Sujet Précédent Sujet Suivant

Fenetre qui s ouvre toute seule

lena91 Messages postés 27 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
Je ne m'y connais pas beaucoup en virus mais j ai des fenêtres qui s'ouvrent toute seules j'ai était voir dans msconfig pour décocher une application dans le démarrage et j ai toujours les fenêtres qui s'ouvre et cet utilitaire s'ouvre a chaque démarrage malgré avoir coché la case ne plus afficher ce message et j'ai Ad-Watch des que je le met en route me marque tentative de suppression d'une valeur du registre malgré que je bloque a chaque fois la valeur est msconfig si quelqu'un pouvais m'aider.

51 réponses

Précédent
Réponse 21 / 51
lena91 Messages postés 27 Statut Membre
 
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Unable to create WMI object.

Architecture: X86; Language: French

Percentage of Memory in Use: 44%
Physical Memory (total/avail): 1022.73 MiB / 564.95 MiB
Pagefile Memory (total/avail): 1180.68 MiB / 838.25 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1919.68 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 97.65 GiB total, 66.61 GiB free.
D: is Fixed (NTFS) - 92.25 GiB total, 71.76 GiB free.
E: is CDROM (CDFS)

-- Security Center -------------------------------------------------------------

AUOptions is disabled.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
UpdatesDisableNotify is set.
AntivirusOverride is set.
FirewallOverride is set.

Unable to create WMI object.

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrateur\Application Data
CLASSPATH=C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=URANIUMOFCOURSE
ComSpec=C:\WINDOWS\system32\cmd.exe
DEVMGR_SHOW_DETAILS=1
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrateur
LOGONSERVER=\\URANIUMOFCOURSE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Satsuki Decoder Pack\filtres\divers
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0303
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=URANIUMOFCOURSE
USERNAME=Administrateur
USERPROFILE=C:\Documents and Settings\Administrateur
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Administrateur [I](admin)/I

