Encore les fenêtre indésirables...

Résolu
Gingin_89 Messages postés 38 Statut Membre -  
ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   -
Bonjour,

Il y a plusieurs jours que des fenêtre de pub s'ouvre. Comment arrêter ces interventions de pub. J'ai HiJackThis cependant je ne sais pas quoi supprimer. Pouvez-vous m'aider?
Configuration: Windows XP
Internet Explorer 7.0

17 réponses

  1. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Bonsoir

    pour commencer

    Télécharge sur le Bureau HijackThis

    http://download.hijackthis.eu/HJTInstall.exe

    = Double-clic dessus pour l'installer
    = Clic Do a system scan and save the log
    = Colle le rapport
    si problème voir l'aide
    http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

    @+
    0
  2. Gingin_89 Messages postés 38 Statut Membre 4
     
    ok voici le rapport:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:40:08, on 2008-06-26
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
    C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    C:\Program Files\iPod\bin\iPodService.exe
    c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\HP\KBD\KBD.EXE
    C:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = https://internetsearchservice.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = https://internetsearchservice.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking9\Ereg.ini
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [20a01854] rundll32.exe "C:\WINDOWS\system32\tkdepdkc.dll",b
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [BM23932bc8] Rundll32.exe "C:\WINDOWS\system32\lbixvkxy.dll",s
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
    O18 - Protocol: bw+0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    0
  3. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Bonjour

    Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
    http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
    Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec

    ------
    = Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
    Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.

    Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
    Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
    -------

    = Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
    = Appuie sur Y pour commencer le processus de nettoyage.
    = Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
    = Appuie sur une touche pour redémarrer le PC.
    = Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
    = Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
    = Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
    = Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
    = Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse

    ensuite

    Télécharge malwarebytes
    http://www.malwarebytes.org/mbam/program/mbam-setup.exe
    Une aide pour l'installation
    http://www.swl1f.net/viewtopic.php?f=14&t=68

    => Installe le
    => Ensuite va en mode sans echec

    Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
    Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel

    => Lance malwarebytes
    => Coche "Executer un examen complet"
    => Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
    => Clique sur Supprimer la sélection
    => Pour poster le rapport Clique sur l'onglet Rapports/Logs, sélectionne celui t'intéresse et clique sur Ouvrir
    => Fait copier coller et poste le rapport

    --------------------------

    ensuite

    * Télécharge CCleaner
    https://filehippo.com/download_ccleaner/
    => Aide toi de ce tuto pour l'utiliser
    http://www.swl1f.net/viewtopic.php?f=14&t=69

    --------------------------

    Ensuite refais un nouveau rapport HijackThis stp
    @+

    0
  4. Gingin_89 Messages postés 38 Statut Membre 4
     
    Voici le rapport SDfix:

    [b]SDFix: Version 1.197 [/b]
    Run by HP_Administrateur on 2008-06-27 at 17:09

    Microsoft Windows XP [version 5.1.2600]
    Running From: C:\DOCUME~1\HP_ADM~1\Bureau\SDFix

    [b]Checking Services [/b]:

    Restoring Default Security Values
    Restoring Default Hosts File

    Rebooting

    [b]Checking Files [/b]:

    Trojan Files Found:

    C:\WINDOWS\system32\ssqPfgdA.dll - Deleted
    C:\WINDOWS\system32\WINWIL32.dll - Deleted
    C:\Documents and Settings\HP_Administrateur\Mes documents\My Documents.url - Deleted
    C:\Documents and Settings\HP_Administrateur\Mes documents\Ma musique\My Music.url - Deleted
    C:\Documents and Settings\HP_Administrateur\Mes documents\Mes images\My Pictures.url - Deleted
    C:\Documents and Settings\HP_Administrateur\Mes documents\Mes vid‚os\My Video.url - Deleted

    Removing Temp Files

    [b]ADS Check [/b]:

    [b]Final Check [/b]:

    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-27 17:26:35
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0

    scanning hidden registry entries ...

    scanning hidden files ...

    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 1098 bytes hidden from API

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 1

    [b]Remaining Services [/b]:

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
    "C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe:*:Enabled:Updates from HP"
    "C:\\Program Files\\Services en ligne\\AOL\\waol.exe"="C:\\Program Files\\Services en ligne\\AOL\\waol.exe:*:Enabled:AOL Canada"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
    "C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
    "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe"="C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate"
    "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe"="C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate Dedicated Server"
    "C:\\DOCUME~1\\HP_ADM~1\\LOCALS~1\\Temp\\win48.exe"="C:\\DOCUME~1\\HP_ADM~1\\LOCALS~1\\Temp\\win48.exe:*:Enabled:win48"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%ProgramFiles%\\iTunes\\iTunes.exe"="%ProgramFiles%\\iTunes\\iTunes.exe:*:enabled:iTunes"
    "C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe:*:Enabled:Updates from HP"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

    [b]Remaining Files [/b]:

    File Backups: - C:\DOCUME~1\HP_ADM~1\Bureau\SDFix\backups\backups.zip

    [b]Files with Hidden Attributes [/b]:

    Wed 12 Mar 2008 211 A.SHR --- "C:\BOOT.BAK"
    Thu 13 Mar 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
    Wed 7 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT5D.tmp"
    Thu 13 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ad213d081e2675ef87a62c73b8abf209\BIT1.tmp"

    [b]Finished![/b]
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Gingin_89 Messages postés 38 Statut Membre 4
     
    Voici le rapport Malwarebytes:

    Malwarebytes' Anti-Malware 1.18
    Version de la base de données: 870

    15:41:26 2008-06-28
    mbam-log-6-28-2008 (15-41-26).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 282080
    Temps écoulé: 2 hour(s), 54 minute(s), 39 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 12
    Valeur(s) du Registre infectée(s): 12
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 26

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ExplNetProjowser Helper Objects\{7c109800-a5d5-438f-9640-18d17e168b88} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DataDisp32 (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM23932bc8 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3GSXAC8P\rxlyddhv[1].htm (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\5AZOFST2\nkxbc[1].htm (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\9045YU0K\plmzrevwn[1].txt (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\A8XXCDR1\dsuper[1].htm (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\E5007NH7\vsskkbc[1].htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FL37DGZ2\dsuper1[1].htm (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\G27P0PR4\rxlyddhv[1].htm (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\KQTLPNL3\nkxbc[1].htm (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\L7XWVAM5\vsskkbc[1].htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP114\A0025938.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP114\A0025939.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP114\A0025940.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP114\A0025971.exe (Rogue.VirusHeat) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP121\A0030457.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP123\A0030975.dll (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP123\A0030996.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP126\A0032627.dll (Trojan.BHO) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP85\A0020346.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP85\A0020362.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP85\A0020364.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP85\A0020365.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP87\A0021330.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D914ACD5-1321-4D0E-A2F6-861E2DFB47B4}\RP87\A0021344.dll (Trojan.BHO) -> Quarantined and deleted successfully.
    C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mfbddfoa.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
    0
  7. Gingin_89 Messages postés 38 Statut Membre 4
     
    Et finallement le rapport HiJackThis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:58:58, on 2008-06-28
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
    c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\WINDOWS\ALCWZRD.EXE
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
    O2 - BHO: (no name) - {16E746CD-096C-4137-B78B-81FD6E2FDA3C} - C:\WINDOWS\system32\AudPlaye.dll
    O2 - BHO: (no name) - {1F34EAF0-2919-4C85-B734-E267BD31EF99} - C:\WINDOWS\system32\AudPlaye.dll
    O2 - BHO: (no name) - {3435D860-2E0E-4C8A-9916-C66BB1E599C2} - C:\WINDOWS\system32\AudPlaye.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: {7443d6fb-d875-e419-e294-2de97d9a4777} - {7774a9d7-9ed2-492e-914e-578dbf6d3447} - C:\WINDOWS\system32\dksoux.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking9\Ereg.ini
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O18 - Protocol: bw+0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    0
  8. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    ok

    Télécharge DiagHelp.zip sur ton bureau http://www.malekal.com/download/DiagHelp.zip
    ==> Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout
    ==> Un nouveau dossier chercher va être créé DiagHelp
    ==> Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
    ==> Une fenêtre va s'ouvrir, choisis l'option 1
    ==> L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
    ==> Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
    ==> Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
    ==> A nouveau menu Edition / copier
    ==> Dans un nouveau message ici, faire un clic droit / coller
    @+
    0
  9. Gingin_89 Messages postés 38 Statut Membre 4
     
    Voici le rapport DiagHelp:

    DiagHelp version v1.4 - http://www.malekal.com
    excute le 2008-06-28 à 16:11:25,42

    Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
    C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->2008-06-28 16:10:45
    C:\WINDOWS\prefetch\WLLOGINPROXY.EXE-090074F0.pf -->2008-06-28 16:07:46
    C:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->2008-06-28 16:07:35
    C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->2008-06-28 16:05:26
    C:\WINDOWS\prefetch\IGFXSRVC.EXE-1D88F978.pf -->2008-06-28 16:05:04
    C:\WINDOWS\prefetch\NOTEPAD.EXE-2F2D61E1.pf -->2008-06-28 16:04:19
    C:\WINDOWS\prefetch\CALC.EXE-02A5B4B1.pf -->2008-06-28 16:03:54
    C:\WINDOWS\prefetch\WMIPRVSE.EXE-0D449B4F.pf -->2008-06-28 15:59:07
    C:\WINDOWS\prefetch\CTFMON.EXE-05E57A5E.pf -->2008-06-28 15:47:00
    C:\WINDOWS\prefetch\ISSCH.EXE-2EFA1349.pf -->2008-06-28 15:46:58

    C:\WINDOWS\System32\drivers\secdrv.sys -->2008-06-27 18:45:10
    C:\WINDOWS\System32\drivers\mbamcatchme.sys -->2008-06-19 17:48:04
    C:\WINDOWS\System32\drivers\mbam.sys -->2008-06-19 17:47:58
    C:\WINDOWS\System32\drivers\bthport.sys -->2008-06-14 13:59:52
    C:\WINDOWS\System32\drivers\rmcast.sys -->2008-05-08 08:28:49
    C:\WINDOWS\System32\drivers\sptd.sys -->2008-03-30 16:14:15
    C:\WINDOWS\System32\drivers\scdemu.sys -->2008-03-14 02:04:29

    C:\WINDOWS\System32\d3d8caps.dat -->2008-06-27 17:51:51
    C:\WINDOWS\System32\ckdpedkt.ini -->2008-06-27 13:03:43
    C:\WINDOWS\System32\extbcgow.dll -->2008-06-27 13:02:59
    C:\WINDOWS\System32\dksoux.dll -->2008-06-27 13:02:59
    C:\WINDOWS\System32\aclsqhlw.dll -->2008-06-27 13:00:24
    C:\WINDOWS\System32\wgmgaqlm.dll -->2008-06-26 16:39:05
    C:\WINDOWS\System32\bnjxdoic.dll -->2008-06-26 16:36:49
    C:\WINDOWS\System32\2b83dc2a-.txt -->2008-06-26 16:36:17
    C:\WINDOWS\System32\mcrh.tmp -->2008-06-26 15:05:25
    C:\WINDOWS\System32\wglpsjrp.ini -->2008-06-26 11:47:23
    C:\WINDOWS\System32\hshyercg.dll -->2008-06-26 11:47:03
    C:\WINDOWS\System32\lbixvkxy.dll -->2008-06-26 11:45:09
    C:\WINDOWS\System32\tmp.txt -->2008-06-26 09:20:24
    C:\WINDOWS\System32\tmp.reg -->2008-06-26 09:20:24
    C:\WINDOWS\System32\lwockxsw.dll -->2008-06-25 10:05:04
    C:\WINDOWS\System32\khoxxvoj.dll -->2008-06-25 10:04:34
    C:\WINDOWS\System32\ocqnnwbq.ini -->2008-06-25 10:03:14
    C:\WINDOWS\System32\mapisvc.inf -->2008-06-24 22:01:03
    C:\WINDOWS\System32\ksbpiqfi.dll -->2008-06-24 20:06:22
    C:\WINDOWS\System32\FNTCACHE.DAT -->2008-06-22 10:23:33
    C:\WINDOWS\System32\wpa.dbl -->2008-06-20 17:07:56
    C:\WINDOWS\System32\CmdLineExt03.dll -->2008-06-19 17:00:21
    C:\WINDOWS\System32\PerfStringBackup.INI -->2008-06-17 11:31:25
    C:\WINDOWS\System32\perfh00C.dat -->2008-06-17 11:31:25
    C:\WINDOWS\System32\perfh009.dat -->2008-06-17 11:31:25

