Sujet Précédent Sujet Suivant

Centre de sécurité vista HS

Résolu/Fermé
ZeSly - 11 juil. 2008 à 20:20
ZeSly38 Messages postés 1 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 12 juillet 2008 - 12 juil. 2008 à 08:12
Bonjour,
Ce matin l'écran de mon ordi est devenu tout bleu (pour la première fois depuis que je l'ai)! je n'ai pas eu le temps de lire quoi que ce soit du message (très long au passage) avant qu'il ne redémarre tout seul.
Depuis je ne peut plus me connecter à internet, il me dit que la carte réseau est désactivé mais ne veut pas la réactiver;
le centre de sécurité est marqué comme désactivé (et impossible de le réactiver aussi);
windows defender est désactivé (idem ci-dessus)
mon antivirus (avira antivir personnal) n'est plus reconnu comme une application win32 valide, en plus j'ai fait la bétise d'essayer de le désinstaller pour le réinstaller, mais la désinstallation est rester bloquer en plein miilieu et je ne sais pas ce que ca a donner;
j'ai fait graver un cd d'antivirus bootable censé être récent et à jour, mais ce n'est pas le cas et il n'a pas trouvé de virus (Kaspersky rescue 2008, en plus je viens d'en voir la pub juste en dessous du bouton ajouter :);
A voir également:

6 réponses

Réponse 1 / 6
ZeSly
11 juil. 2008 à 20:25
je viens d'essayer de démarrer mon ordi pour faire un hijackthis log, et j'ai eu un écran bleu disant qu'il y a eu un problème lors du démarrage ( c'est tout ce que j'ai eu le temps de lire) et là il est en train de lancer un outil de réparation du démarrage et me demande si je veut restaurer mon système ( ce que j'ai déjà essayer de faire - j'ai oublié de le dire- et qui a eu pour résultat un message disant que la restauration n'avait pas pu être faite car le point de restauration avait été corrompue ou supprimé durant l'opération)

j'attends kil est fini pour en dire plus...
0
Réponse 2 / 6
ZeSly
11 juil. 2008 à 21:16
Bon alors voilà, je ne peut pas faire une analyse avec hijack! je l'ai retelecharger puis transferer sur mon pc par cd-rom (vive les cdrw) mais il considère quand même que ce n'est pas une application win32 valide. d'autre programme marche, seul les programmes de sécurité (antivirus, firewall, antispyware, ...) ne marche pas! je ne sais plus quoi faire! que quelqu'un m'aide, s'il vous plait!!
0
Réponse 3 / 6
ZeSly
11 juil. 2008 à 23:22
Et voici enfin un log de hijack, j'ai du le renommer comme je l'ai lu dans un autre post! j'ai aussi testé combofix, mais ca na pas marché (une erreur dans le fichier install, j'ai pas trop compris...).

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:03:21, on 11/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\DAP\DAP.exe
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\wamp\wampmanager.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sly\Prog\Suite\MonJack.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://imp.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:\PROGRA~1\SpeedBit Video Accelerator\proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = www-cache.ujf-grenoble.fr:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P10 /q C:\Users\Sly\AppData\Local\Temp\hsperfdata_Sly.SH! (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P10 /q C:\Users\Sly\AppData\Local\Temp\hsperfdata_Sly.SH! (User 'Default user')
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.fofo-info.fr
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: BBCJD - Unknown owner - C:\Users\Sly\AppData\Local\Temp\BBCJD.exe (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HOAJN - Sysinternals - www.sysinternals.com - C:\Users\Sly\AppData\Local\Temp\HOAJN.exe
O23 - Service: HXUZBJ - Unknown owner - C:\Users\Sly\AppData\Local\Temp\HXUZBJ.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: OBE - Unknown owner - C:\Users\Sly\AppData\Local\Temp\OBE.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
0
Réponse 4 / 6
ZeSly
12 juil. 2008 à 01:41
voici le fichier log du logiciel EliBagle v 11.60:

Fri Jul 11 23:49:22 2008
EliBagle v11.60 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 11 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Eliminado Bagle (rootkit)
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Eliminado Bagle.dldr

Fri Jul 11 23:49:31 2008
EliBagle v11.60 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 11 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Program Files\Google\GoogleToolbarNotifier\GOOGLETOOLBARNOTIFIER.EXE --> Eliminado Bagle.dldr
C:\Windows\System32\drivers\MDELK.EXE --> Eliminado Bagle.dldr

Nº Total de Directorios: 27188
Nº Total de Ficheros: 253550
Nº de Ficheros Analizados: 19974
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados: 2

Fri Jul 11 23:58:51 2008
EliBagle v11.60 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 11 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

Fri Jul 11 23:58:56 2008
EliBagle v11.60 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 11 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 27188
Nº Total de Ficheros: 253548
Nº de Ficheros Analizados: 19972
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Sat Jul 12 00:00:28 2008
EliBagle v11.60 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 11 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad R:\