-- Add/Remove Programs ---------------------------------------------------------

--> C:\PROGRA~1\CLUB-I~1\LECOMP~1\Uninstall.exe TONLFR
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11E83B33-972B-4512-A447-FF0FD0246EE9}\setup.exe" -l0x40c
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21B6F79B-2286-4BB0-B1E3-BA6B9498D110}\setup.exe" -l0x40c
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x40c
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x40c
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BFBC62A-3353-443D-93BE-7AC641D9F342}\setup.exe" -l0x40c
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x40c
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B100B05B-E290-41EF-9366-8BC4C76D7769}\setup.exe" -l0x40c
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x40c
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3568156-59C3-42DF-A520-2C25B6706C91}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x40c
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x40c
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
123 Free Solitaire --> D:\PROGRA~1\123FRE~1\UNWISE.EXE D:\PROGRA~1\123FRE~1\INSTALL.LOG
7000 Lettres et Courriers Types --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1AB93ECB-2985-4CA8-807A-913AF340ABE8}\SETUP.EXE" -l0x40c
ABBYY FineReader 5.0 Sprint Plus --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
ABBYY FineReader 6.0 --> MsiExec.exe /I{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}
Ad-aware SE - Traduction FR --> C:\Program Files\Lavasoft\Ad-Aware SE Professional\uninst-trad.exe
Ad-Aware SE Professional --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
adsl TV --> D:\Nouveau dossier (3)\Uninstal.exe
AnmanieSMP 2.4 i --> "D:\Documents and Settings\dossier de valerie\AnmSMP\unins000.exe"
Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe
ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\SETUP.EXE" -l0x40c -uninst
Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Barre d'outils Outlook de Windows Live (Windows Live Toolbar) --> MsiExec.exe /X{07E449E6-23A5-4011-90B0-3F5B06039EDB}
BitComet 0.61 --> "C:\WINDOWS\BitComet_Toolbar_Uninstaller_3078.exe" -hu _?=C:\Program Files\BitComet Toolbar
BitComet Toolbar --> "C:\WINDOWS\BitComet_Toolbar_Uninstaller_3078.exe" _?=C:\Program Files\BitComet Toolbar
Bloqueur de fenêtres pop-up (Windows Live Toolbar) --> MsiExec.exe /X{44A4B84F-FEBD-4E4D-BC1F-187AA501AE9D}
BroadJump Client Foundation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
Contrôle Parental --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93094D10-9388-11D4-9886-0000B43F396D}\Setup.exe" -l0x40c
Correctif pour Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{0542AC3C-963B-4176-8FFD-41029EFC95AA}
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
EPSON CardMonitor --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst
EPSON Copy Utility --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B69CC1A5-0404-11D6-ABCB-005004C21D30}\setup.exe" -l0x40c ADDREMOVEDLG
EPSON Logiciel imprimante --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
EPSON Photo Print --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C51957C2-F025-4FB3-B181-09131504A29D}\setup.exe" -l0x40c MyUninstall
EPSON PhotoQuicker3.5 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst
EPSON PhotoStarter3.1 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst
EPSON Scan --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E0131B2-CF18-40D9-A331-60A3746C1204}\SETUP.EXE" -l0x40c UNINSTALL
EPSON Smart Panel --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\SETUP.EXE" -l0x40c Uninstall
ESCX5400 Guide de référence --> C:\Program Files\EPSON\ESCX5400\REF_G\DOCUNINS.EXE
ESCX5400 Guide des logiciels --> C:\Program Files\EPSON\ESCX5400\PQU_G\DOCUNINS.EXE
ESCX5400 Guide du copieur --> C:\Program Files\EPSON\ESCX5400\COPY_G\DOCUNINS.EXE
Extension de Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{469434A4-E972-4828-8288-1C1E721478D9}
FlashFXP v3 --> "C:\Program Files\FlashFXP\unins000.exe"
GIMP 2.4.6 --> "C:\Program Files\GIMP-2.0\setup\unins000.exe"
Gimp pour Windows --> "D:\\uninstall.exe"
Google Earth --> MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
Haali Media Splitter --> "C:\Program Files\Satsuki Decoder Pack\filtres\haali\uninstall.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HTML Direct --> C:\WINDOWS\unin040c.exe -f"C:\Program Files\HTML Direct\DeIsL1.isu" -c"C:\Program Files\HTML Direct\_ISREG32.DLL"
iPuissance 4D --> D:\jeux\puissance 4\iPuissance 4D\Uninst.exe
Java 2 Runtime Environment, SE v1.4.2_05 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
K500i-F500i USB-Handset Manager --> C:\WINDOWS\USBK500iphmgunin.exe D:\Documents and Settings\dossier de valerie\K500i-F500i USB-Handset Manager\FileList.ini
Kaspersky Anti-Hacker --> "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\uninstall.exe"
Lanceur Club Internet v6 --> "C:\Program Files\Club-Internet\Lanceur\uninstall.exe"
LE COMPAGNON CLUB --> C:\WINDOWS\Motive\TONLFR\MCCUninst.exe
livebox --> C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar) --> MsiExec.exe /X{4A3C7929-C8E8-4679-8B45-E53BE636EAC9}
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Mise à jour pour Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
MOTIX --> C:\WINDOWS\GPInstall.exe "/UNINST=D:\Documents and Settings\dossier de valerie\jeux\UnInst.log" "/APPNAME=MOTIX"
Mozilla Firefox (2.0.0.16) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
Mozilla Sunbird (0.8) --> C:\Program Files\Mozilla Sunbird\uninstall\uninst.exe
Navigation par onglets (Windows Live Toolbar) --> MsiExec.exe /X{5339D353-E45B-47F6-B9E3-CAD14CD0034E}
Navilog1 3.6.1 --> "C:\Program Files\Navilog1\unins000.exe"
Nero 6 Demo --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
O&O Defrag Professional Edition --> MsiExec.exe /I{53480520-7555-470E-8C69-750B0472B4BB}
OneCare Advisor (Windows Live Toolbar) --> MsiExec.exe /X{F242B06B-517F-4D62-B654-16B11564A912}
Outils Club Internet --> "C:\Program Files\Club-Internet\Assistance\OutilsCI\uninstall.exe"
Pack Vista Inspirat 1.1 --> C:\WINDOWS\BricoPacks\Vista Inspirat\Remove.exe
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Photos numériques --> "D:\Program Files\Anuman Interactive\Photos numériques\uninstall.exe"
QuickTime --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{0B69DA57-BC7D-461D-B7D6-2AA9F08869CD} /l1036
RallyCrossSolitaire --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Macallan Applications\RallyCrossSolitaire\Uninst.isu"
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Repertoire --> D:\Documents and Settings\dossier de valerie\Nouveau dossier (2)\Repertoire\uninstall.exe
Réussir ses CV et Lettres de Motivation --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64914710-F0F3-4E51-BFF7-145075A7F204}\SETUP.EXE" -l0x40c
Safety Bar --> "C:\Program Files\Safety Bar\Uninstall.bat" "C:\Program Files\Safety Bar"
Satsuki Decoder Pack --> C:\Program Files\Satsuki Decoder Pack\Uninstall.exe
ScanToWeb --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG
SecondLife (remove only) --> "D:\Documents and Settings\Mon dossier\loisirs\cuisine\pain\Nouveau dossier (3)\Nouveau dossier\SecondLife\uninst.exe" /P="SecondLife"
SecondLifeReleaseCandidate (remove only) --> "D:\Documents and Settings\Mon dossier\loisirs\cuisine\pain\Nouveau dossier (3)\SecondLifeReleaseCandidate\uninst.exe" /P="SecondLifeReleaseCandidate"
Slot Machine 98 v5.2 --> C:\WINDOWS\iun6002.exe "D:\Documents and Settings\dossier de valerie\photo1\irunin.ini"
SolSuite 2008 v8.6 --> "C:\Program Files\SolSuite\unins000.exe"
SuperCopier --> "C:\Program Files\SuperCopier\SCUninst.exe"
Système anti-virus AVG 7.1 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Tetris --> "D:\jeux\Tetris\unins000.exe"
TH Calculator --> D:\Documents and Settings\dossier de valerie\loisirs\cuisine\Uninstal.exe
VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {E8A81E1F-665E-4F81-B04D-B6D164A8F360}
Windows Live Toolbar --> MsiExec.exe /X{E8A81E1F-665E-4F81-B04D-B6D164A8F360}
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
WinPatrol --> C:\WINDOWS\unin040c.exe -f"C:\Program Files\BillP Studios\WinPatrol\DeIsL1.isu" -c"C:\Program Files\BillP Studios\WinPatrol\_ISREG32.DLL"
ZTE ZXDSL852 --> "C:\Program Files\Zhongxing\ZTE ZXDSL852\setup.exe" -u