    C:\WINDOWS\WindowsUpdate.log -->2008-06-28 16:10:32
    C:\WINDOWS\SchedLgU.Txt -->2008-06-28 16:00:00
    C:\WINDOWS\0.log -->2008-06-28 15:44:51
    C:\WINDOWS\QTFont.qfn -->2008-06-28 15:44:40
    C:\WINDOWS\wiadebug.log -->2008-06-28 15:44:33
    C:\WINDOWS\wiaservc.log -->2008-06-28 15:44:32
    C:\WINDOWS\bootstat.dat -->2008-06-28 15:44:04
    C:\WINDOWS\ntbtlog.txt -->2008-06-28 15:42:24
    C:\WINDOWS\pskt.ini -->2008-06-28 12:34:02
    C:\WINDOWS\BM23932bc8.xml -->2008-06-27 15:51:42
    C:\WINDOWS\setupapi.log -->2008-06-27 10:36:54
    C:\WINDOWS\BM23932bc8.txt -->2008-06-26 16:41:14
    C:\WINDOWS\MAPPER.INI -->2008-06-26 16:12:50
    C:\WINDOWS\setupact.log -->2008-06-26 09:23:26
    C:\WINDOWS\FaxSetup.log -->2008-06-25 11:30:39

    winlogon.exe
    Verified: Signed
    svchost.exe
    Verified: Signed
    ws2_32.dll
    Verified: Signed
    user32.dll
    Verified: Signed
    tcpip.sys
    Verified: Signed
    ndis.sys
    Verified: Signed
    null.sys
    Verified: Signed

    ListDLLs v2.25 - DLL lister for Win9x/NT
    Copyright (C) 1997-2004 Mark Russinovich
    Sysinternals - www.sysinternals.com

    ------------------------------------------------------------------------------
    explorer.exe pid: 1996
    Command line: C:\WINDOWS\Explorer.EXE

    Base Size Version Path
    0x44080000 0xd0000 7.00.6000.16674 C:\WINDOWS\system32\WININET.dll
    0x00440000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
    0x43e00000 0x45000 7.00.6000.16674 C:\WINDOWS\system32\iertutil.dll
    0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll
    0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
    0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
    0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
    0x44360000 0x5cd000 7.00.6000.16674 C:\WINDOWS\system32\ieframe.dll
    0x44160000 0x127000 7.00.6000.16674 C:\WINDOWS\system32\urlmon.dll
    0x442b0000 0x3c000 7.00.6000.16674 C:\WINDOWS\system32\webcheck.dll
    0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
    0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
    0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
    0x01f00000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll
    0x67320000 0x2f000 2005.01.0000.0163 C:\PROGRA~1\FICHIE~1\SYMANT~1\ANTISPAM\asOEHook.dll
    0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll
    0x00e30000 0x17000 9.05.0000.1098 C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll
    0x10000000 0x6000 6.03.0002.0116 C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll
    0x7c3a0000 0x7b000 7.10.3077.0000 C:\WINDOWS\system32\MSVCP71.dll
    0x6af30000 0x3d000 103.00.0009.0002 c:\Program Files\Fichiers communs\Symantec Shared\ccL30.dll
    0x05e10000 0x39000 C:\WINDOWS\system32\dksoux.dll
    0x61310000 0x54000 2.00.0500.0000 C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
    0x60e20000 0x8e000 4.05.2003.0120 C:\Program Files\OpenOffice.org 2.4\program\stlport_vc7145.dll
    0x064a0000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
    0x064f0000 0x2e000 C:\Program Files\WinRAR\rarext.dll
    0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
    0x07f10000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
    0x01b70000 0x26000 3.00.0000.4332 C:\WINDOWS\system32\igfxpph.dll
    0x00c20000 0x13000 3.00.0000.4332 C:\WINDOWS\system32\hccutils.DLL
    0x02f20000 0x24000 3.00.0000.4332 C:\WINDOWS\system32\igfxres.dll
    0x06ce0000 0x16f000 3.00.0000.4332 C:\WINDOWS\system32\igfxress.dll
    0x00e00000 0xe000 3.00.0000.4332 C:\WINDOWS\system32\igfxsrvc.dll
    0x01110000 0x10000 1.00.0000.0001 C:\Program Files\LitexMedia\All To MP3 Converter\MP3ShellExt.dll
    0x7c140000 0x103000 7.10.3077.0000 C:\WINDOWS\system32\MFC71.DLL
    0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL
    0x030c0000 0x35000 11.00.0009.0016 c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    0x7c120000 0x19000 7.10.3077.0000 C:\WINDOWS\system32\ATL71.DLL
    0x03170000 0x13000 7.00.0000.0011 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
    0x06e50000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL
    0x034a0000 0x3c000 4.00.0000.0000 C:\Program Files\PowerISO\PWRISOSH.DLL
    0x016a0000 0x8000 1.00.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
    0x41f00000 0x7000 1.01.0000.3917 C:\WINDOWS\system32\asfsipc.dll
    0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL
    0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\system32\wshext.dll
    0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL
    0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL
    0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\system32\wshFR.DLL
    0x36d30000 0x1a000 11.00.6551.0000 C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL

    ListDLLs v2.25 - DLL lister for Win9x/NT
    Copyright (C) 1997-2004 Mark Russinovich
    Sysinternals - www.sysinternals.com

    ------------------------------------------------------------------------------
    winlogon.exe pid: 644
    Command line: winlogon.exe

    Base Size Version Path
    0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
    0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll
    0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
    0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
    0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
    0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL

    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le numéro de série du volume est 20A0-18FB

    Répertoire de C:\WINDOWS\system

    1998-05-07 12:04 52 736 hpsysdrv.exe
    1 fichier(s) 52 736 octets
    0 Rép(s) 132 992 065 536 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le numéro de série du volume est 20A0-18FB

    Répertoire de C:\WINDOWS\system32

    2004-08-10 14:00 6 144 csrss.exe
    1 fichier(s) 6 144 octets
    0 Rép(s) 132 992 065 536 octets libres

    Contenu de Downloaded Program Files
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le numéro de série du volume est 20A0-18FB

    Répertoire de C:\WINDOWS\Downloaded Program Files

    2008-06-17 13:54 <REP> .
    2008-06-17 13:54 <REP> ..
    2004-12-01 21:38 65 desktop.ini
    2008-06-04 19:36 218 DivXPlugin.inf
    2002-07-25 19:13 24 576 dwusplay.dll
    2002-07-25 19:13 196 608 dwusplay.exe
    2007-04-11 14:55 1 292 erma.inf
    2007-05-23 10:57 2 595 888 ImageUploader4.ocx
    2005-02-16 16:15 401 408 isusweb.dll
    2006-06-20 15:44 379 704 MsnPUpld.dll
    2006-06-19 14:40 393 MsnPUpld.inf
    2007-07-30 19:24 295 muweb.inf
    2007-05-10 15:50 334 piczo_fast_uploader.inf
    2006-06-20 15:44 117 560 PURen-us.dll
    2007-01-09 08:30 110 592 PURfr-ca.dll
    2008-03-19 18:36 144 swdir.inf
    14 fichier(s) 3 829 077 octets

    Total des fichiers listés :
    14 fichier(s) 3 829 077 octets
    2 Rép(s) 132 991 803 392 octets libres

    Recherche de rootkit! (Merci S!Ri)

    Recherche d'infections connues

    Export des clefs sensibles..

    Liste des fichiers en exception sur le pare-feu XP SP2

    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
    "C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe:*:Enabled:Updates from HP"
    "C:\\Program Files\\Services en ligne\\AOL\\waol.exe"="C:\\Program Files\\Services en ligne\\AOL\\waol.exe:*:Enabled:AOL Canada"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
    "C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
    "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe"="C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate"
    "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe"="C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate Dedicated Server"
    "C:\\DOCUME~1\\HP_ADM~1\\LOCALS~1\\Temp\\win48.exe"="C:\\DOCUME~1\\HP_ADM~1\\LOCALS~1\\Temp\\win48.exe:*:Enabled:win48"

    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%ProgramFiles%\\iTunes\\iTunes.exe"="%ProgramFiles%\\iTunes\\iTunes.exe:*:enabled:iTunes"
    "C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe:*:Enabled:Updates from HP"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

    Export de la clef SharedTaskScheduler

    [SharedTaskScheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

    exports des policies
    REGEDIT4

    [system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001
    "InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
    63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
    6d,73,73,74,79,6c,65,73,00
    "InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
    73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

    Export des clefs sensibles..
    Rechercher adresses sensibles dans le fichier HOSTS...
    catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-28 16:11:49
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0

    scanning hidden registry entries ...

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
    "TracesProcessed"=dword:00000196

    scanning hidden files ...

    scan completed successfully
    hidden services: 0
    hidden files: 0

    KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

    Process list by traversal of KiWaitListHead

    4 - System
    136 - iTunesHelper.ex
    516 - LVCOMSX.EXE
    620 - csrss.exe
    644 - winlogon.exe
    688 - services.exe
    700 - lsass.exe
    852 - svchost.exe
    908 - svchost.exe
    972 - svchost.exe
    1016 - svchost.exe
    1068 - AppleMobileDevi
    1104 - dllhost.exe
    1148 - svchost.exe
    1172 - iPodService.exe
    1260 - ccProxy.exe
    1312 - SNDSrvc.exe
    1392 - CCEVTMGR.EXE
    1628 - iexplore.exe
    1688 - CCAPP.EXE
    1808 - LVPrcSrv.exe
    1852 - GoogleToolbarNo
    1884 - ctfmon.exe
    1916 - btdna.exe
    1996 - explorer.exe
    2108 - LogitechDesktop
    2200 - MDM.EXE
    2292 - svchost.exe
    2340 - hpqtra08.exe
    2408 - svchost.exe
    2492 - Updates from HP
    2528 - issch.exe
    2636 - mcrdsvc.exe
    2760 - symwsc.exe
    3064 - hpqste08.exe
    3324 - cmd.exe
    3372 - alg.exe

    Total number of processes = 37
    NOTE: Under WinXP, this will not show all processes.

    KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

    Driver/Module list by traversal of PsLoadedModuleList

    804D7000 - \WINDOWS\system32\ntkrnlpa.exe
    806CE000 - \WINDOWS\system32\hal.dll
    F7A88000 - \WINDOWS\system32\KDCOM.DLL
    F7998000 - \WINDOWS\system32\BOOTVID.dll
    F7389000 - spij.sys
    F7A8A000 - \WINDOWS\System32\Drivers\WMILIB.SYS
    F7371000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS
    F7342000 - ACPI.sys
    F7331000 - pci.sys
    F7588000 - ohci1394.sys
    F7598000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
    F75A8000 - isapnp.sys
    F7B50000 - pciide.sys
    F7808000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
    F7A8C000 - viaide.sys
    F7A8E000 - intelide.sys
    F75B8000 - MountMgr.sys
    F7312000 - ftdisk.sys
    F7A90000 - dmload.sys
    F72EC000 - dmio.sys
    F7810000 - PartMgr.sys
    F75C8000 - VolSnap.sys
    F72D4000 - atapi.sys
    F75D8000 - disk.sys
    F75E8000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
    F72B4000 - fltMgr.sys
    F72A2000 - sr.sys
    F7818000 - PxHelp20.sys
    F728B000 - KSecDD.sys
    F71FE000 - Ntfs.sys
    F71D1000 - NDIS.sys
    F71BE000 - sfvfs02.sys
    F7820000 - sfhlp02.sys
    F71AC000 - sfdrv01.sys
    F7191000 - Mup.sys
    F75F8000 - gagp30kx.sys
    F77C8000 - \SystemRoot\system32\DRIVERS\intelppm.sys
    F6AE4000 - \SystemRoot\system32\DRIVERS\ialmnt5.sys
    F6AD0000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
    F6AAB000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
    F78E0000 - \SystemRoot\system32\DRIVERS\usbuhci.sys
    F6A88000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
    F78E8000 - \SystemRoot\system32\DRIVERS\usbehci.sys
    F77D8000 - \SystemRoot\system32\DRIVERS\nic1394.sys
    F6A75000 - \SystemRoot\system32\DRIVERS\Rtlnicxp.sys
    F6993000 - \SystemRoot\system32\DRIVERS\smserial.sys
    F78F0000 - \SystemRoot\System32\Drivers\Modem.SYS
    F697F000 - \SystemRoot\system32\DRIVERS\parport.sys
    F77E8000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
    F7A70000 - \SystemRoot\system32\DRIVERS\PS2.sys
    F78F8000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
    F7900000 - \SystemRoot\system32\DRIVERS\mouclass.sys
    F77F8000 - \SystemRoot\system32\DRIVERS\imapi.sys
    F7648000 - \SystemRoot\system32\DRIVERS\cdrom.sys
    F7658000 - \SystemRoot\system32\DRIVERS\redbook.sys
    F695C000 - \SystemRoot\system32\DRIVERS\ks.sys
    F7A74000 - \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
    F7CD3000 - \SystemRoot\system32\DRIVERS\audstub.sys
    F76B8000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
    F7A80000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
    F6945000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
    F76C8000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
    F76D8000 - \SystemRoot\system32\DRIVERS\raspptp.sys
    F7910000 - \SystemRoot\system32\DRIVERS\TDI.SYS
    F6894000 - \SystemRoot\system32\DRIVERS\psched.sys
    F76E8000 - \SystemRoot\system32\DRIVERS\msgpc.sys
    F7918000 - \SystemRoot\system32\DRIVERS\ptilink.sys
    F7920000 - \SystemRoot\system32\DRIVERS\raspti.sys
    F6863000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
    F7708000 - \SystemRoot\system32\DRIVERS\termdd.sys
    F7AD6000 - \SystemRoot\system32\DRIVERS\swenum.sys
    F680A000 - \SystemRoot\system32\DRIVERS\update.sys
    F715D000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
    F7718000 - \SystemRoot\System32\Drivers\NDProxy.SYS
    AACA1000 - \SystemRoot\system32\drivers\RtkHDAud.sys
    AAC7F000 - \SystemRoot\system32\drivers\portcls.sys
    F7748000 - \SystemRoot\system32\drivers\drmk.sys
    F7758000 - \SystemRoot\system32\DRIVERS\usbhub.sys
    F7AE2000 - \SystemRoot\system32\DRIVERS\USBD.SYS
    F7A38000 - \SystemRoot\system32\drivers\MODEMCSA.sys
    F7AE6000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
    F7CAA000 - \SystemRoot\System32\Drivers\Null.SYS
    F7AE8000 - \SystemRoot\System32\Drivers\Beep.SYS
    F7930000 - \SystemRoot\System32\drivers\vga.sys
    F7AEA000 - \SystemRoot\System32\Drivers\mnmdd.SYS
    F7AEC000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
    F7938000 - \SystemRoot\System32\Drivers\Msfs.SYS
    F7940000 - \SystemRoot\System32\Drivers\Npfs.SYS
    F7A44000 - \SystemRoot\system32\DRIVERS\rasacd.sys
    AAC24000 - \SystemRoot\system32\DRIVERS\ipsec.sys
    AABCC000 - \SystemRoot\system32\DRIVERS\tcpip.sys
    AAB8C000 - \SystemRoot\System32\Drivers\SYMTDI.SYS
    AAB6F000 - \??\C:\Program Files\Symantec\SYMEVENT.SYS
    F7A50000 - \SystemRoot\System32\Drivers\SYMREDRV.SYS
    F7AEE000 - \SystemRoot\System32\Drivers\SYMDNS.SYS
    F7788000 - \SystemRoot\System32\Drivers\SYMNDIS.SYS
    AAB1E000 - \SystemRoot\System32\Drivers\SYMFW.SYS
    F7948000 - \SystemRoot\System32\Drivers\SYMIDS.SYS
    AAAE0000 - \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20080312.001\symidsco.sys
    AAAB8000 - \SystemRoot\system32\DRIVERS\netbt.sys
    AAA96000 - \SystemRoot\System32\drivers\afd.sys
    F7798000 - \SystemRoot\system32\DRIVERS\netbios.sys
    F7950000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
    AA9A4000 - \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys
    F77B8000 - \SystemRoot\System32\Drivers\SCDEmu.SYS
    AA979000 - \SystemRoot\system32\DRIVERS\rdbss.sys
    AA8E2000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
    F7668000 - \SystemRoot\System32\Drivers\Fips.SYS
    AA8C1000 - \SystemRoot\system32\DRIVERS\ipnat.sys
    F7678000 - \SystemRoot\system32\DRIVERS\wanarp.sys
    F7688000 - \SystemRoot\system32\DRIVERS\arp1394.sys
    AA8AE000 - \SystemRoot\system32\DRIVERS\avipbb.sys
    F7AF2000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
    AA88B000 - \SystemRoot\System32\Drivers\Fastfat.SYS
    F76A8000 - \SystemRoot\system32\drivers\lvusbsta.sys
    AA5FA000 - \SystemRoot\system32\DRIVERS\LV561AV.SYS
    F6935000 - \SystemRoot\system32\DRIVERS\STREAM.SYS
    F6925000 - \SystemRoot\System32\Drivers\Cdfs.SYS
    F7968000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS
    F7970000 - \SystemRoot\system32\DRIVERS\usbccgp.sys
    F6915000 - \SystemRoot\system32\drivers\usbaudio.sys
    AAC6F000 - \SystemRoot\system32\DRIVERS\hidusb.sys
    F6905000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    F7978000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    AA5E2000 - \SystemRoot\System32\Drivers\dump_atapi.sys
    F7AF6000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
    BF800000 - \SystemRoot\System32\win32k.sys
    AAB67000 - \SystemRoot\System32\drivers\Dxapi.sys
    F7980000 - \SystemRoot\System32\watchdog.sys
    BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
    F7B57000 - \SystemRoot\System32\drivers\dxgthk.sys
    BF9E3000 - \SystemRoot\System32\ialmdnt5.dll
    BF9D5000 - \SystemRoot\System32\ialmrnt5.dll
    BFA05000 - \SystemRoot\System32\ialmdev5.DLL
    BFA36000 - \SystemRoot\System32\ialmdd5.DLL
    AA4CA000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
    A9E4D000 * --[Hidden]--
    A9FEA000 - \SystemRoot\system32\drivers\sysaudio.sys
    A99C7000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
    A97F6000 - \SystemRoot\System32\Drivers\HTTP.sys
    A977C000 - \SystemRoot\system32\DRIVERS\srv.sys
    A9679000 - \??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS
    A9154000 - \??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS
    A907B000 - \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20080312.003\NavEx15.Sys
    A9068000 - \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20080312.003\NAVENG.Sys
    F7908000 - \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys
    BFFA0000 - \SystemRoot\System32\ATMFD.DLL
    A851F000 - \SystemRoot\system32\drivers\kmixer.sys
    F7BFA000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