Nº Total de Directorios: 2708
Nº Total de Ficheros: 11114
Nº de Ficheros Analizados: 2107
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0


Désolé de balancer toutes ces informations en vrac, mais en attendant de l'aide j'en profite pour tester tout ce qui me tombe sous la main, et si ca peut faciliter la tache... (du moins esperons le)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
ZeSly
12 juil. 2008 à 02:14
Et voici le log de combofix ( ça en fait du texte à lire):

ComboFix 08-07-11.1 - Sly 2008-07-12 1:47:59.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1177 [GMT 2:00]
Endroit: C:\Users\Sly\Desktop\anvitirus.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\Sly\AppData\Roaming\urlredir.cfg
C:\Windows\system32\adssite-remove.exe
C:\Windows\system32\bbcebec_z.dll
C:\Windows\system32\drivers\downld
C:\Windows\system32\mysidesearch_sidebar_uninstall.exe
C:\Windows\system32\rightonadz-uninst.exe

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-11 to 2008-07-11 ))))))))))))))))))))))))))))))))))))
.

2008-07-11 20:52 . 2008-07-11 20:52 23 --a------ C:\Windows\System32\bacce_z.ocx
2008-07-11 20:51 . 2008-07-11 20:52 <REP> d-------- C:\Program Files\jv16 PowerTools 2008
2008-07-11 20:48 . 2008-07-11 20:48 <REP> d-------- C:\HiJackThis
2008-07-11 02:07 . 2008-07-11 02:07 <REP> d-------- C:\Users\All Users\WindowsSearch
2008-07-11 02:07 . 2008-07-11 02:07 <REP> d-------- C:\PROGRA~2\WindowsSearch
2008-07-11 00:50 . 2008-07-11 20:27 196,854,261 --a------ C:\Windows\MEMORY.DMP
2008-07-10 07:44 . 2008-07-10 07:44 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-07-10 03:46 . 2008-07-10 03:46 <REP> d-------- C:\Users\Sly\AppData\Roaming\Atari
2008-07-10 03:24 . 2008-07-10 03:24 <REP> d-------- C:\Program Files\Common Files\PocketSoft
2008-07-10 03:24 . 2002-02-27 18:50 197,120 --a------ C:\Windows\patchw32.dll
2008-07-10 03:17 . 2008-07-10 03:17 <REP> d-------- C:\Program Files\Atari
2008-07-09 03:21 . 2008-06-26 03:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-07-09 03:21 . 2008-06-26 03:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-07-09 03:21 . 2008-06-26 05:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll
2008-07-09 00:52 . 2008-07-10 01:41 <REP> d-------- C:\Users\Sly\AppData\Roaming\SPORE Creature Creator
2008-07-07 07:20 . 2008-07-09 06:09 21,840 --a----t- C:\Windows\System32\SIntfNT.dll
2008-07-07 07:20 . 2008-07-09 06:09 17,212 --a----t- C:\Windows\System32\SIntf32.dll
2008-07-07 07:20 . 2008-07-09 06:09 12,067 --a----t- C:\Windows\System32\SIntf16.dll
2008-07-07 07:11 . 2008-07-07 07:11 <REP> d-------- C:\Program Files\Common Files\SWF Studio
2008-07-05 18:06 . 2008-07-05 18:06 <REP> d-------- C:\Program Files\Lionhead Studios
2008-07-04 03:09 . 2008-07-04 03:09 238 --a------ C:\Windows\RomeTW.ini
2008-07-04 02:44 . 2008-07-04 02:44 <REP> d-------- C:\Programmes
2008-07-03 00:41 . 2008-07-03 00:42 <REP> d-------- C:\Program Files\MagicISO
2008-07-02 18:26 . 2008-01-05 13:21 779,800 --a------ C:\Windows\System32\PresentationNative_v0300.dll
2008-07-02 18:26 . 2008-01-19 09:37 351,232 --a------ C:\Windows\System32\WSDApi.dll
2008-07-02 18:26 . 2008-01-05 13:21 350,744 --a------ C:\Windows\System32\PresentationHost.exe
2008-07-02 18:26 . 2008-01-05 13:21 106,520 --a------ C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2008-07-02 18:26 . 2008-01-19 09:37 60,928 --a------ C:\Windows\System32\WpdMtpUS.dll
2008-07-02 18:26 . 2008-01-19 08:04 39,936 --a------ C:\Windows\System32\drivers\WpdUsb.sys
2008-07-02 18:26 . 2008-01-05 13:21 33,304 --a------ C:\Windows\System32\PresentationHostProxy.dll
2008-07-02 18:26 . 2008-01-19 09:37 33,280 --a------ C:\Windows\System32\WpdConns.dll
2008-07-02 18:26 . 2008-01-05 13:21 28,672 --a------ C:\Windows\System32\TsWpfWrp.exe
2008-07-02 18:24 . 2008-01-19 09:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
2008-07-02 18:23 . 2008-01-19 07:31 8,322,048 --a------ C:\Windows\System32\spwizimg.dll
2008-07-02 18:22 . 2008-01-19 09:35 9,847,296 --a------ C:\Windows\System32\NlsData000a.dll
2008-07-02 18:19 . 2008-01-19 09:33 2,927,104 --a------ C:\Windows\explorer.exe
2008-07-02 18:18 . 2008-01-19 09:33 2,515,968 --a------ C:\Windows\System32\accessibilitycpl.dll
2008-07-02 18:17 . 2008-01-19 09:36 2,153,472 --a------ C:\Windows\System32\oobefldr.dll
2008-06-25 13:01 . 2008-06-25 13:01 <REP> d-------- C:\Program Files\Pcsx2
2008-06-25 12:40 . 2008-06-25 12:41 <REP> d-------- C:\HORAIRES
2008-06-25 12:40 . 2008-06-25 12:40 353 --a------ C:\Windows\horinfgl.ini
2008-06-19 12:01 . 2008-06-19 12:18 <REP> d-------- C:\Program Files\Call of Duty 4 - Modern Warfare
2008-06-13 20:56 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-06-13 20:56 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-06-13 20:56 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-06-13 20:56 . 2008-01-19 09:33 80,896 --a------ C:\Windows\System32\MSNP.ax
2008-06-13 20:56 . 2008-01-19 09:33 69,632 --a------ C:\Windows\System32\Mpeg2Data.ax
2008-06-13 20:56 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-06-11 07:26 . 2008-06-11 07:26 <REP> d-------- C:\Program Files\LaBoiteACouleurs