-- Application Event Log -------------------------------------------------------

Event Record #/Type15754 / Error
Event Submitted/Written: 07/22/2008 10:51:41 PM
Event ID/Source: 1090 / Userenv
Event Description:
Windows n'a pas pu enregistrer le statut de la session RSoP (Jeu de stratégies résultant). Une tentative de connexion à WMI a échoué. Aucun enregistrement RSoP, ne sera effectué pour cette application de stratégie.

Event Record #/Type15753 / Error
Event Submitted/Written: 07/22/2008 10:51:41 PM
Event ID/Source: 1090 / Userenv
Event Description:
Windows n'a pas pu enregistrer le statut de la session RSoP (Jeu de stratégies résultant). Une tentative de connexion à WMI a échoué. Aucun enregistrement RSoP, ne sera effectué pour cette application de stratégie.

Event Record #/Type15750 / Error
Event Submitted/Written: 07/22/2008 09:59:36 PM
Event ID/Source: 1090 / Userenv
Event Description:
Windows n'a pas pu enregistrer le statut de la session RSoP (Jeu de stratégies résultant). Une tentative de connexion à WMI a échoué. Aucun enregistrement RSoP, ne sera effectué pour cette application de stratégie.

Event Record #/Type15749 / Error
Event Submitted/Written: 07/22/2008 09:44:37 PM
Event ID/Source: 1090 / Userenv
Event Description:
Windows n'a pas pu enregistrer le statut de la session RSoP (Jeu de stratégies résultant). Une tentative de connexion à WMI a échoué. Aucun enregistrement RSoP, ne sera effectué pour cette application de stratégie.