    Total number of drivers = 149

    Liste des programmes installes

    1600
    1600_Help
    1600Trb
    Adobe Acrobat 4.0
    Adobe Flash Player ActiveX
    Adobe Reader 7.0 - Français
    Adobe Shockwave Player
    AiO_Scan
    AiOSoftware
    All To MP3 Converter 2.15
    Apple Mobile Device Support
    Apple Software Update
    Archiveur WinRAR
    Assistant de connexion Windows Live
    Audacity 1.2.6
    Avira AntiVir Personal – Free Antivirus
    Berlin Subway
    Blender (remove only)
    BufferChm
    Bus Driver 1.0
    Bus Simulator 2008 Demo
    BVE 4
    CameraDrivers
    CameraDrivers
    CamStudio 2.0 Fr
    Camtasia Studio 5
    CC_ccProxyExt
    ccCommon
    CCleaner (remove only)
    ccPxyCore
    CEP - Color Enable Package
    Chrono LMW 3 avec Protection par mot de passe
    Clue
    Connexion Facile à Internet
    Connexion Facile à Internet
    Correctif Lecteur Windows Media 10 [Voir KB889858 pour plus d'informations]
    Correctif n° 2 pour Windows XP Édition Media Center 2005
    Correctif pour Lecteur Windows Media 11 (KB939683)
    Correctif pour Windows Internet Explorer 7 (KB947864)
    Correctif pour Windows XP (KB888795)
    Correctif pour Windows XP (KB891593)
    Correctif pour Windows XP (KB899337)
    Correctif pour Windows XP (KB899510)
    Correctif pour Windows XP (KB902841)
    Correctif pour Windows XP (KB914440)
    Correctif pour Windows XP (KB935448)
    Correctif Windows XP - KB873339
    Correctif Windows XP - KB883667
    Correctif Windows XP - KB885250
    Correctif Windows XP - KB885354
    Correctif Windows XP - KB885835
    Correctif Windows XP - KB885836
    Correctif Windows XP - KB886185
    Correctif Windows XP - KB887472
    Correctif Windows XP - KB887742
    Correctif Windows XP - KB888113
    Correctif Windows XP - KB888302
    Correctif Windows XP - KB890175
    Correctif Windows XP - KB890859
    Correctif Windows XP - KB891220
    Correctif Windows XP - KB891781
    Correctif Windows XP - KB893066
    Correctif Windows XP - KB895961
    CP_AtenaShokunin1Config
    CP_CalendarTemplates1
    CP_Package_Basic1
    CP_Package_Variety1
    CP_Package_Variety2
    CP_Package_Variety3
    CP_Panorama1Config
    CueTour
    Destinations
    DeviceManagementQFolder
    DirectX Media Runtime 5.1
    DivX Web Player
    DocProc
    DocumentViewer
    DocumentViewerQFolder
    Dragon NaturallySpeaking 9
    Encyclopédie Microsoft Encarta 2005
    EVAG B80C 5103
    Fax
    Firebird SQL Server - MAGIX Edition
    Fly The Airbus A380 v2 for FS2004
    GameSpy Arcade
    GemMaster Mystic
    GIMP 2.4.5
    Google Toolbar for Internet Explorer
    High Definition Audio - KB888111
    HijackThis 2.0.2
    Hotel Solitaire
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    HP Appareils photos Photosmart 5.0
    HP Boot Optimizer
    HP Deskjet Printer Preload
    HP DigitalMedia Archive
    HP Document Viewer 5.3
    HP Image Zone 5.3
    HP Image Zone for Media Center PC
    HP Imaging Device Functions 5.3
    HP Multimedia Keyboard Software
    HP Photosmart 330,380,420,470,7800,8000,8200 Series
    HP PSC & OfficeJet 5.3.B
    HP Software Update
    HP Solution Center & Imaging Support Tools 5.3
    HP Tunes
    HPProductAssistant
    HpSdpAppCoreApp
    Installer
    InstantShareDevices
    Intel(R) Graphics Media Accelerator Driver
    InterVideo WinDVD Player
    InterVideo WinDVD Player
    IsoBuster 2.3
    iTunes
    J2SE Runtime Environment 5.0
    Jasc Animation Shop 3
    Java(TM) 6 Update 4
    Java(TM) 6 Update 5
    KompoZer 0.7.10 (supprimer uniquement)
    Lecteur Windows Media 11
    LeechFTP
    Les Sims 2 : Nuits de Folie
    Les Sims 2 Académie
    Les Sims 2 : La bonne affaire
    Les Sims™ 2 Animaux & Cie
    Les Sims™ 2 Au fil des saisons
    LightScribe 1.4.31.1
    LimeWire 4.18.2
    LiveReg (Symantec Corporation)
    Logiciel QuickCam de Logitech
    Logitech Desktop Messenger
    Malwarebytes' Anti-Malware
    Messenger Plus! Live
    Microsoft .NET Framework 1.0 Hotfix (KB930494)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 French Language Pack
    Microsoft .NET Framework 1.1 Hotfix (KB928366)
    Microsoft .NET Framework 2.0 Service Pack 1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Flight Simulator 2004 Un siècle d'aviation
    Microsoft Halo
    Microsoft Halo Custom Edition
    Microsoft Halo Trial
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office PowerPoint Viewer 2003
    Microsoft Office Standard Edition 2003
    Microsoft Reader Text-to-Speech pour le français
    Microsoft Text-to-Speech Engine 4.0 (English)
    Microsoft Text To Speech Engine 5.1
    Microsoft Train Simulator
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Works
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
    Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
    Mise à jour de sécurité pour Windows XP (KB883939)
    Mise à jour de sécurité pour Windows XP (KB890046)
    Mise à jour de sécurité pour Windows XP (KB893756)
    Mise à jour de sécurité pour Windows XP (KB896358)
    Mise à jour de sécurité pour Windows XP (KB896422)
    Mise à jour de sécurité pour Windows XP (KB896423)
    Mise à jour de sécurité pour Windows XP (KB896428)
    Mise à jour de sécurité pour Windows XP (KB899587)
    Mise à jour de sécurité pour Windows XP (KB899591)
    Mise à jour de sécurité pour Windows XP (KB900725)
    Mise à jour de sécurité pour Windows XP (KB901017)
    Mise à jour de sécurité pour Windows XP (KB901214)
    Mise à jour de sécurité pour Windows XP (KB902400)
    Mise à jour de sécurité pour Windows XP (KB905414)
    Mise à jour de sécurité pour Windows XP (KB905749)
    Mise à jour de sécurité pour Windows XP (KB908519)
    Mise à jour de sécurité pour Windows XP (KB911562)
    Mise à jour de sécurité pour Windows XP (KB911927)
    Mise à jour de sécurité pour Windows XP (KB913580)
    Mise à jour de sécurité pour Windows XP (KB914388)
    Mise à jour de sécurité pour Windows XP (KB914389)
    Mise à jour de sécurité pour Windows XP (KB917344)
    Mise à jour de sécurité pour Windows XP (KB918118)
    Mise à jour de sécurité pour Windows XP (KB918439)
    Mise à jour de sécurité pour Windows XP (KB919007)
    Mise à jour de sécurité pour Windows XP (KB920213)
    Mise à jour de sécurité pour Windows XP (KB920670)
    Mise à jour de sécurité pour Windows XP (KB920683)
    Mise à jour de sécurité pour Windows XP (KB920685)
    Mise à jour de sécurité pour Windows XP (KB922819)
    Mise à jour de sécurité pour Windows XP (KB923191)
    Mise à jour de sécurité pour Windows XP (KB923414)
    Mise à jour de sécurité pour Windows XP (KB923689)
    Mise à jour de sécurité pour Windows XP (KB923980)
    Mise à jour de sécurité pour Windows XP (KB924270)
    Mise à jour de sécurité pour Windows XP (KB924667)
    Mise à jour de sécurité pour Windows XP (KB925902)
    Mise à jour de sécurité pour Windows XP (KB926255)
    Mise à jour de sécurité pour Windows XP (KB926436)
    Mise à jour de sécurité pour Windows XP (KB927779)
    Mise à jour de sécurité pour Windows XP (KB927802)
    Mise à jour de sécurité pour Windows XP (KB928255)
    Mise à jour de sécurité pour Windows XP (KB929123)
    Mise à jour de sécurité pour Windows XP (KB930178)
    Mise à jour de sécurité pour Windows XP (KB931261)
    Mise à jour de sécurité pour Windows XP (KB931784)
    Mise à jour de sécurité pour Windows XP (KB932168)
    Mise à jour de sécurité pour Windows XP (KB933729)
    Mise à jour de sécurité pour Windows XP (KB935839)
    Mise à jour de sécurité pour Windows XP (KB935840)
    Mise à jour de sécurité pour Windows XP (KB936021)
    Mise à jour de sécurité pour Windows XP (KB937894)
    Mise à jour de sécurité pour Windows XP (KB938127)
    Mise à jour de sécurité pour Windows XP (KB938829)
    Mise à jour de sécurité pour Windows XP (KB941202)
    Mise à jour de sécurité pour Windows XP (KB941568)
    Mise à jour de sécurité pour Windows XP (KB941569)
    Mise à jour de sécurité pour Windows XP (KB941644)
    Mise à jour de sécurité pour Windows XP (KB941693)
    Mise à jour de sécurité pour Windows XP (KB943055)
    Mise à jour de sécurité pour Windows XP (KB943460)
    Mise à jour de sécurité pour Windows XP (KB943485)
    Mise à jour de sécurité pour Windows XP (KB944533)
    Mise à jour de sécurité pour Windows XP (KB944653)
    Mise à jour de sécurité pour Windows XP (KB945553)
    Mise à jour de sécurité pour Windows XP (KB946026)
    Mise à jour de sécurité pour Windows XP (KB948590)
    Mise à jour de sécurité pour Windows XP (KB948881)
    Mise à jour de sécurité pour Windows XP (KB950749)
    Mise à jour de sécurité pour Windows XP (KB950760)
    Mise à jour de sécurité pour Windows XP (KB950762)
    Mise à jour de sécurité pour Windows XP (KB951376-v2)
    Mise à jour de sécurité pour Windows XP (KB951376)
    Mise à jour de sécurité pour Windows XP (KB951698)
    Mise à jour pour Lecteur Windows Media 10 (KB913800)
    Mise à jour pour Windows XP (KB894391)
    Mise à jour pour Windows XP (KB898461)
    Mise à jour pour Windows XP (KB900485)
    Mise à jour pour Windows XP (KB904942)
    Mise à jour pour Windows XP (KB908531)
    Mise à jour pour Windows XP (KB910437)
    Mise à jour pour Windows XP (KB911280)
    Mise à jour pour Windows XP (KB916595)
    Mise à jour pour Windows XP (KB920872)
    Mise à jour pour Windows XP (KB922582)
    Mise à jour pour Windows XP (KB927891)
    Mise à jour pour Windows XP (KB930916)
    Mise à jour pour Windows XP (KB932823-v3)
    Mise à jour pour Windows XP (KB936357)
    Mise à jour pour Windows XP (KB938828)
    Mise à jour pour Windows XP (KB942763)
    Mise à jour pour Windows XP (KB942840)
    Mises à jour HP (Supprimer uniquement)
    Monopoly by Parker Brothers
    Motorola SM56 Speakerphone Modem
    Mozilla Firefox (2.0.0.13)
    MSN
    MSRedist
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 Parser and SDK
    muvee autoProducer 4.0
    muvee autoProducer unPlugged 1.1 - HPD
    NASA World Wind 1.4
    NewCopy
    Norton AntiSpam
    Norton AntiVirus 2005
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security 2005 (Symantec Corporation)
    Norton Security Center
    Norton WMI Update
    Norton WMI Update
    Nuance Palm Voice Recorder
    oggcodecs 0.71.0946
    OpenOffice.org 2.4
    Otto
    Pack Vista Inspirat 2 1.0
    PanoStandAlone
    PC-Doctor 5 for Windows
    PC-Doctor 5 for Windows
    PhotoGallery
    PowerISO
    ProductContext
    Programme de gestion Camera de Logitech®
    PS2
    PSPrinters08
    PSTAPlugin
    Python 2.2 pywin32 extensions (build 203)
    Python 2.2.3
    QFolder
    QuickTime
    RandMap
    Rayman
    Rayman Designer
    Readme
    RealPlayer
    Runtimes 1.0.0
    Scan
    ScannerCopy
    Search Settings 1.2
    Security Update for CAPICOM (KB931906)
    Security Update for CAPICOM (KB931906)
    SG Network 1.0
    Sgc 3D Simulator 1.5
    SGCSim v5.1.0
    Shockwave
    Shopping Centre Tycoon
    SkinsHP1
    SolutionCenter
    Sonic Encoders
    Sonic Express Labeler
    Sonic MyDVD Plus
    Sonic RecordNow Audio
    Sonic RecordNow Copy
    Sonic RecordNow Data
    Sonic Update Manager
    Sonic_PrimoSDK
    SPBBC
    Sprunk Screen Saver
    Status
    SWAT 4
    SWAT 4
    SWAT 4 - The Stetchkov Syndicate
    Symantec Network Drivers Update
    SymNet
    The Sims 2
    TrayApp
    Unload
    WebFldrs XP
    WebReg
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Live installer
    Windows Live Messenger
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Movie Maker 2 Winter Fun Pack
    Windows XP Édition Media Center 2005 KB888316
    Windows XP Édition Media Center 2005 KB890629
    Windows XP Media Center Edition 2005 KB895678
    Windows XP Media Center Edition 2005 KB908250
    Windows XP Media Center Edition 2005 KB925766
    Yahoo! Install Manager
    Yahoo! Widgets

    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le numéro de série du volume est 20A0-18FB