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-11 23:52 --------- d---a-w C:\PROGRA~2\TEMP
2008-07-11 23:52 --------- d-----w C:\Program Files\SpeedBit Video Accelerator
2008-07-11 23:29 --------- d-----w C:\PROGRA~2\Roxio
2008-07-11 22:33 --------- d-----w C:\Users\Sly\AppData\Roaming\TeraCopy
2008-07-10 23:14 --------- d-----w C:\PROGRA~2\Avira
2008-07-10 22:54 --------- d-----w C:\Program Files\DAP
2008-07-10 20:41 --------- d-----w C:\Program Files\FileZilla FTP Client
2008-07-10 20:40 --------- d-----w C:\Users\Sly\AppData\Roaming\FileZilla
2008-07-10 05:42 27,145 ----a-w C:\Users\Sly\AppData\Roaming\nvModes.dat
2008-07-10 01:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-09 11:54 --------- d-----w C:\Program Files\Electronic Arts
2008-07-09 04:05 --------- d-----w C:\Program Files\TrackMania United
2008-07-09 01:25 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-07-09 01:10 --------- d-----w C:\Program Files\Windows Mail
2008-07-08 18:37 --------- d-----w C:\Program Files\eMule
2008-07-02 17:44 --------- d-----w C:\PROGRA~2\NVIDIA
2008-07-02 17:41 174 --sha-w C:\Program Files\desktop.ini
2008-07-02 17:24 --------- d-----w C:\Program Files\Windows Sidebar
2008-07-02 17:24 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-07-02 17:24 --------- d-----w C:\Program Files\Windows Defender
2008-07-02 17:24 --------- d-----w C:\Program Files\Windows Collaboration
2008-07-02 17:24 --------- d-----w C:\Program Files\Windows Calendar
2008-06-25 10:41 1,409 ----a-w C:\Windows\Fonts\SncfPre.fot
2008-06-25 10:41 1,409 ----a-w C:\Windows\Fonts\sncf09.fot
2008-06-08 20:32 --------- d-----w C:\Users\Sly\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium
2008-06-07 23:55 --------- d-----w C:\PROGRA~2\TrackMania
2008-06-07 20:28 --------- d-----w C:\Program Files\TmNationsForever
2008-06-07 19:18 --------- d-----w C:\Program Files\Sun
2008-06-07 19:18 --------- d-----w C:\Program Files\Java
2008-06-03 02:31 --------- d-----w C:\Users\Sly\AppData\Roaming\gtk-2.0
2008-06-01 19:02 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2008-06-01 18:58 --------- d-----w C:\Users\Sly\AppData\Roaming\OpenOffice.org2
2008-06-01 06:57 --------- d-----w C:\Users\Sly\AppData\Roaming\Notepad++
2008-05-30 23:54 --------- d-----w C:\Program Files\TmUnitedForever
2008-05-30 21:22 --------- d-----w C:\PROGRA~2\Firefly Studios
2008-05-30 21:16 --------- d-----w C:\PROGRA~2\Downloaded Installations
2008-05-30 21:09 --------- d-----w C:\Program Files\Microsoft Games
2008-05-30 20:42 --------- d-----w C:\Users\Sly\AppData\Roaming\MAGIX
2008-05-30 20:32 --------- d-----w C:\Program Files\ProtectDisc Driver Installer
2008-05-30 20:31 --------- d-----w C:\PROGRA~2\MAGIX
2008-05-30 20:29 --------- d-----w C:\Program Files\Common Files\MAGIX Shared
2008-05-29 14:18 --------- d-----w C:\Program Files\TeraCopy
2008-05-27 03:45 --------- d-----w C:\Users\Sly\AppData\Roaming\uTorrent
2008-05-27 03:30 --------- d-----w C:\Program Files\uTorrent
2008-05-25 19:50 --------- d-----w C:\Program Files\Google
2008-05-25 12:07 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-25 08:26 --------- d-----w C:\Users\Sly\AppData\Roaming\Auslogics
2008-05-25 08:26 --------- d-----w C:\Program Files\Auslogics
2008-05-24 23:42 --------- d-----w C:\Program Files\World of Warcraft
2008-05-21 13:19 --------- d-----w C:\Users\Sly\AppData\Roaming\AutoTransfer
2008-05-21 10:34 --------- d-----w C:\Program Files\CDex_170b2
2008-05-20 09:16 --------- d-----w C:\Program Files\Free Video Converter
2008-05-19 23:20 --------- d-----w C:\Users\Sly\AppData\Roaming\Bioshock
2008-04-08 21:17 492 ----a-w C:\Users\Sly\AppData\Roaming\wklnhst.dat
2008-02-28 11:06 22,328 ----a-w C:\Users\Sly\AppData\Roaming\PnkBstrK.sys
2008-01-29 06:44 76 --sh--r C:\Windows\CT4CET.bin
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-03-28 21:59 2953216 --a------ C:\Program Files\Protector Suite QL\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-03-28 21:59 2953216 --a------ C:\Program Files\Protector Suite QL\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 09:33 125952]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-02-14 01:09 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-09-07 10:50 159744]
"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [2007-08-28 07:51 36864]
"DELL Webcam Manager"="C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 18:43 118784]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-01-29 08:58 1838592]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 15:00 174872]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-02-21 03:18 366400]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.EXE" [2008-05-09 14:44 3053056]
"SpeedBitVideoAccelerator"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2008-05-09 14:47 2729584]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 11:23 202544]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-10-04 22:24 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-10-04 22:24 8497696]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-10-04 22:24 81920]
"NVHotkey"="C:\Windows\system32\nvHotkey.dll" [2007-10-04 22:24 86016]