Event Record #/Type15746 / Error
Event Submitted/Written: 07/22/2008 08:13:36 PM
Event ID/Source: 1090 / Userenv
Event Description:
Windows n'a pas pu enregistrer le statut de la session RSoP (Jeu de stratégies résultant). Une tentative de connexion à WMI a échoué. Aucun enregistrement RSoP, ne sera effectué pour cette application de stratégie.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type30387 / Error
Event Submitted/Written: 07/22/2008 11:00:00 PM
Event ID/Source: 7901 / Schedule
Event Description:
La commande At96.job n'a pas pu démarrer du fait de l'erreur suivante :
%%2147942405

Event Record #/Type30386 / Error
Event Submitted/Written: 07/22/2008 11:00:00 PM
Event ID/Source: 7901 / Schedule
Event Description:
La commande At72.job n'a pas pu démarrer du fait de l'erreur suivante :
%%2147942405

Event Record #/Type30385 / Error
Event Submitted/Written: 07/22/2008 11:00:00 PM
Event ID/Source: 7901 / Schedule
Event Description:
La commande At48.job n'a pas pu démarrer du fait de l'erreur suivante :
%%2147942405

Event Record #/Type30384 / Error
Event Submitted/Written: 07/22/2008 11:00:00 PM
Event ID/Source: 7901 / Schedule
Event Description:
La commande At24.job n'a pas pu démarrer du fait de l'erreur suivante :
%%2147942405

Event Record #/Type30383 / Error
Event Submitted/Written: 07/22/2008 11:00:00 PM
Event ID/Source: 7901 / Schedule
Event Description:
La commande At120.job n'a pas pu démarrer du fait de l'erreur suivante :
%%2147942405

-- End of Deckard's System Scanner: finished at 2008-07-22 23:37:13 ------------
0
Réponse 22 / 51
Utilisateur anonyme
 
J aimerais que tu fasse ceci stp :

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : C:\PROGRA~1\CONTRO~1\bin\optgu­i.exe

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.
0
Réponse 23 / 51
lena91 Messages postés 27 Statut Membre
 
