 2007 071.jpg
FriendlyName=
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
Source= C:\Documents and Settings\Yannick\Mes documents\Mes images\Famille Tremblay\noel maison 2006\fete Yan et Noemy 038.jpg
FriendlyName=
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 14:11 233472]
"{09A78B33-C7F6-465D-9CCA-98D5B98B78CB}"= C:\WINDOWS\system32\urqNHBRI.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqNHBRI]
urqNHBRI.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2004-10-22 15:44 393216 C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\thrones.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\JVTorrent\\btdownloadgui.exe"=
"C:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"C:\\Program Files\\Steam\\steamapps\\rambobaseball\\day of defeat source\\hl2.exe"=
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\patriots.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Microprose\\Risk II\\RiskII.exe"=
"C:\\Program Files\\WarZone\\LobbyClient.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\French\\setup.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R1 mchInjDrv;madCodeHook DLL injection driver;C:\WINDOWS\system32\Drivers\mchInjDrv.sys [2007-12-31 09:16]
R2 LicCtrlService;LicCtrl Service;C:\WINDOWS\runservice.exe [2008-05-21 11:14]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 15:58]
S3 NAL;Nal Service ;C:\WINDOWS\system32\Drivers\iqvw32.sys [2004-11-02 16:12]
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2002-10-15 23:41]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-23 21:42:01 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
"2008-05-23 20:58:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
A voir également:
- Rapport combofix pour debuger internet explor
- Internet explorer - Guide
- Internet explorer 11 - Télécharger - Navigateurs
- Internet explorer 8 - Télécharger - Navigateurs
- Internet explorer 10 - Télécharger - Navigateurs
- Gps sans internet - Guide
1 réponse
voici egalement mon rapport hijack
jackThis v2.0.2
Scan saved at 21:12, on 2008-05-23
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Yannick\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {09A78B33-C7F6-465D-9CCA-98D5B98B78CB} - C:\WINDOWS\system32\urqNHBRI.dll (file missing)
O2 - BHO: LabelCommand module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - C:\Program Files\LabelCommand\LabelCommand.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {F3642B57-3EA8-4EEA-A643-9DE138381A57} - C:\Documents and Settings\Yannick\redir.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Mercora] "C:\Program Files\Mercora\MercoraClient.exe" -startup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TXP] c:\program files\topthemesxp\txp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [38fa179e] rundll32.exe "C:\WINDOWS\system32\qrvgjeip.dll",b
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [SpyGuarder] C:\Documents and Settings\Yannick\spyguarder.exe
O4 - HKCU\..\Run: [KvmSecure.exe] C:\Program Files\KvmSecure\KvmSecure.exe
O4 - HKCU\..\Run: [WinSpywareProtect (ver. 5.1)] "C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Fichiers communs\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|6.0" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Fichiers communs\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|6.0" (User 'Default user')
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: urqNHBRI - urqNHBRI.dll (file missing)
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O24 - Desktop Component 0: (no name) - C:\Documents and Settings\Yannick\Mes documents\Mes images\Famille Tremblay\graduation nelly\30 juin 2007 071.jpg
O24 - Desktop Component 1: (no name) - C:\Documents and Settings\Yannick\Mes documents\Mes images\Famille Tremblay\noel maison 2006\fete Yan et Noemy 038.jpg
jackThis v2.0.2
Scan saved at 21:12, on 2008-05-23
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Yannick\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {09A78B33-C7F6-465D-9CCA-98D5B98B78CB} - C:\WINDOWS\system32\urqNHBRI.dll (file missing)
O2 - BHO: LabelCommand module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - C:\Program Files\LabelCommand\LabelCommand.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {F3642B57-3EA8-4EEA-A643-9DE138381A57} - C:\Documents and Settings\Yannick\redir.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Mercora] "C:\Program Files\Mercora\MercoraClient.exe" -startup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TXP] c:\program files\topthemesxp\txp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [38fa179e] rundll32.exe "C:\WINDOWS\system32\qrvgjeip.dll",b
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [SpyGuarder] C:\Documents and Settings\Yannick\spyguarder.exe
O4 - HKCU\..\Run: [KvmSecure.exe] C:\Program Files\KvmSecure\KvmSecure.exe
O4 - HKCU\..\Run: [WinSpywareProtect (ver. 5.1)] "C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Fichiers communs\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|6.0" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Fichiers communs\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|6.0" (User 'Default user')
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: urqNHBRI - urqNHBRI.dll (file missing)
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O24 - Desktop Component 0: (no name) - C:\Documents and Settings\Yannick\Mes documents\Mes images\Famille Tremblay\graduation nelly\30 juin 2007 071.jpg
O24 - Desktop Component 1: (no name) - C:\Documents and Settings\Yannick\Mes documents\Mes images\Famille Tremblay\noel maison 2006\fete Yan et Noemy 038.jpg