C:\Users\Sly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
WampServer.lnk - C:\wamp\wampmanager.exe [2008-06-01 00:27:44 1152512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-03-28 21:46 90112 C:\Windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"VIDC.XVID"= xvid.dll
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.YV12"= yv12vfw.dll
"msacm.divxa32"= divxa32.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-02-14 01:09 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
--a------ 2007-11-15 11:23 202544 C:\Program Files\Dell Support Center\bin\sprtcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
--a------ 2007-11-15 11:24 16384 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2006-03-20 17:34 213936 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2006-03-20 17:34 86960 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSQLLauncher]
--a------ 2007-03-28 21:23 49168 C:\Program Files\Protector Suite QL\launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-02-05 19:58 98304 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
--a------ 2006-11-05 13:22 221184 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3381276789-2524202392-855792527-1000]
"EnableNotificationsRef"=dword:00000005

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{12CBC8EC-8444-4B75-9388-312CC2A15359}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{2A5C3013-C0B2-4C8C-BAAF-7380AAE2E59E}"= C:\Program Files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect
"{77A38236-C109-42FB-A033-2989C5F9DCD7}"= C:\Program Files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{B1E8E014-7559-4CB2-9EAF-75527612BF09}"= C:\Program Files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{A11B7889-A88B-4890-9C36-D82E0E579360}"= C:\Program Files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"TCP Query User{3274CFA8-F702-4CF6-A930-228D7A0E6814}C:\\program files\\sslexplorer\\install-sslexplorer.exe"= UDP:C:\program files\sslexplorer\install-sslexplorer.exe:install-sslexplorer
"UDP Query User{8E455DBE-8762-4AA1-8BDD-9C83266392A9}C:\\program files\\sslexplorer\\install-sslexplorer.exe"= TCP:C:\program files\sslexplorer\install-sslexplorer.exe:install-sslexplorer
"{E938957D-B6FA-4241-815D-E6080E1D35CD}"= UDP:C:\Program Files\Cisco Systems\VPN Client\vpngui.exe:vpngui
"{FD4B7EBA-DB0A-49B5-84D3-33143393B2C3}"= TCP:C:\Program Files\Cisco Systems\VPN Client\vpngui.exe:vpngui
"{54516F8A-3D64-49D1-996C-26AD21B4D0A4}"= TCP:500:VPN
"{FA9BAE60-3068-47FB-992A-7A41465359C0}"= Profile=Private|C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{C4D9A6BC-7493-45FF-A908-588C0113687E}C:\\users\\sly\\prog\\stubinstaller.exe"= UDP:C:\users\sly\prog\stubinstaller.exe:stubinstaller.exe
"UDP Query User{1140A6C1-1C8D-4D10-BB16-0A61A9BCD323}C:\\users\\sly\\prog\\stubinstaller.exe"= TCP:C:\users\sly\prog\stubinstaller.exe:stubinstaller.exe
"TCP Query User{6D2B1511-F861-420D-BAAA-CEFACC9AD401}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{A8290B69-15A6-48F8-91A4-41F32CF58F01}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"{D97869C3-5EE3-492A-ADF7-4073114AC5BA}"= Profile=Private|C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{FC70EA4D-F5A5-4C12-B5FB-3ADA20DBAC8D}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{3E3EEF1B-B8BF-4878-A6CF-40EE83034D14}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{47681B65-3C95-4DB7-AE6C-E12847B91FE0}C:\\program files\\sony\\station\\launchpad\\launchpad.exe"= UDP:C:\program files\sony\station\launchpad\launchpad.exe:LaunchPad
"UDP Query User{2164E1BF-0444-4C21-B489-7344D5247C1E}C:\\program files\\sony\\station\\launchpad\\launchpad.exe"= TCP:C:\program files\sony\station\launchpad\launchpad.exe:LaunchPad
"TCP Query User{0280BDAC-C2B8-4CD2-A4A5-785933962F79}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{579834C2-E0F1-43C8-80B9-DE8C3BAC6579}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{93999B17-F3F7-48B4-8287-1A83E83ECD17}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{08DE1E49-7347-4ACA-9B47-E9052E523A0A}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{E5F7E359-0752-41CF-AA8D-472F4746F866}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{9B925E52-21FC-4D08-A6C6-2F4FDA1FC0EF}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{7E93B602-5453-4DCB-BF8C-CC8C79F4B05B}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{0B82F973-F634-494E-B56B-EC62BCE875D2}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{E8787139-EC4E-48B0-BF55-77618EA0836C}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{67FB2A60-92FB-4D3B-94F7-8EF72B71AC68}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{C523BCA0-BCF6-45D0-9E6C-A65FDFEB4072}C:\\program files\\sony\\station\\launchpad\\launchpad.exe"= UDP:C:\program files\sony\station\launchpad\launchpad.exe:LaunchPad