    Répertoire de C:\Program Files

    2008-06-27 16:54 <REP> .
    2008-06-27 16:54 <REP> ..
    2008-06-22 14:15 <REP> Abacus
    2008-04-04 16:50 <REP> Adobe
    2008-04-04 18:06 <REP> Apple Software Update
    2008-04-03 18:18 <REP> Audacity
    2008-06-24 22:03 <REP> Avira
    2008-03-18 16:13 <REP> BitTorrent
    2008-05-19 15:17 <REP> Blender Foundation
    2008-05-04 14:30 <REP> Boonty
    2008-05-04 14:30 <REP> BoontyGames
    2008-03-30 13:38 <REP> Bus Driver
    2008-04-23 18:38 <REP> Bus Simulator 2008 Demo
    2008-06-07 10:23 <REP> BVE
    2008-04-07 19:32 <REP> CamStudio
    2008-05-18 15:51 <REP> CCleaner
    2008-04-13 19:49 <REP> Chrono LMW by Lahlou Mehdi
    2008-06-20 13:46 <REP> Clue
    2008-05-07 19:55 <REP> Coffee Tycoon
    2008-03-12 21:08 <REP> ComPlus Applications
    2008-04-28 17:35 <REP> Deep Silver
    2008-06-17 13:54 <REP> DivX
    2008-03-18 16:13 <REP> DNA
    2008-03-19 19:06 <REP> DOSBox-0.72
    2008-06-07 18:41 <REP> EA GAMES
    2008-04-12 12:58 <REP> Easy Internet signup
    2008-05-18 17:49 <REP> Enigma Software Group
    2008-06-25 10:48 <REP> Fichiers communs
    2008-06-04 16:09 <REP> Free Audio Pack
    2008-03-12 21:10 <REP> FrenchOtto
    2008-06-21 16:33 <REP> GameSpy Arcade
    2008-03-12 21:10 <REP> GemMasterFrench
    2008-04-09 17:44 <REP> GIMP-2.0
    2008-03-13 17:34 <REP> Google
    2008-03-30 16:22 <REP> Hasbro
    2008-03-22 12:46 <REP> Hasbro Interactive
    2008-03-12 21:10 <REP> Hewlett-Packard
    2008-06-21 13:07 <REP> HHHT
    2008-06-26 22:46 <REP> Hotel Solitaire
    2008-03-12 21:10 <REP> HP
    2008-03-30 13:28 <REP> illiminable
    2008-06-11 18:33 <REP> Internet Explorer
    2008-03-12 21:12 <REP> InterVideo
    2008-04-04 18:08 <REP> iPod
    2008-04-04 18:08 <REP> iTunes
    2008-05-29 18:35 <REP> Jasc Software Inc
    2008-05-07 20:07 <REP> Java
    2008-03-24 15:15 <REP> KompoZer
    2008-03-24 16:13 <REP> LeechFTP
    2008-06-13 17:35 <REP> LimeWire
    2008-03-30 13:26 <REP> LitexMedia
    2008-03-18 12:11 <REP> Logitech
    2008-05-15 18:25 <REP> mackoy
    2008-06-21 13:07 <REP> MAGIX
    2008-06-27 16:54 <REP> Malwarebytes' Anti-Malware
    2008-03-12 21:13 <REP> Messenger
    2008-06-16 14:32 <REP> Messenger Plus! Live
    2008-03-13 20:46 <REP> Microsoft CAPICOM 2.1.0.2
    2008-03-12 21:13 <REP> Microsoft Encarta
    2008-03-12 21:13 <REP> microsoft frontpage
    2008-06-21 16:32 <REP> Microsoft Games
    2008-03-12 21:15 <REP> Microsoft Office
    2008-03-12 21:13 <REP> Microsoft Visual Studio
    2008-03-12 21:15 <REP> Microsoft Works
    2008-03-12 21:13 <REP> Microsoft.NET
    2008-05-29 19:50 <REP> Movie Maker
    2008-06-20 14:00 <REP> Mozilla Firefox
    2008-03-12 21:16 <REP> MSN
    2008-03-12 21:16 <REP> MSN Gaming Zone
    2008-03-12 22:20 <REP> MSXML 4.0
    2008-03-12 21:16 <REP> muvee Technologies
    2008-03-22 16:48 <REP> NASA
    2008-03-12 21:16 <REP> NetMeeting
    2008-03-13 17:34 <REP> Norton Internet Security
    2008-04-23 19:58 <REP> Nuance
    2008-03-12 21:16 <REP> Online Services
    2008-05-07 20:07 <REP> OpenOffice.org 2.4
    2008-05-23 17:54 <REP> Outlook Express
    2008-03-12 21:16 <REP> PC-Doctor 5 for Windows
    2008-06-03 19:55 <REP> Pixoria
    2008-04-23 19:18 <REP> PowerISO
    2008-04-04 18:07 <REP> QuickTime
    2008-04-13 18:39 <REP> Rail Simulator Demo
    2008-06-17 13:11 <REP> RapidCheck
    2008-03-12 21:17 <REP> Real
    2008-05-04 14:06 <REP> ReflexiveArcade
    2008-06-04 16:05 <REP> Search Settings
    2008-03-12 21:17 <REP> Services en ligne
    2008-04-03 17:46 <REP> SG Network
    2008-03-22 13:52 <REP> sgc_3d_sim
    2008-03-22 13:16 <REP> SGCSim.com
    2008-04-23 16:51 <REP> Sierra
    2008-04-23 19:16 <REP> Smart Projects
    2008-03-12 21:17 <REP> Sonic
    2008-05-12 19:16 <REP> Super_Adventure_Island
    2008-03-13 17:03 <REP> Symantec
    2008-03-13 17:02 <REP> SymNetDrv
    2008-04-09 17:18 <REP> TechSmith
    2008-03-18 16:03 <REP> Trymedia
    2008-03-22 13:38 <REP> Tweak-XP Pro 4
    2008-06-26 22:18 <REP> UberSoldier Demo
    2008-03-13 16:30 <REP> Ubisoft
    2008-03-12 21:18 <REP> Updates from HP
    2008-03-13 16:35 <REP> Windows Live
    2008-03-13 17:40 <REP> Windows Media Connect 2
    2008-03-13 17:40 <REP> Windows Media Player
    2008-03-12 21:18 <REP> Windows NT
    2008-03-12 21:18 <REP> Windows Plus
    2008-05-29 19:56 <REP> Windows XP Fun Pack
    2008-03-16 13:44 <REP> WinRAR
    2008-03-12 21:18 <REP> xerox
    2008-06-03 19:54 <REP> Yahoo!
    0 fichier(s) 0 octets
    112 Rép(s) 132 990 988 288 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le numéro de série du volume est 20A0-18FB

    Répertoire de C:\Program Files\fichiers communs

    2008-06-25 10:48 <REP> .
    2008-06-25 10:48 <REP> ..
    2008-04-04 16:50 <REP> Adobe
    2008-04-04 18:06 <REP> Apple
    2008-03-29 15:42 <REP> BOONTY Shared
    2008-03-12 21:08 <REP> DESIGNER
    2008-05-02 19:51 <REP> DirectX
    2008-03-12 21:08 <REP> Hewlett-Packard
    2008-03-12 21:08 <REP> HP
    2008-03-12 21:08 <REP> InstallShield
    2008-03-12 21:08 <REP> InterVideo
    2008-03-12 21:08 <REP> Java
    2008-04-15 18:12 <REP> L&H
    2008-03-12 21:08 <REP> LightScribe
    2008-03-18 12:13 <REP> Logitech
    2008-06-20 17:31 <REP> MAGIX Shared
    2008-06-10 13:14 <REP> Microsoft Shared
    2008-03-12 21:09 <REP> MSSoap
    2008-03-12 21:09 <REP> muvee Technologies
    2008-04-23 19:58 <REP> Nuance
    2008-03-12 21:09 <REP> ODBC
    2008-03-12 21:09 <REP> Real
    2008-04-23 19:58 <REP> ScanSoft Shared
    2008-03-12 21:10 <REP> Services
    2008-03-12 21:09 <REP> Sonic Shared
    2008-03-12 21:09 <REP> SpeechEngines
    2008-03-12 21:09 <REP> SureThing Shared
    2008-06-26 13:49 <REP> Symantec Shared
    2008-03-13 16:16 <REP> System
    2008-04-09 17:18 <REP> TechSmith Shared
    2008-03-12 21:10 <REP> TiVo Shared
    2008-03-12 21:10 <REP> xing shared
    0 fichier(s) 0 octets
    32 Rép(s) 132 990 984 192 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le numéro de série du volume est 20A0-18FB

    Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

    2008-03-12 21:09 <REP> .
    2008-03-12 21:09 <REP> ..
    2008-03-12 21:09 <REP> 1033
    2008-03-12 21:09 <REP> 1036
    2003-07-11 11:15 1 292 872 MSONSEXT.DLL
    2003-07-15 07:52 35 896 MSOSV.DLL
    1999-06-03 19:09 122 937 MSOWS409.DLL
    2001-03-07 14:00 127 033 MSOWS40c.DLL
    2003-07-11 03:25 80 448 PKMWS.DLL
    5 fichier(s) 1 659 186 octets
    4 Rép(s) 132 990 984 192 octets libres

    c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.6.2.9\iTunesSetupAdmin.exe
    c:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\InstMsiA.Exe
    c:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\InstMsiW.Exe
    c:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\Setup.Exe
    c:\Documents and Settings\HP_Administrateur\Application Data\Microsoft\Installer\{106F886B-A874-43DF-BCC4-01DB57E1F3C6}\IconTmpl5.26D6FF13_F77C_402E_8E96_9E49DFBBAF31.exe
    c:\Documents and Settings\HP_Administrateur\Application Data\Microsoft\Installer\{BF926BD5-83E9-417F-BC56-1AC181A13168}\_536116112E72EA037DAB09.exe
    c:\Documents and Settings\HP_Administrateur\Application Data\Microsoft\Installer\{BF926BD5-83E9-417F-BC56-1AC181A13168}\_EEC233493388189BD62877.exe
    c:\Documents and Settings\HP_Administrateur\Application Data\Microsoft\Installer\{BF926BD5-83E9-417F-BC56-1AC181A13168}\_F9EB7B44663D60860EBCFF.exe
    c:\Documents and Settings\HP_Administrateur\Application Data\Microsoft\Installer\{E52382DC-2E7A-439D-8ECE-A27D8B816645}\_18be6784.exe
    c:\Documents and Settings\HP_Administrateur\Application Data\Microsoft\Installer\{E52382DC-2E7A-439D-8ECE-A27D8B816645}\_294823.exe
    c:\Documents and Settings\HP_Administrateur\Application Data\Microsoft\Installer\{E52382DC-2E7A-439D-8ECE-A27D8B816645}\_4ae13d6c.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\antivir_workstation_winu_en_h.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\FsPassengers_setup0509.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\LimeWireWin.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\mbam-setup.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\message.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\OOo_2.4.0_Win32Intel_install_wJRE_fr.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\sgc3dsim_setup.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\trial_videodeluxe2008_fr.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\WindowsXPMediaCenter2005-KB900325-fr.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\wrar371fr.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\bus_driver_demo\busdriver_setup.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\dhdnetwork_0.2.0\dhdnetwork\dhdnetwork.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\DHDSF02\DHD Simulator Fusion.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\HMT\0xc0000135.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\HMT\HMT.v3.5\HaloMapTools.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\Hospital_Tycoon_2007_Game\7z.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\Hospital_Tycoon_2007_Game\HospitalTycoon.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\Hospital_Tycoon_2007_Game\install.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\Hospital_Tycoon_2007_Game\Uninstall.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\Hospital_Tycoon_2007_Game\GameData\7z.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\message\message(faux messages d'erreurs).exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\MVD\MAGIX.Video.Deluxe.2008.PLUS.ISO.FR\Cerise\MAGIX Video deluxe 2008 PLUS.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\MVD\MAGIX.Video.Deluxe.2008.PLUS.ISO.FR\Patch\virtualdubplugins_packdebase_fr.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\OpenOffice.org 2.4 (fr) Installation Files\instmsia.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\OpenOffice.org 2.4 (fr) Installation Files\instmsiw.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\OpenOffice.org 2.4 (fr) Installation Files\setup.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\OpenOffice.org 2.4 (fr) Installation Files\java\jre-6u4-windows-i586-p.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\Proxomitron_4.5\Proxomitron v4.5.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\public_beta\Puplish_Beta\SGFP_Dial_Sim2004_Beta.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\catchme.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\cliptext.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\download.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\ERUNT.EXE
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\FixPath.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\grep.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\isadmin.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\LS.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\MD5File.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\Process.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\procs.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\psservice.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\RestartIt!.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\sc.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\sed.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\SF.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\shutdown.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\swreg.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\swsc.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\unzip.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\vfind.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\WINMSG.EXE
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\zip.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\Replace\regedit.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\Replace\W2K.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SDFix\apps\Replace\XP.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SGCSim_v5.1.0\setup.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\sgfp_sim_beta2\Puplish_Beta\SGFP_Dial_Sim2004_Beta.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\sgnetwork_1.0_setup\sgnetwork_1.0_setup.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\404Fix.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\dumphive.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\exit.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\GenericRenosFix.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\HostsChk.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\IEDFix.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\Process.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\Reboot.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\restart.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\SmiUpdate.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\SrchSTS.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\swreg.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\swsc.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\swxcacls.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\UIFix.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\unzip.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\VACFix.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\VCCLSID.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\SmitfraudFix\WS2Fix.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\Autres\snes9x-1.43-win32\snes9x.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\catchme.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\diff.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\dumphive.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\find2.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\Fport.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\grep.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\gzip.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\KProcCheck.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\LFiles.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\md5sums.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\pslist.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\sigcheck.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\streams.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\swreg.exe
    c:\Documents and Settings\HP_Administrateur\Bureau\DiagHelp\DiagHelp\tar.exe
    c:\Documents and Settings\HP_Administrateur\Local Settings\Temp\ins1.tmp\LDMClient.exe
    c:\Documents and Settings\HP_Administrateur\Mes documents\Downloads\Appartement.3D.2006.Speciale.Edition.French.iSO-RESET\setup.exe
    c:\Documents and Settings\HP_Administrateur\Mes documents\Downloads\Bus Driver (Crack for English version) working\Crack\busdriver.exe
    c:\Documents and Settings\HP_Administrateur\Mes documents\Down
    0
  10. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    oki c'est partit ;-)

    Télécharge Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    et sauvegarde le sur ton bureau et pas ailleurs!