Fichier OPTGui.exe reçu le 2008.07.22 23:58:21 (CET)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.7.23.0 2008.07.22 -
AntiVir 7.8.1.11 2008.07.22 -
Authentium 5.1.0.4 2008.07.22 -
Avast 4.8.1195.0 2008.07.22 -
AVG 8.0.0.130 2008.07.22 -
BitDefender 7.2 2008.07.22 -
CAT-QuickHeal 9.50 2008.07.22 -
ClamAV 0.93.1 2008.07.22 -
DrWeb 4.44.0.09170 2008.07.22 -
eSafe 7.0.17.0 2008.07.22 -
eTrust-Vet 31.6.5975 2008.07.22 -
Ewido 4.0 2008.07.22 -
F-Prot 4.4.4.56 2008.07.22 -
F-Secure 7.60.13501.0 2008.07.22 -
Fortinet 3.14.0.0 2008.07.22 -
GData 2.0.7306.1023 2008.07.22 -
Ikarus T3.1.1.34.0 2008.07.22 -
Kaspersky 7.0.0.125 2008.07.22 -
McAfee 5344 2008.07.22 -
Microsoft 1.3704 2008.07.22 -
NOD32v2 3289 2008.07.22 -
Norman 5.80.02 2008.07.22 -
Panda 9.0.0.4 2008.07.22 -
PCTools 4.4.2.0 2008.07.22 -
Prevx1 V2 2008.07.22 -
Rising 20.54.12.00 2008.07.22 -
Sophos 4.31.0 2008.07.22 -
Sunbelt 3.1.1536.1 2008.07.18 -
Symantec 10 2008.07.22 -
TheHacker 6.2.96.385 2008.07.20 -
TrendMicro 8.700.0.1004 2008.07.22 -
VBA32 3.12.8.1 2008.07.22 suspected of Win32.BrokenEmbeddedSignature (paranoid heuristics)
VirusBuster 4.5.11.0 2008.07.22 -
Webwasher-Gateway 6.6.2 2008.07.22 -
Information additionnelle
File size: 404536 bytes
MD5...: 85664b8ccde8ba4b9abcdf783b2dd532
SHA1..: d09791269ce0264d7134b9a2a573995a276d3103
SHA256: 88a8ef5475f4eba1d8e8179171fb765c478244610412eeb25e5b3a0d21944026
SHA512: f8d378976454fa9dff1b1e0370f8ee5ddaa2d1d6eb8ace39761f3350383d284b<br>9e245442a81565db038e5fbf7ad3ac95c1cf9eaaf980aafb16d60782ee90126a
PEiD..: Armadillo v1.71
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x41b669<br>timedatestamp.....: 0x4588ff07 (Wed Dec 20 09:14:47 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x3d100 0x3e000 6.60 3e8624a3c0cc554465b2f9ffc07330e1<br>.rdata 0x3f000 0x9760 0xa000 4.22 1b1ff445537cf6944ef3be225ede2ebd<br>.data 0x49000 0xe379 0x9000 4.22 2357d4878fbbbb0615b0ede4bf1a868c<br>.rsrc 0x58000 0x9ef8 0xa000 2.93 b1580794360a871a47fac63ca8a6d787<br><br>( 7 imports ) <br>> KERNEL32.dll: DeleteFileA, MoveFileA, SetEndOfFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileA, GetCurrentProcess, GetOEMCP, GetCPInfo, GlobalFlags, lstrcmpA, GetProcessVersion, GlobalGetAtomNameA, lstrcmpiA, GlobalFindAtomA, GlobalDeleteAtom, GetVersion, GetCurrentThreadId, TlsGetValue, LocalReAlloc, TlsSetValue, GlobalAlloc, GlobalReAlloc, GlobalLock, GlobalHandle, GlobalUnlock, GlobalFree, TlsAlloc, LocalFree, LocalAlloc, lstrcpynA, GetModuleFileNameA, lstrcatA, SetErrorMode, MultiByteToWideChar, InterlockedDecrement, InterlockedIncrement, ReleaseMutex, SetEvent, UnmapViewOfFile, CreateFileMappingA, OpenFileMappingA, MapViewOfFile, OpenMutexA, GetVersionExA, GetFileAttributesA, RtlUnwind, RaiseException, ExitProcess, HeapReAlloc, GetFileType, GetTimeZoneInformation, GetSystemTime, GetLocalTime, GetStartupInfoA, ExitThread, HeapSize, GetACP, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, SetHandleCount, GetStdHandle, SetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, IsBadReadPtr, LeaveCriticalSection, IsBadCodePtr, IsValidLocale, IsValidCodePage, GetLocaleInfoA, EnumSystemLocalesA, GetUserDefaultLCID, GetLocaleInfoW, CompareStringA, CompareStringW, SetEnvironmentVariableA, InterlockedExchange, WideCharToMultiByte, lstrlenA, lstrcpyA, DeleteAtom, GlobalAddAtomA, CreateEventA, CreateMutexA, GetCommandLineA, GetWindowsDirectoryA, DeleteCriticalSection, InitializeCriticalSection, LoadLibraryA, CreateThread, OpenEventA, ResetEvent, WaitForSingleObject, TerminateProcess, Sleep, CreateProcessA, GetProcessHeap, HeapAlloc, HeapFree, GetModuleHandleA, GetProcAddress, FreeLibrary, CloseHandle, GetLastError, SetLastError, EnterCriticalSection<br>> SHELL32.dll: ShellExecuteA, Shell_NotifyIconA, ShellExecuteExA<br>> USER32.dll: GrayStringA, DrawTextA, TabbedTextOutA, ClientToScreen, PtInRect, GetClassNameA, GetSysColorBrush, MapWindowPoints, GetSysColor, AdjustWindowRectEx, CopyRect, GetTopWindow, GetCapture, WinHelpA, GetClassInfoA, GetMenu, GetMenuItemCount, GetMenuItemID, GetWindowTextA, GetDlgCtrlID, GetClassLongA, GetMessageTime, GetMessagePos, GetForegroundWindow, GetWindow, SetWindowPos, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetSystemMetrics, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetLastActivePopup, IsWindowEnabled, EnableWindow, GetKeyState, CallNextHookEx, PeekMessageA, SetWindowsHookExA, LoadStringA, UnhookWindowsHookEx, PostMessageA, LoadCursorA, SetCursor, GetWindowRect, ScreenToClient, GetDC, DrawFocusRect, ReleaseDC, InvalidateRect, GetClientRect, ReleaseCapture, SetCapture, GetPropA, CallWindowProcA, RemovePropA, GetParent, SetWindowLongA, GetWindowLongA, SetPropA, SendMessageA, RegisterWindowMessageA, DestroyWindow, PostQuitMessage, DefWindowProcA, RegisterClassA, CreateWindowExA, GetMessageA, DispatchMessageA, FindWindowExA, LoadMenuA, RemoveMenu, GetSubMenu, GetCursorPos, TrackPopupMenu, DestroyMenu, ModifyMenuA, LoadIconA, DestroyIcon, DialogBoxParamA, ShowWindow, SetForegroundWindow, SendDlgItemMessageA, SetTimer, GetDlgItemTextA, SetDlgItemTextA, GetDlgItem, SetFocus, SetWindowTextA, MessageBoxA, EndDialog, SetMenuItemBitmaps<br>> GDI32.dll: ScaleWindowExtEx, SetWindowExtEx, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetDeviceCaps, SetBkColor, GetClipBox, CreateBitmap, GetObjectA, CreateFontIndirectA, DeleteObject, SetTextColor, PtVisible, RectVisible, TextOutA, ExtTextOutA, SetMapMode, Escape<br>> WINSPOOL.DRV: DocumentPropertiesA, ClosePrinter, OpenPrinterA<br>> ADVAPI32.dll: InitializeAcl, AllocateAndInitializeSid, FreeSid, RegCreateKeyExA, RegSetValueExA, GetUserNameA, AddAccessAllowedAce, InitializeSecurityDescriptor, RegCloseKey, SetSecurityDescriptorDacl, GetLengthSid, RegOpenKeyExA, RegQueryValueExA<br>> COMCTL32.dll: -<br><br>( 0 exports ) <br>
0
Réponse 24 / 51
Utilisateur anonyme
 