"UDP Query User{868788CF-3FDF-4C0F-8A71-53E53F4595CB}C:\\program files\\sony\\station\\launchpad\\launchpad.exe"= TCP:C:\program files\sony\station\launchpad\launchpad.exe:LaunchPad
"{0CC54704-DDF6-4B8C-B993-6C3C905CD475}"= UDP:51258:emule
"TCP Query User{9E87A675-5E28-40F2-8C54-194A295628A0}C:\\users\\sly\\jeux\\wow\\wow.exe"= UDP:C:\users\sly\jeux\wow\wow.exe:wow.exe
"UDP Query User{DDC19660-8DCB-4E0D-9B40-39934C2BFFB6}C:\\users\\sly\\jeux\\wow\\wow.exe"= TCP:C:\users\sly\jeux\wow\wow.exe:wow.exe
"{B89C17BE-E92B-473A-BF86-4C1AC5F00A76}"= UDP:C:\Program Files\DNA\btdna.exe:DNA
"{13E042FD-E9A0-4BE5-939C-8687807834B4}"= TCP:C:\Program Files\DNA\btdna.exe:DNA
"{CBDCD393-B1FD-4D3C-9000-E8C1195BF1A5}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{C3798B57-996C-4A75-9020-0A2203F844D8}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{220F7806-C8E8-4379-A1F7-4F8198A6CFCA}C:\\users\\sly\\program files\\dna\\btdna.exe"= UDP:C:\users\sly\program files\dna\btdna.exe:btdna.exe
"UDP Query User{B901B0E5-B594-47D6-9271-E6CA48541889}C:\\users\\sly\\program files\\dna\\btdna.exe"= TCP:C:\users\sly\program files\dna\btdna.exe:btdna.exe
"TCP Query User{BDF4A13D-B8E7-4F1F-BEAB-D56DA1BCF547}C:\\users\\sly\\jeux\\wow\\burningcrusade.exe"= UDP:C:\users\sly\jeux\wow\burningcrusade.exe:burningcrusade.exe
"UDP Query User{0D907AEA-2CBB-4B80-9ED5-37450B2E9FFB}C:\\users\\sly\\jeux\\wow\\burningcrusade.exe"= TCP:C:\users\sly\jeux\wow\burningcrusade.exe:burningcrusade.exe
"TCP Query User{29A0DBE7-83F4-46EE-9455-0CA632978A5C}C:\\users\\sly\\program files\\dna\\btdna.exe"= UDP:C:\users\sly\program files\dna\btdna.exe:btdna.exe
"UDP Query User{FF838AAE-174F-4671-8D88-1F14E551EE6B}C:\\users\\sly\\program files\\dna\\btdna.exe"= TCP:C:\users\sly\program files\dna\btdna.exe:btdna.exe
"TCP Query User{CB59D7F2-B551-448E-9700-B9712A124274}C:\\users\\sly\\jeux\\wow\\wow.exe"= UDP:C:\users\sly\jeux\wow\wow.exe:wow.exe
"UDP Query User{E19135D9-14F9-41E2-A3DA-1753063BB863}C:\\users\\sly\\jeux\\wow\\wow.exe"= TCP:C:\users\sly\jeux\wow\wow.exe:wow.exe
"TCP Query User{0BACA980-39CD-4758-BD10-C51D37E07FF9}C:\\program files\\filezilla ftp client\\filezilla.exe"= UDP:C:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
"UDP Query User{88140150-C93A-4DDF-A5D7-3BA9CA5B6B15}C:\\program files\\filezilla ftp client\\filezilla.exe"= TCP:C:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
"TCP Query User{543B88E0-51F0-4C60-8676-488D840D4CDA}C:\\users\\sly\\jeux\\wow\\burningcrusade.exe"= UDP:C:\users\sly\jeux\wow\burningcrusade.exe:burningcrusade.exe
"UDP Query User{DFB234C8-6F14-4AC8-A442-DF1061697941}C:\\users\\sly\\jeux\\wow\\burningcrusade.exe"= TCP:C:\users\sly\jeux\wow\burningcrusade.exe:burningcrusade.exe
"TCP Query User{0678CBE0-F5CE-4366-B7A3-26D350428CA7}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{27831DE0-E1A4-409F-9B20-FE912AFF5FD7}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{233C7291-C2C1-48A4-90DD-68EECF088706}C:\\program files\\filezilla ftp client\\filezilla.exe"= UDP:C:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
"UDP Query User{22508FD9-7663-4CD7-BEEB-B82F704D17AD}C:\\program files\\filezilla ftp client\\filezilla.exe"= TCP:C:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
"{A52ADE78-84F7-4DA6-B508-2720BE541706}"= TCP:51268:Emule_UDP
"TCP Query User{EDE5AC9F-E5AA-4B82-B5D6-3F6E97EB1851}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay
"UDP Query User{17BED006-53B1-40DF-A475-A641D0F7F18A}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay
"{AA5D36A9-182E-4882-AC90-C4106BC02F6E}"= UDP:C:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe:Gears of War
"{582A288C-7853-40F0-A735-9582A9BF1505}"= TCP:C:\Program Files\Microsoft Games\Gears of War\Binaries\WarGame-G4WLive.exe:Gears of War
"TCP Query User{A21531DB-2290-430E-833D-A69F61E9EE38}C:\\program files\\dap\\dap.exe"= UDP:C:\program files\dap\dap.exe:Download Accelerator Plus (DAP)
"UDP Query User{25C16F6F-AD86-4AA6-B064-3BEFA2057FE8}C:\\program files\\dap\\dap.exe"= TCP:C:\program files\dap\dap.exe:Download Accelerator Plus (DAP)
"TCP Query User{9DE93BCB-79D5-42EC-A318-EA6B86B30C59}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{43A53BCF-7F53-4FE8-AEAA-AD6260CA341F}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{93395C6B-0691-429A-8C70-EF05BD5DE8C6}C:\\wamp\\bin\\apache\\apache2.2.8\\bin\\httpd.exe"= UDP:C:\wamp\bin\apache\apache2.2.8\bin\httpd.exe:Apache HTTP Server
"UDP Query User{635A69A4-2868-4DE5-B24B-9B73D007FCED}C:\\wamp\\bin\\apache\\apache2.2.8\\bin\\httpd.exe"= TCP:C:\wamp\bin\apache\apache2.2.8\bin\httpd.exe:Apache HTTP Server
"{9135F487-7742-42C2-B3AE-7D8E6720E830}"= Disabled:UDP:0:LocalSubnet:LocalSubnet:Magix UPnP Media Server
"{F64D6BCC-CE4F-423C-81C8-4089E2FC87FE}"= UDP:2869:LocalSubnet:LocalSubnet:Microsoft UPnP-Port (TCP)