    => /!\déconnecte toi d'internet et ferme toutes tes applications./!\

    =>/!\ désactive tes protections (antivirus, parefeu,antispyware) provisoirement et seulement le temps de l'utilisation de ComboFix,/!\

    => Double-clic sur combofix,

    => /!\Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi./!\

    => Attends que combofix ait terminé, un rapport sera créé.

    => réactive ton parefeu, ton antivirus, la garde de ton antispyware

    => copie/colle le rapport C:\ComboFix.txt

    => Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    0
  11. Gingin_89 Messages postés 38 Statut Membre 4
     
    Voici le rapport ComboFix:

    ComboFix 08-06-20.4 - HP_Administrateur 2008-06-28 16:43:02.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.524 [GMT -4:00]
    Endroit: C:\Documents and Settings\HP_Administrateur\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\BM23932bc8.xml
    C:\WINDOWS\pskt.ini
    C:\WINDOWS\system32\AudPlaye.dll
    C:\WINDOWS\system32\ckdpedkt.ini
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\ocqnnwbq.ini
    C:\WINDOWS\system32\wglpsjrp.ini
    D:\Autorun.inf

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_poof

    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-28 to 2008-06-28 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-28 16:12 . 2008-06-28 16:12 1,024,903 --a------ C:\upload_moi_NOM-5A733FE684E.tar.gz
    2008-06-27 17:51 . 2008-06-27 17:51 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
    2008-06-27 16:59 . 2008-06-27 16:59 <REP> d-------- C:\WINDOWS\ERUNT
    2008-06-27 16:54 . 2008-06-27 16:54 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-06-27 16:54 . 2008-06-27 16:54 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\Malwarebytes
    2008-06-27 16:54 . 2008-06-27 16:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-06-27 16:54 . 2008-06-19 17:48 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-06-27 16:54 . 2008-06-19 17:47 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-06-27 16:53 . 2008-06-27 03:54 <REP> d-------- C:\SDFix
    2008-06-27 13:02 . 2008-06-27 13:02 104,448 --a------ C:\WINDOWS\system32\extbcgow.dll
    2008-06-27 13:02 . 2008-06-27 13:02 104,448 --a------ C:\WINDOWS\system32\dksoux.dll
    2008-06-27 13:00 . 2008-06-27 13:00 94,720 --a------ C:\WINDOWS\system32\aclsqhlw.dll
    2008-06-26 22:18 . 2008-06-26 22:46 <REP> d-------- C:\Program Files\Hotel Solitaire
    2008-06-26 22:11 . 2008-06-26 22:18 <REP> d-------- C:\Program Files\UberSoldier Demo
    2008-06-26 16:39 . 2008-06-26 16:39 107,008 --a------ C:\WINDOWS\system32\wgmgaqlm.dll
    2008-06-26 16:36 . 2008-06-26 16:36 95,232 --a------ C:\WINDOWS\system32\bnjxdoic.dll
    2008-06-26 11:47 . 2008-06-26 11:47 107,008 --a------ C:\WINDOWS\system32\hshyercg.dll
    2008-06-26 11:45 . 2008-06-26 11:45 95,232 --a------ C:\WINDOWS\system32\lbixvkxy.dll
    2008-06-26 09:13 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
    2008-06-26 09:13 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2008-06-26 09:13 . 2008-05-15 23:22 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
    2008-06-26 09:13 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
    2008-06-26 09:13 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
    2008-06-26 09:13 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2008-06-26 09:13 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
    2008-06-26 09:13 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
    2008-06-25 10:32 . 2001-08-23 17:46 66,048 --a------ C:\WINDOWS\system32\dllcache\s3legacy.dll
    2008-06-25 10:05 . 2008-06-25 10:05 107,520 --a------ C:\WINDOWS\system32\lwockxsw.dll
    2008-06-25 10:04 . 2008-06-25 10:04 95,232 --a------ C:\WINDOWS\system32\khoxxvoj.dll
    2008-06-24 22:03 . 2008-06-24 22:03 <REP> d-------- C:\Program Files\Avira
    2008-06-24 22:03 . 2008-06-25 10:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-06-24 20:06 . 2008-06-24 20:06 101,888 --a------ C:\WINDOWS\system32\ksbpiqfi.dll
    2008-06-22 14:15 . 2008-06-22 14:15 <REP> d-------- C:\Program Files\Abacus
    2008-06-21 13:04 . 2008-06-21 13:04 0 --a------ C:\WINDOWS\MusicEditor.INI
    2008-06-20 17:33 . 2001-05-11 13:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
    2008-06-20 17:33 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax
    2008-06-17 13:54 . 2008-06-17 13:54 <REP> d-------- C:\Program Files\DivX
    2008-06-17 12:57 . 2008-06-17 13:11 <REP> d-------- C:\Program Files\RapidCheck
    2008-06-17 11:32 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
    2008-06-17 11:32 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
    2008-06-17 11:32 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
    2008-06-17 11:32 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
    2008-06-17 11:32 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
    2008-06-17 11:32 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
    2008-06-17 11:32 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
    2008-06-17 11:32 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
    2008-06-16 16:59 . 2008-06-16 16:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2008-06-16 14:32 . 2008-06-16 14:32 <REP> d-------- C:\Program Files\Messenger Plus! Live
    2008-06-15 16:12 . 2008-06-15 18:00 <REP> d-------- C:\Halo CE Portable Edition By Am3n
    2008-06-15 15:38 . 2008-06-21 13:07 <REP> d-------- C:\Program Files\HHHT
    2008-06-14 16:11 . 2001-08-17 21:56 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
    2008-06-14 16:11 . 2001-08-17 21:56 7,552 --a------ C:\WINDOWS\system32\dllcache\sonypvu1.sys
    2008-06-13 17:35 . 2008-06-13 17:35 <REP> d-------- C:\Program Files\LimeWire
    2008-06-11 16:11 . 2008-06-14 13:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-11 16:11 . 2008-06-14 13:59 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-07 17:17 . 2008-06-07 18:41 <REP> d-------- C:\Program Files\EA GAMES
    2008-06-07 17:17 . 2005-09-28 00:11 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll
    2008-06-07 10:22 . 2008-06-07 10:23 <REP> d-------- C:\Program Files\BVE
    2008-06-05 19:29 . 1998-10-01 15:22 299,520 --a------ C:\WINDOWS\uninst.exe
    2008-06-05 08:20 . 2008-06-05 08:20 <REP> d-------- C:\Documents and Settings\Jocelyne 3 sur 5\Application Data\Search Settings
    2008-06-04 16:05 . 2008-06-04 16:05 <REP> d-------- C:\Program Files\Search Settings
    2008-06-04 16:05 . 2008-06-04 16:05 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\Search Settings
    2008-06-04 16:04 . 1998-06-24 02:00 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX
    2008-06-04 16:03 . 2008-06-04 16:09 <REP> d-------- C:\Program Files\Free Audio Pack
    2008-06-03 19:55 . 2008-06-03 19:55 <REP> d-------- C:\Program Files\Pixoria
    2008-06-03 19:41 . 2008-06-03 19:54 <REP> d-------- C:\Program Files\Yahoo!
    2008-05-29 19:56 . 2008-05-29 19:56 <REP> d-------- C:\Program Files\Windows XP Fun Pack
    2008-05-29 18:39 . 2008-05-29 18:39 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\Jasc
    2008-05-29 18:35 . 2008-05-29 18:35 <REP> d-------- C:\Program Files\Jasc Software Inc

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-28 20:45 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\DNA
    2008-06-27 22:45 11,376 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2008-06-26 17:49 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-06-25 14:52 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\OpenOffice.org2
    2008-06-25 02:21 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-06-25 01:56 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\Symantec
    2008-06-23 18:43 8,666 ----a-w C:\Documents and Settings\HP_Administrateur\Application Data\wklnhst.dat
    2008-06-22 22:40 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\BitTorrent
    2008-06-21 20:33 --------- d-----w C:\Program Files\GameSpy Arcade
    2008-06-21 20:32 --------- d-----w C:\Program Files\Microsoft Games
    2008-06-21 17:07 --------- d-----w C:\Program Files\MAGIX
    2008-06-21 17:05 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\MAGIX
    2008-06-21 17:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\MAGIX
    2008-06-20 21:31 --------- d-----w C:\Program Files\Fichiers communs\MAGIX Shared
    2008-06-20 17:46 --------- d-----w C:\Program Files\Clue
    2008-06-20 16:39 2,954 ----a-w C:\Documents and Settings\HP_Administrateur\Application Data\SAS7_000.DAT
    2008-06-13 21:45 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\LimeWire
    2008-05-23 21:52 64,194 ----a-w C:\WINDOWS\BricoPackUninst.cmd
    2008-05-23 21:52 6,120 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
    2008-05-19 19:17 --------- d-----w C:\Program Files\Blender Foundation
    2008-05-18 21:49 --------- d-----w C:\Program Files\Enigma Software Group
    2008-05-18 19:51 --------- d-----w C:\Program Files\CCleaner
    2008-05-15 22:25 --------- d-----w C:\Program Files\mackoy
    2008-05-12 23:16 --------- d-----w C:\Program Files\Super_Adventure_Island
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2008-05-08 00:07 --------- d-----w C:\Program Files\OpenOffice.org 2.4
    2008-05-08 00:07 --------- d-----w C:\Program Files\Java
    2008-05-07 23:55 --------- d-----w C:\Program Files\Coffee Tycoon
    2008-05-06 23:54 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\Uniblue
    2008-05-05 21:42 71,561 ----a-w C:\WINDOWS\unins000.exe
    2008-05-04 18:30 --------- d-----w C:\Program Files\BoontyGames
    2008-05-04 18:30 --------- d-----w C:\Program Files\Boonty
    2008-05-04 18:06 --------- d-----w C:\Program Files\ReflexiveArcade
    2008-05-02 23:51 --------- d-----w C:\Program Files\Fichiers communs\DirectX
    2008-04-28 21:36 1,146,906 ----a-w C:\WINDOWS\SCTUninstaller.exe
    2008-04-28 21:35 --------- d-----w C:\Program Files\Deep Silver
    2008-04-13 23:48 74,752 ----a-w C:\WINDOWS\ST6UNST.EXE
    2008-04-13 23:48 253,952 ------w C:\WINDOWS\Setup1.exe
    .