ok un dernier :

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : C:\WINDOWS\system32\uixzusll.exe

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 51
lena91 Messages postés 27 Statut Membre
 
je trouve pas le dossier uixzsll dans systeme32 ni ailleurs d'ailleurs
0
Réponse 26 / 51
Utilisateur anonyme
 
va dans poste de travail
entre dans le disque C
entre dans le dossier windows
entre dans le dossier system32
cherche le fichier : uixzusll.exe

il est possible que l extension .exe ne soit pas visible et envoi le sur virus total

ps : il est present c est sur
0
Réponse 27 / 51
lena91 Messages postés 27 Statut Membre
 
non meme en le cherchant comme ça je le trouve pas
0
Réponse 28 / 51
Utilisateur anonyme
 
Copie le texte ci-dessous :

File::
C:\WINDOWS\mozver.dat
C:\WINDOWS\system32\PTDq346B.exe
C:\WINDOWS\system32\yosdjh.dll
c:\documents and settings\administrateur\local settings\application data\hztmgyzl.exe
C:\WINDOWS\system32\uixzusll.exe

Folder::
c:\program files\fichiers communs\boonty shared
C:\Program Files\Navilog1
C:\Documents and Settings\All Users\Application Data\SweetIM
C:\Program Files\Fun Web Products
C:\Program Files\Panda Security
C:\Program Files\Boonty
C:\PROGRA~1\MYWEBS~1

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\Run]
"awotlwda"=-
"SecureWeb"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion­\Run]
"hztmgyzl"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\ShellServiceObjectDelayLoad]
"anatolian"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]

Driver::
Boonty Games

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

0
Réponse 29 / 51
lena91 Messages postés 27 Statut Membre
 
ComboFix 08-07-21.2 - Administrateur 2008-07-23 1:39:32.2 - NTFSx86

Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
Command switches used :: D:\recette\CFScript.txt