"{D276A276-B5DF-4586-9DA6-3FB3883DB96C}"= TCP:1900:LocalSubnet:LocalSubnet:Microsoft UPnP-Port (UDP)
"TCP Query User{CBFB834F-A97D-4ED3-8B3D-032E2D929810}C:\\program files\\tmnationsforever\\tmforever.exe"= UDP:C:\program files\tmnationsforever\tmforever.exe:TmForever
"UDP Query User{EFFAE6E9-5E32-456F-879D-CBA21E03E9A1}C:\\program files\\tmnationsforever\\tmforever.exe"= TCP:C:\program files\tmnationsforever\tmforever.exe:TmForever
"{905E8423-1D68-4C9C-A873-FA2337576952}"= UDP:C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe:VideoAcceleratorService
"{D3364DD3-FF53-460B-B406-3BAE49EC6233}"= TCP:C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe:VideoAcceleratorService
"TCP Query User{6A7D0ED9-8A27-43D1-A2AB-403F8D350C3F}C:\\program files\\tmunitedforever\\tmforever.exe"= UDP:C:\program files\tmunitedforever\tmforever.exe:TmForever
"UDP Query User{A05578C1-0549-4139-B14C-ABD10723DC66}C:\\program files\\tmunitedforever\\tmforever.exe"= TCP:C:\program files\tmunitedforever\tmforever.exe:TmForever
"TCP Query User{E9E77DFF-CD3D-4E9E-AFB5-D243E636C2CA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{ABEF5131-1F96-42D7-8A5C-D1CBD75EC62C}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{948079C4-BA27-4CFE-84F3-01DFBD7084F4}"= Disabled:UDP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{1CE0B021-2B1D-4F0D-B64F-5D5CF6349FDD}"= Disabled:TCP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{8D16F181-780E-446E-9822-F0EAFFDE9BD6}"= Disabled:UDP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{70DA42EB-A773-4CEB-8CE9-852CC65A791A}"= Disabled:TCP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{C49B32BB-F1E1-4404-82AD-535B03074842}"= Disabled:UDP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{FFE53BCE-21AB-45D4-95C3-3971D4C4C6C3}"= Disabled:TCP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{1950BE82-1A02-47DB-8EE0-FB12D697AA20}"= Disabled:UDP:C:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{1D0E9804-F8E1-458C-8E02-E37BA91A0A11}"= Disabled:TCP:C:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{E1EA8A87-B4D6-4BAA-8FAA-1895B6829432}"= Disabled:UDP:C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe:Magix UPnP Service
"{C4CA24FE-ECFB-4311-9D95-17AC45E1D9F2}"= Disabled:TCP:C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe:Magix UPnP Service
"TCP Query User{8E60AEC5-BED1-4A4B-909F-0217C23232D6}C:\\program files\\c&c - renegade\\game.exe"= Disabled:UDP:C:\program files\c&c - renegade\game.exe:Renegade
"UDP Query User{43E8AA1B-D956-48C6-951A-26C48F9087F6}C:\\program files\\c&c - renegade\\game.exe"= Disabled:TCP:C:\program files\c&c - renegade\game.exe:Renegade
"TCP Query User{7D58270E-67C0-4B9B-AB78-14EFA52EE05D}C:\\westwood\\renegade\\game.exe"= Disabled:UDP:C:\westwood\renegade\game.exe:Renegade
"UDP Query User{DB42DB73-75DE-4372-9717-2240D32E66D2}C:\\westwood\\renegade\\game.exe"= Disabled:TCP:C:\westwood\renegade\game.exe:Renegade
"TCP Query User{736D535B-0EA6-4E07-B702-A67C230735B9}C:\\program files\\psygnosis\\rollcage\\direct3d\\rollcage.exe"= Disabled:UDP:C:\program files\psygnosis\rollcage\direct3d\rollcage.exe:Rollcage Main Game Executable
"UDP Query User{02E1B25B-B4F2-486D-B472-679A2E4CEF39}C:\\program files\\psygnosis\\rollcage\\direct3d\\rollcage.exe"= Disabled:TCP:C:\program files\psygnosis\rollcage\direct3d\rollcage.exe:Rollcage Main Game Executable
"TCP Query User{7813328C-3776-4E0B-A05A-126619E6A6E0}C:\\users\\sly\\prog\\teewars-0.3.4-win32\\teewars_srv.exe"= Disabled:UDP:C:\users\sly\prog\teewars-0.3.4-win32\teewars_srv.exe:teewars_srv.exe
"UDP Query User{3C6FDACC-2C23-414A-AE42-5A35A0F89210}C:\\users\\sly\\prog\\teewars-0.3.4-win32\\teewars_srv.exe"= Disabled:TCP:C:\users\sly\prog\teewars-0.3.4-win32\teewars_srv.exe:teewars_srv.exe
"TCP Query User{2B800E39-F94A-4B60-A10F-724DCA6E1C3B}C:\\program files\\unreal tournament\\system\\unrealtournament.exe"= Disabled:UDP:C:\program files\unreal tournament\system\unrealtournament.exe:UnrealTournament
"UDP Query User{0C505DD5-A85F-4C40-8A2F-DE91C39A0077}C:\\program files\\unreal tournament\\system\\unrealtournament.exe"= Disabled:TCP:C:\program files\unreal tournament\system\unrealtournament.exe:UnrealTournament
"{9BFF6113-A60A-46E4-B7BA-EC20C1935105}"= Disabled:C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{1410C470-9B22-44EA-9B91-31011C4CCD1D}"= Disabled:C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6F457777-4B4C-46FD-9377-8A37F0FEF45A}"= UDP:C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:VideoAccelerator
"{BCF87351-5A08-401C-93C6-D40646022199}"= TCP:C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:VideoAccelerator
"{C6BD35FF-3163-49BD-BE3B-9E11B17CA47F}"= UDP:C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe:VideoAcceleratorService
"{8CD1B16E-C798-492A-B4FB-6DE8AB81A7F5}"= TCP:C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe:VideoAcceleratorService