    ------- Sigcheck -------

    2007-06-13 09:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
    2007-06-13 09:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
    2004-08-10 14:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
    2007-06-13 09:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7774a9d7-9ed2-492e-914e-578dbf6d3447}]
    2008-06-27 13:02 104448 --a------ C:\WINDOWS\system32\dksoux.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-13 22:33 68856]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00 15360]
    "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-07 19:31 289088]
    "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-03-18 12:11 32768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-08 13:59 77824]
    "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-06-08 14:03 114688]
    "HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 02:35 49152]
    "HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-25 16:34 245760]
    "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2005-05-10 20:50 253952]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-03-12 18:20 180269]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 00:12 49152]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-12-09 15:32 225280]
    "LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 17:22 262144]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
    "SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
    "DNS7reminder"="C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" [2007-03-19 09:20 259624]
    "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 16:15 221184]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
    "ccApp"="c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-02-21 16:29 58984]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "MSVideo1"= CSvidcap.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrateur^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
    path=C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.4.lnk
    backup=C:\WINDOWS\pss\OpenOffice.org 2.4.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrateur^Menu Démarrer^Programmes^Démarrage^wkcalrem.LNK]
    path=C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\wkcalrem.LNK
    backup=C:\WINDOWS\pss\wkcalrem.LNKStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
    --a------ 2008-02-12 10:06 262401 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    --a------ 2007-02-21 16:29 58984 c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
    --a------ 2005-08-05 13:34 64512 C:\WINDOWS\ehome\ehtray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    --a------ 2005-02-16 16:15 221184 C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    --a------ 2008-03-18 12:11 32768 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]
    --a------ 2005-12-07 10:26 489472 C:\Program Files\Logitech\Video\CameraAssistant.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]
    --a------ 2005-12-07 10:33 73728 C:\Program Files\Logitech\Video\InstallHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2004-10-13 12:24 1694208 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDrProfiler]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
    --a------ 2005-01-07 18:07 61952 C:\WINDOWS\system32\HdAShCut.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
    --a------ 2008-04-16 17:56 985440 C:\Program Files\Search Settings\SearchSettings.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
    --a------ 2005-01-24 05:56 544768 C:\WINDOWS\sm56hlpr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
    --a------ 2008-03-13 17:02 100056 C:\PROGRA~1\SYMNET~1\SNDMon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "VundoFixSvc"=3 (0x3)
    "Boonty Games"=3 (0x3)
    "AntiVirService"=2 (0x2)
    "AntiVirScheduler"=2 (0x2)

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "FirewallDisableNotify"=dword:00000001
    "SerialNumber"="A109A-K13-3ZXD-BAP5-TE"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
    "C:\\Program Files\\DNA\\btdna.exe"=
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe"=
    "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe"=

    R3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 15:37]
    R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 06:08]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{25ef40be-0f4c-11da-bf9b-806d6172696f}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2008-06-26 00:56:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-06-28 20:50:10 C:\WINDOWS\Tasks\Symantec NetDetect.job"
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-28 16:48:02
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...

    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 1098 bytes hidden from API

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 1

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\Program Files\Fichiers communs\Symantec Shared\CCSETMGR.EXE
    C:\Program Files\Norton Internet Security\ISSVC.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\CCEVTMGR.EXE
    C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\ehome\ehrecvr.exe
    C:\WINDOWS\ehome\ehSched.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\symwsc.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-28 16:54:14 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-06-28 20:54:09

    Pre-Run: 132,893,192,192 octets libres
    Post-Run: 133,338,722,304 octets libres

    299 --- E O F --- 2008-06-24 17:09:07
    0
  12. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    selectionne ceci

    registry::

    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7774a9d7-9ed2-492e-914e-578dbf6d3447}]

    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]

    File::
    C:\WINDOWS\system32\extbcgow.dll
    C:\WINDOWS\system32\dksoux.dll
    C:\WINDOWS\system32\aclsqhlw.dll
    C:\WINDOWS\system32\wgmgaqlm.dll
    C:\WINDOWS\system32\bnjxdoic.dll
    C:\WINDOWS\system32\hshyercg.dll
    C:\WINDOWS\system32\lwockxsw.dll
    C:\WINDOWS\system32\khoxxvoj.dll
    C:\WINDOWS\system32\ksbpiqfi.dll


    * Copie le texte sélectionné (CTRL+C).
    * Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
    * Veille à ce que Retour à la ligne ne soit pas coché dans Format.
    * Colle le texte copié dans ce bloc-notes (CTRL+V).
    * Sauvegarde ce fichier sous le nom de CFScript.txt
    * Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme ceci
    http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
    * Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
    * Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal!
    Ne touche à rien tant que le scan n'est pas terminé.
    * Une fois le scan achevé, un rapport va s'afficher : Poste son contenu.
    * Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

    @+
    0
  13. Gingin_89 Messages postés 38 Statut Membre 4
     
    Voici le rapport:

    ComboFix 08-06-20.4 - HP_Administrateur 2008-06-28 17:27:32.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.535 [GMT -4:00]
    Endroit: C:\Documents and Settings\HP_Administrateur\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\HP_Administrateur\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    FILE ::
    C:\WINDOWS\system32\aclsqhlw.dll
    C:\WINDOWS\system32\bnjxdoic.dll
    C:\WINDOWS\system32\dksoux.dll
    C:\WINDOWS\system32\extbcgow.dll
    C:\WINDOWS\system32\hshyercg.dll
    C:\WINDOWS\system32\khoxxvoj.dll
    C:\WINDOWS\system32\ksbpiqfi.dll
    C:\WINDOWS\system32\lwockxsw.dll
    C:\WINDOWS\system32\wgmgaqlm.dll
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\Sysdo.dll
    C:\WINDOWS\system32\aclsqhlw.dll
    C:\WINDOWS\system32\bnjxdoic.dll
    C:\WINDOWS\system32\dksoux.dll
    C:\WINDOWS\system32\extbcgow.dll
    C:\WINDOWS\system32\hshyercg.dll
    C:\WINDOWS\system32\khoxxvoj.dll
    C:\WINDOWS\system32\ksbpiqfi.dll
    C:\WINDOWS\system32\lwockxsw.dll
    C:\WINDOWS\system32\wgmgaqlm.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-05-28 to 2008-06-28 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-28 16:12 . 2008-06-28 16:12 1,024,903 --a------ C:\upload_moi_NOM-5A733FE684E.tar.gz
    2008-06-27 17:51 . 2008-06-27 17:51 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
    2008-06-27 16:59 . 2008-06-27 16:59 <REP> d-------- C:\WINDOWS\ERUNT
    2008-06-27 16:54 . 2008-06-27 16:54 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-06-27 16:54 . 2008-06-27 16:54 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\Malwarebytes
    2008-06-27 16:54 . 2008-06-27 16:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-06-27 16:54 . 2008-06-19 17:48 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-06-27 16:54 . 2008-06-19 17:47 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-06-27 16:53 . 2008-06-27 03:54 <REP> d-------- C:\SDFix
    2008-06-26 22:18 . 2008-06-26 22:46 <REP> d-------- C:\Program Files\Hotel Solitaire
    2008-06-26 22:11 . 2008-06-26 22:18 <REP> d-------- C:\Program Files\UberSoldier Demo
    2008-06-26 11:45 . 2008-06-26 11:45 95,232 --a------ C:\WINDOWS\system32\lbixvkxy.dll
    2008-06-26 09:13 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
    2008-06-26 09:13 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2008-06-26 09:13 . 2008-05-15 23:22 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
    2008-06-26 09:13 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
    2008-06-26 09:13 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
    2008-06-26 09:13 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2008-06-26 09:13 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
    2008-06-26 09:13 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
    2008-06-25 10:32 . 2001-08-23 17:46 66,048 --a------ C:\WINDOWS\system32\dllcache\s3legacy.dll
    2008-06-24 22:03 . 2008-06-24 22:03 <REP> d-------- C:\Program Files\Avira
    2008-06-24 22:03 . 2008-06-25 10:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-06-22 14:15 . 2008-06-22 14:15 <REP> d-------- C:\Program Files\Abacus
    2008-06-21 13:04 . 2008-06-21 13:04 0 --a------ C:\WINDOWS\MusicEditor.INI
    2008-06-20 17:33 . 2001-05-11 13:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
    2008-06-20 17:33 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax
    2008-06-17 13:54 . 2008-06-17 13:54 <REP> d-------- C:\Program Files\DivX
    2008-06-17 12:57 . 2008-06-17 13:11 <REP> d-------- C:\Program Files\RapidCheck
    2008-06-17 11:32 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
    2008-06-17 11:32 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
    2008-06-17 11:32 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
    2008-06-17 11:32 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
    2008-06-17 11:32 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
    2008-06-17 11:32 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
    2008-06-17 11:32 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
    2008-06-17 11:32 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
    2008-06-16 16:59 . 2008-06-16 16:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2008-06-16 14:32 . 2008-06-16 14:32 <REP> d-------- C:\Program Files\Messenger Plus! Live
    2008-06-15 16:12 . 2008-06-15 18:00 <REP> d-------- C:\Halo CE Portable Edition By Am3n
    2008-06-15 15:38 . 2008-06-21 13:07 <REP> d-------- C:\Program Files\HHHT
    2008-06-14 16:11 . 2001-08-17 21:56 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
    2008-06-14 16:11 . 2001-08-17 21:56 7,552 --a------ C:\WINDOWS\system32\dllcache\sonypvu1.sys
    2008-06-13 17:35 . 2008-06-13 17:35 <REP> d-------- C:\Program Files\LimeWire
    2008-06-11 16:11 . 2008-06-14 13:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-11 16:11 . 2008-06-14 13:59 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-07 17:17 . 2008-06-07 18:41 <REP> d-------- C:\Program Files\EA GAMES
    2008-06-07 17:17 . 2005-09-28 00:11 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll
    2008-06-07 10:22 . 2008-06-07 10:23 <REP> d-------- C:\Program Files\BVE
    2008-06-05 19:29 . 1998-10-01 15:22 299,520 --a------ C:\WINDOWS\uninst.exe
    2008-06-05 08:20 . 2008-06-05 08:20 <REP> d-------- C:\Documents and Settings\Jocelyne 3 sur 5\Application Data\Search Settings
    2008-06-04 16:05 . 2008-06-04 16:05 <REP> d-------- C:\Program Files\Search Settings
    2008-06-04 16:05 . 2008-06-04 16:05 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\Search Settings
    2008-06-04 16:04 . 1998-06-24 02:00 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX
    2008-06-04 16:03 . 2008-06-04 16:09 <REP> d-------- C:\Program Files\Free Audio Pack
    2008-06-03 19:55 . 2008-06-03 19:55 <REP> d-------- C:\Program Files\Pixoria
    2008-06-03 19:41 . 2008-06-03 19:54 <REP> d-------- C:\Program Files\Yahoo!
    2008-05-29 19:56 . 2008-05-29 19:56 <REP> d-------- C:\Program Files\Windows XP Fun Pack
    2008-05-29 18:39 . 2008-05-29 18:39 <REP> d-------- C:\Documents and Settings\HP_Administrateur\Application Data\Jasc
    2008-05-29 18:35 . 2008-05-29 18:35 <REP> d-------- C:\Program Files\Jasc Software Inc