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
c:\documents and settings\administrateur\local settings\application data\hztmgyzl.exe
C:\WINDOWS\mozver.dat
C:\WINDOWS\system32\PTDq346B.exe
C:\WINDOWS\system32\uixzusll.exe
C:\WINDOWS\system32\yosdjh.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\SweetIM
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users\@msn.com\emoticons_shortcut.xml
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users\@msn.com\lastuse_Audibles.xml
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users\@msn.com\lastuse_DisplayPictures.xml
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users\@msn.com\lastuse_Emoticons.xml
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users\@msn.com\lastuse_Winks.xml
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users\@msn.com\user_config.xml
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users\main_user_config.xml
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users\@msn.com\emoticons_shortcut.xml
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users\@msn.com\user_config.xml
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\00010814.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\0001081A.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\00010850.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\0001086C.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\0001088C.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\00010890.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\00010892.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000108A9.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000108F2.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000108FB.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\0001090D.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\00020112.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\00020185.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000201CC.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000202AA.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000202B8.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\0003009F.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000300A0.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000300A1.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000300A2.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000300A3.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\0004002B.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\0004003C.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\0004003E.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000400A3.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\00050005.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000600C9.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000600DD.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000601B4.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000601E2.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000601E6.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000601EA.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\000601EB.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\00080014.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\010108A7.dat
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\cache_indx.dat
C:\Program Files\Boonty
c:\program files\fichiers communs\boonty shared
c:\program files\fichiers communs\boonty shared\Service\Boonty.exe
C:\Program Files\Fun Web Products
C:\Program Files\Fun Web Products\MSNMessenger\MSNBackgrounds\0094BA28.jpeg
C:\Program Files\Fun Web Products\MSNMessenger\MSNBackgrounds\00A784C4.jpeg
C:\Program Files\Fun Web Products\MSNMessenger\MSNBackgrounds\00B1C2B6.jpeg
C:\Program Files\Fun Web Products\MSNMessenger\MSNBackgrounds\00B3174A.jpeg
C:\Program Files\Navilog1
C:\Program Files\Navilog1\Backupnavi\gesyqes.dat
C:\Program Files\Navilog1\Backupnavi\gesyqes.exe
C:\Program Files\Navilog1\Backupnavi\gesyqes_nav.dat
C:\Program Files\Navilog1\Backupnavi\gesyqes_navps.dat
C:\Program Files\Navilog1\catchme.exe
C:\Program Files\Navilog1\Contents\Filess.bat
C:\Program Files\Navilog1\Contents\Folders.bat
C:\Program Files\Navilog1\Contents\Folderss.bat
C:\Program Files\Navilog1\Contents\Gnc2.bat
C:\Program Files\Navilog1\Contents\Gnc2su.bat
C:\Program Files\Navilog1\Contents\Gncs.bat
C:\Program Files\Navilog1\Contents\Gncssfil.bat
C:\Program Files\Navilog1\Contents\Heurs.bat
C:\Program Files\Navilog1\Contents\Heurss.bat
C:\Program Files\Navilog1\Contents\Orphus.bat
C:\Program Files\Navilog1\Contents\Wlist.bat
C:\Program Files\Navilog1\GetPaths.exe
C:\Program Files\Navilog1\navilog1.bat
C:\Program Files\Navilog1\Navreb.bat
C:\Program Files\Navilog1\oem2ansi.exe
C:\Program Files\Navilog1\Orph.reg
C:\Program Files\Navilog1\Process.exe
C:\Program Files\Navilog1\Reboot.exe
C:\Program Files\Navilog1\reg.exe
C:\Program Files\Navilog1\regnavi.reg
C:\Program Files\Navilog1\Safebackup\backup_registry.dat
C:\Program Files\Navilog1\Safebackup\HKCU_Run.reg
C:\Program Files\Navilog1\Safebackup\HKLM_Arpcache.reg
C:\Program Files\Navilog1\Safebackup\HKLM_Run.reg
C:\Program Files\Navilog1\Safebackup\HKLM_Startupreg.reg
C:\Program Files\Navilog1\Safebackup\HKLM_Uninstall.reg
C:\Program Files\Navilog1\traite.bat
C:\Program Files\Navilog1\traite2.bat
C:\Program Files\Navilog1\traite3.bat
C:\Program Files\Navilog1\unins000.dat
C:\Program Files\Navilog1\unins000.exe
C:\Program Files\Panda Security
C:\Program Files\Panda Security\ActiveScan 2.0\apicr.dll
C:\Program Files\Panda Security\ActiveScan 2.0\as2auditor.dll
C:\Program Files\Panda Security\ActiveScan 2.0\as2data.dll
C:\Program Files\Panda Security\ActiveScan 2.0\as2guiie.dll
C:\Program Files\Panda Security\ActiveScan 2.0\as2inst.dll
C:\Program Files\Panda Security\ActiveScan 2.0\as2scanner.dll
C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
C:\Program Files\Panda Security\ActiveScan 2.0\asmdat.dll
C:\Program Files\Panda Security\ActiveScan 2.0\avdetect.ini
C:\Program Files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2KRN_DATA
C:\Program Files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM
C:\Program Files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM2
C:\Program Files\Panda Security\ActiveScan 2.0\firewalldetect.ini
C:\Program Files\Panda Security\ActiveScan 2.0\kreexent.dll
C:\Program Files\Panda Security\ActiveScan 2.0\libcomm.dll
C:\Program Files\Panda Security\ActiveScan 2.0\libxml2.dll
C:\Program Files\Panda Security\ActiveScan 2.0\mapvfile.dll
C:\Program Files\Panda Security\ActiveScan 2.0\memvfile.dll
C:\Program Files\Panda Security\ActiveScan 2.0\minicrypto.dll
C:\Program Files\Panda Security\ActiveScan 2.0\msvcr71.dll
C:\Program Files\Panda Security\ActiveScan 2.0\nanocache.fil2
C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pav.sig
C:\Program Files\Panda Security\ActiveScan 2.0\pavboot.sys
C:\Program Files\Panda Security\ActiveScan 2.0\pavboot64.sys
C:\Program Files\Panda Security\ActiveScan 2.0\pavexcom.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pavoe.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pavsddl.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pavvt.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pavvts.dat
C:\Program Files\Panda Security\ActiveScan 2.0\pskads.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskahk.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskalloc.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskas.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskavs.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskcmp.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskfss.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskhtml.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskmdfs.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskmfs.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psknc.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskpack.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskqhs.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskscs.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskutil.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskvfile.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskvfs.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pskvm.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psnden.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psndsk.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psnengav.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psnengav.nsc
C:\Program Files\Panda Security\ActiveScan 2.0\psnfc.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psnglkntex.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psnhsh.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psnkrnl.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psnxprs.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psqmgr.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF
C:\Program Files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF.ext
C:\Program Files\Panda Security\ActiveScan 2.0\psqstore\PSQ.CFG
C:\Program Files\Panda Security\ActiveScan 2.0\pssarf.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psscan.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psscoms.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psscpu.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pssdet.dll
C:\Program Files\Panda Security\ActiveScan 2.0\psspa.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pssqem.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pssuts.dll
C:\Program Files\Panda Security\ActiveScan 2.0\pssyschk.dll
C:\Program Files\Panda Security\ActiveScan 2.0\putczip.dll
C:\Program Files\Panda Security\ActiveScan 2.0\rkpavproc.sys
C:\Program Files\Panda Security\ActiveScan 2.0\rkpavproc64.sys
C:\Program Files\Panda Security\ActiveScan 2.0\scremlsp.exe
C:\Program Files\Panda Security\ActiveScan 2.0\vplatdis.dll
C:\Program Files\Panda Security\ActiveScan 2.0\vplatprc.dll
C:\WINDOWS\mozver.dat
.
---- Previous Run -------
.
C:\bold.log
C:\Documents and Settings\Administrateur\Application Data\FunWebProducts
C:\Documents and Settings\Administrateur\Application Data\FunWebProducts\Data\Administrateur\avatar.dat
C:\dup2.exe
C:\Program Files\safety bar
C:\Program Files\safety bar\Uninstall.bat
C:\WINDOWS\msettings.ini
C:\WINDOWS\system\svchest.reg
C:\WINDOWS\system32\components
C:\WINDOWS\system32\components\flx0.dll
C:\WINDOWS\system32\components\flx1.dll
C:\WINDOWS\system32\components\flx2.dll
C:\WINDOWS\system32\components\flx6.dll
C:\WINDOWS\system32\components\flx9.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MSUPDATE
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-22 to 2008-07-22 ))))))))))))))))))))))))))))))))))))
.