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R2 acedrv09;acedrv09;C:\Windows\system32\drivers\acedrv09.sys [2007-06-18 15:10]
R2 acehlp09;acehlp09;C:\Windows\system32\drivers\acehlp09.sys [2007-05-30 18:54]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\system32\aestsrv.exe [2007-12-03 06:27]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 12:43]
R3 OEM02Dev;Creative Camera OEM002 Driver;C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-10-10 18:03]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-08-28 07:51]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 10:51]
S3 BBCJD;BBCJD;C:\Users\Sly\AppData\Local\Temp\BBCJD.exe []
S3 btwaudio;Périphérique audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2006-11-07 03:37]
S3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2006-11-07 01:13]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-07 01:13]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18]
S3 HOAJN;HOAJN;C:\Users\Sly\AppData\Local\Temp\HOAJN.exe []
S3 HXUZBJ;HXUZBJ;C:\Users\Sly\AppData\Local\Temp\HXUZBJ.exe []
S3 OBE;OBE;C:\Users\Sly\AppData\Local\Temp\OBE.exe []
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\Windows\system32\DRIVERS\sis163u.sys [2006-02-15 04:25]
S3 UPnPService;UPnPService;C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 17:00]
S4 iaNvStor;Intel(R) Turbo Memory Controller;C:\Windows\system32\drivers\ianvstor.sys [2007-09-07 11:27]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a79e1a54-272f-11dd-9293-0015c5859683}]
\shell\AutoRun\command - E:\AutoTransfer.exe