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-28 21:37 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-06-28 21:27 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\DNA
    2008-06-28 21:10 --------- d-----w C:\Program Files\Google
    2008-06-27 22:45 11,376 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2008-06-26 13:20 4,514 ----a-w C:\WINDOWS\system32\tmp.reg
    2008-06-25 14:52 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\OpenOffice.org2
    2008-06-25 02:21 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-06-25 01:56 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\Symantec
    2008-06-23 18:43 8,666 ----a-w C:\Documents and Settings\HP_Administrateur\Application Data\wklnhst.dat
    2008-06-22 22:40 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\BitTorrent
    2008-06-21 20:33 --------- d-----w C:\Program Files\GameSpy Arcade
    2008-06-21 20:32 --------- d-----w C:\Program Files\Microsoft Games
    2008-06-21 17:07 --------- d-----w C:\Program Files\MAGIX
    2008-06-21 17:05 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\MAGIX
    2008-06-21 17:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\MAGIX
    2008-06-20 21:31 --------- d-----w C:\Program Files\Fichiers communs\MAGIX Shared
    2008-06-20 17:46 --------- d-----w C:\Program Files\Clue
    2008-06-20 16:39 2,954 ----a-w C:\Documents and Settings\HP_Administrateur\Application Data\SAS7_000.DAT
    2008-06-19 21:00 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
    2008-06-13 21:45 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\LimeWire
    2008-05-23 21:52 64,194 ----a-w C:\WINDOWS\BricoPackUninst.cmd
    2008-05-23 21:52 6,120 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
    2008-05-23 21:52 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
    2008-05-23 21:52 219,648 ----a-w C:\WINDOWS\system32\dllcache\uxtheme.dll
    2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2008-05-19 19:17 --------- d-----w C:\Program Files\Blender Foundation
    2008-05-18 21:49 --------- d-----w C:\Program Files\Enigma Software Group
    2008-05-18 21:26 24,576 ----a-w C:\WINDOWS\system32\VundoFixSVC.exe
    2008-05-18 19:51 --------- d-----w C:\Program Files\CCleaner
    2008-05-15 22:25 --------- d-----w C:\Program Files\mackoy
    2008-05-12 23:16 --------- d-----w C:\Program Files\Super_Adventure_Island
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
    2008-05-08 00:07 --------- d-----w C:\Program Files\OpenOffice.org 2.4
    2008-05-08 00:07 --------- d-----w C:\Program Files\Java
    2008-05-07 23:55 --------- d-----w C:\Program Files\Coffee Tycoon
    2008-05-07 04:55 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll
    2008-05-07 04:55 1,294,336 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
    2008-05-06 23:54 --------- d-----w C:\Documents and Settings\HP_Administrateur\Application Data\Uniblue
    2008-05-05 21:42 71,561 ----a-w C:\WINDOWS\unins000.exe
    2008-05-04 23:57 202,240 ----a-w C:\WINDOWS\system32\Sprunk.scr
    2008-05-04 18:30 --------- d-----w C:\Program Files\BoontyGames
    2008-05-04 18:30 --------- d-----w C:\Program Files\Boonty
    2008-05-04 18:06 --------- d-----w C:\Program Files\ReflexiveArcade
    2008-05-02 23:51 --------- d-----w C:\Program Files\Fichiers communs\DirectX
    2008-04-28 21:36 1,146,906 ----a-w C:\WINDOWS\SCTUninstaller.exe
    2008-04-28 21:35 --------- d-----w C:\Program Files\Deep Silver
    2008-04-24 02:16 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2008-04-22 07:41 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2008-04-22 07:41 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-04-20 05:07 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
    2008-04-13 23:48 74,752 ----a-w C:\WINDOWS\ST6UNST.EXE
    2008-04-13 23:48 253,952 ------w C:\WINDOWS\Setup1.exe
    .

    ------- Sigcheck -------

    2007-06-13 09:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
    2007-06-13 09:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
    2004-08-10 14:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
    2007-06-13 09:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
    .
    ((((((((((((((((((((((((((((( snapshot@2008-06-28_16.53.53.64 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-06-22 18:17:49 28,672 ----a-r C:\WINDOWS\Installer\{C1726B2C-DBE0-4C15-9A53-206D93DEB866}\_4710204E8C28_4C25_B250_F3466E8388E9.exe
    + 2008-06-28 21:03:29 28,672 ----a-r C:\WINDOWS\Installer\{C1726B2C-DBE0-4C15-9A53-206D93DEB866}\_4710204E8C28_4C25_B250_F3466E8388E9.exe
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-13 22:33 68856]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00 15360]
    "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-07 19:31 289088]
    "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-03-18 12:11 32768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-08 13:59 77824]
    "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-06-08 14:03 114688]
    "HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 02:35 49152]
    "HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-25 16:34 245760]
    "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2005-05-10 20:50 253952]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-03-12 18:20 180269]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 00:12 49152]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-12-09 15:32 225280]
    "LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 17:22 262144]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
    "SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
    "DNS7reminder"="C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" [2007-03-19 09:20 259624]
    "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 16:15 221184]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
    "ccApp"="c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-02-21 16:29 58984]

    C:\Documents and Settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\
    wkcalrem.LNK - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [2004-07-11 20:54:26 15360]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 00:23:26 282624]
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-03-18 12:11:01 450560]
    Updates from HP.lnk - C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe [2008-03-12 18:37:49 36903]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "MSVideo1"= CSvidcap.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrateur^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
    path=C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.4.lnk
    backup=C:\WINDOWS\pss\OpenOffice.org 2.4.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrateur^Menu Démarrer^Programmes^Démarrage^wkcalrem.LNK]
    path=C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\wkcalrem.LNK
    backup=C:\WINDOWS\pss\wkcalrem.LNKStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
    --a------ 2008-02-12 10:06 262401 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    --a------ 2007-02-21 16:29 58984 c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
    --a------ 2005-08-05 13:34 64512 C:\WINDOWS\ehome\ehtray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    --a------ 2005-02-16 16:15 221184 C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    --a------ 2008-03-18 12:11 32768 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]
    --a------ 2005-12-07 10:26 489472 C:\Program Files\Logitech\Video\CameraAssistant.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]
    --a------ 2005-12-07 10:33 73728 C:\Program Files\Logitech\Video\InstallHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2004-10-13 12:24 1694208 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDrProfiler]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
    --a------ 2005-01-07 18:07 61952 C:\WINDOWS\system32\HdAShCut.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
    --a------ 2005-01-24 05:56 544768 C:\WINDOWS\sm56hlpr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
    --a------ 2008-03-13 17:02 100056 C:\PROGRA~1\SYMNET~1\SNDMon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "VundoFixSvc"=3 (0x3)
    "Boonty Games"=3 (0x3)
    "AntiVirService"=2 (0x2)
    "AntiVirScheduler"=2 (0x2)

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "SerialNumber"="A109A-K13-3ZXD-BAP5-TE"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
    "C:\\Program Files\\DNA\\btdna.exe"=
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe"=
    "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe"=

    R3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 15:37]
    R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 06:08]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
    S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2008-03-29 15:42]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{25ef40be-0f4c-11da-bf9b-806d6172696f}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-06-26 00:56:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-06-28 21:35:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-28 17:37:31
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-28 17:39:09
    ComboFix-quarantined-files.txt 2008-06-28 21:38:44
    ComboFix2.txt 2008-06-28 20:54:15

    Pre-Run: 133,270,671,360 octets libres
    Post-Run: 133,261,152,256 octets libres

    299 --- E O F --- 2008-06-24 17:09:07
    0
  14. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    fait un scan en ligne

    avec bitdefender et colle le rapport

    https://www.bitdefender.com/toolbox/

    Scan à faire sous Internet Explorer

    un tuto
    http://pageperso.aol.fr/rginformatique/mapage/defender.htm

    ensuite un nouveau rapport hijack stp
    @+
    0
  15. Gingin_89 Messages postés 38 Statut Membre 4
     
    Voici le rapport HiJackThis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:48:52, on 2008-06-28
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\iPod\bin\iPodService.exe
    c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\WINDOWS\ALCWZRD.EXE
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Documents and Settings\HP_Administrateur\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking9\Ereg.ini
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O18 - Protocol: bw+0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {1F1D25DD-1F3F-4D17-B80C-3DA6EA92E34C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    0
  16. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Bonjour

    comment ce comporte ton PC
    0
  17. Gingin_89 Messages postés 38 Statut Membre 4
     
    Et bien je crois bien qu'avec toutes ces étapes, mon pc refonctionne correctement. Plus de fenêtres ,plus de ralentissement. Merci bien.
    0
  18. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    ok attend un couple de jours et si c'est nickel suit ce qui suit ;-)

    Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.
    http://a-rothstein.changelog.fr/TC/ToolsCleaner2.exe

    Si tu n'a plus de soucis

    Tu peux supprimer tous les logiciels que nous avons utilisés
    va dans ajout/suppression de programes et dans programmes files
    pour vérifier

    ensuite fait ceci (IMPORTANT)

    * Désactivation :
    Cliquer droit sur le "Poste de travail" > Propriétés > onglet "Restauration du système" > cocher la case "Désactiver la Restauration du système sur tous les lecteurs"
    > Appliquer patiente jusqu a que cela soit marqué "désactivée" puis Ok.

    * Activation :
    Suivre le même chemin ; décocher la case "Désactiver la Restauration du système sur tous les lecteurs"
    > Appliquer attends que cela soit a nouveau sur "surveillance" puis Ok. Redémarrer l'ordinateur..

    Pense aussi à faire tes mises à jours régulièrement

    Windows update : ==> ici =>http://www.update.microsoft.com/windowsupdate/v6/default.aspx
    Java : ==> ici => https://www.java.com/fr/download/

    Ces mises à jours sont très importantes pour la sécurité de ton PC.

    N'installe qu'un seul parefeu !!
    et bien sur qu'un antivirus

    N'oublie pas de faire régulièrement les mises à jour de tes logiciels avant chaque scan.

    * Tu peux aussi utiliser ces logiciels de sécurité

    Malwarebytes => C'est un anti-malwares gratuit et en français, tu devras une fois installer le lancer périodiquement pour contrôler ton PC.
    Un tuto pour le télécharger et son installation => Ici => http://www.swl1f.net/viewtopic.php?f=14&t=68

    Spyware Terminator => C'est un anti-spyware gratuit et en français, Il travaillera automatiquement grâce à son module résident, tu pourras le programmer pour effectuer un scan journalier.
    Un tuto pour le télécharger et son installation => Ici => http://www.swl1f.net/viewtopic.php?f=14&t=66

    * Ensuite quelques conseils
    L'infection de ton pc peut se faire de différente façon, voici en quelques lignes plusieurs points à éviter. ==> ici =>http://www.swl1f.net/viewtopic.php?f=14&t=67

    * le navigateur

    Essaye le navigateur Firefox plus sur/securisé qu IE
    Firefox n'utilise pas le dangereux protocole ActiveX
    * Téléchargement: ==> Firefox => http://www.mozilla-europe.org/fr/products/firefox/
    * Tutorial pour le sécuriser: ==> ici =>https://forum.zebulon.fr/topic/69628-s%C3%A9curiser-un-peu-plus-firefox/

    Important
    Surfez avec les droits administrateurs sur le net te rend vulnérable, il faut donc utiliser un autre compte que celui de l'administrateur


    * Pour que ton pc retrouve un peu de jeunesse
    * Pense a lancer une petite défragmentation.
    * Utilise CCleaner régulièrement.
    * Gère tes services grâce a ces 2 liens
    ==> ici => http://speedweb1.free.fr/frames2.php?page=service3 et ==> ici => http://speedweb1.free.fr/frames2.php?page=service4
    * Utilise Zeb Utility
    une application ne nécessitant pas d’installation, pour optimiser un poil ton pc. (merci a l ami Zebulon)
    Téléchargement : ==> ici ==> https://www.zebulon.fr/telechargements/utilitaires/optimisation/zeb-utility.html
    Tuto : ==> ici => https://www.zebulon.fr/dossiers/autres/58-zebutility.html

    Et pour finir

    Dénonce ton infection pour faire condamner les auteurs.

    Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être les plus nombreux possibles, alors rends compte de ton infection

    - Voir les règles du forum : ==> ici => https://malwarecomplaints.info/
    - Après t'être enregistré à l'aide du bouton en haut se nommant "Register"
    Si tu as plus de 13 ans, choisir : "I Agree to these terms and am over or exactly 13 years of age"
    Si tu as moins, clique sur : "I Agree to these terms and am under 13 years of age"

    Tu as alors sous forme de liste un sujet par type d'infection (Look2Me, Smitfraud, SpywareQuake etc..).

    * malwarecomplaints => https://malwarecomplaints.info/

    Si le malware que tu as eu n'apparaît pas dans la liste, ou si tu ne sais pas par quoi tu étais infecté(e), crée un message dans le sujet Autres infections
    conforme au règle du forum (age, ville, département etc..)

    Indique aussi le nom du Forum qui t'a aidé CCM

    * Tuto => http://www.malekal.com/malwarecomplaints.html

    @+
    0