.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-swg - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKU-Default-RunOnce-DelayShred - c:\program files\mcafee\mshr\ShrCL.EXE
MSConfigStartUp-PCSuiteTrayApplication - C:\PROGRA~1\Nokia\Nokia PC Suite 6\LaunchApplication.exe
MSConfigStartUp-postSetupCheck - C:\Windows\system32\gzmrt.dll
MSConfigStartUp-Reminder - C:\Program Files\Microsoft Money\System\reminder.exe


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-12 01:52:33
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
C:\Windows\System32\PnkBstrA.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\System32\stacsv.exe
C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Windows\System32\conime.exe
C:\Windows\System32\cmd.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellTPad\ApntEx.exe
C:\Program Files\DellTPad\hidfind.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-12 2:01:07 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-11 23:59:47

Pre-Run: 29,194,063,872 octets libres
Post-Run: 32,323,510,272 octets libres

383 --- E O F --- 2008-07-09 01:27:11

et pour finir le dernier log hijackthis en date (après tout ce que j'ai fait plus haut):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:03:49, on 12/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\DAP\DAP.exe
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sly\Prog\Suite\MonJack.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://imp.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:\PROGRA~1\SpeedBit Video Accelerator\proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = www-cache.ujf-grenoble.fr:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.fofo-info.fr
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: BBCJD - Unknown owner - C:\Users\Sly\AppData\Local\Temp\BBCJD.exe (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HOAJN - Unknown owner - C:\Users\Sly\AppData\Local\Temp\HOAJN.exe (file missing)
O23 - Service: HXUZBJ - Unknown owner - C:\Users\Sly\AppData\Local\Temp\HXUZBJ.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: OBE - Unknown owner - C:\Users\Sly\AppData\Local\Temp\OBE.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
0
Réponse 6 / 6
ZeSly38 Messages postés 1 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 12 juillet 2008
12 juil. 2008 à 08:12
Bon, après quelque manip' supplémentaire, il semblerai que le problème soit résolu: tout remarche à merveille, windows defender à fait des siennes mais apparement il s'est remis en route. seul problème: le centre de sécurité considère que mon antivirus est Avast! est qu'il est opé et à jour, alors que j'ai désinstallé avast il y a plus de 3 mois quand la version d'évaluation offerte avec le pc à expiré.
Il semblerai donc que tout marche! merci à tous! ( même si les réponses n'ont pas été direct, j'ai trouvé toutes les informations nécéssaires sur d'autre post, et c'est amplement suffisant quand on voit la qualité de l'aide apporté, merci encore)
0

Discussions similaires

Sécurité de l'URL
ghaouar -
fiddy -

2 réponses
Que signifie arrivé au centre de transport de départ ?
AlphaFurryWolf -
baladur13 -

3 réponses
La nouvelle messagerie du Boncoin....
Utilisateur anonyme -
Madabatro -

69 réponses
comment lire un message masqué????
linx33 -
linx33 -

6 réponses
Comment cacher ou masquer une URL
Jean-Pierre G -
Ahahaaa -

33 réponses