2008-07-22 23:35 . 2008-07-22 23:35 <REP> d-------- C:\Deckard
2008-07-22 22:51 . 2008-07-22 22:51 <REP> d-------- C:\WINDOWS\system32\xircom
2008-07-22 22:51 . 2008-07-22 22:51 <REP> d-------- C:\Program Files\microsoft frontpage
2008-07-22 21:03 . 2008-07-22 21:03 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-22 21:03 . 2008-07-22 21:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-22 21:03 . 2008-07-22 21:03 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-07-22 21:03 . 2008-07-20 20:21 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-22 21:03 . 2008-07-20 20:21 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-22 18:26 . 2008-07-22 18:26 <REP> d-------- C:\Program Files\Trend Micro
2008-07-21 22:17 . 2008-06-19 17:24 28,544 --a------ C:\WINDOWS\system32\drivers\pavboot.sys
2008-07-13 13:13 . 2008-07-13 18:51 <REP> d-------- C:\Program Files\Mozilla Sunbird
2008-07-11 22:18 . 2008-07-11 22:18 24 --a------ C:\url_history.xml
2008-07-10 22:56 . 2008-07-10 22:57 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Corel
2008-07-10 22:56 . 2008-07-10 22:56 952 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-07-10 22:54 . 2008-07-10 22:58 <REP> d-------- C:\Program Files\Fichiers communs\Corel
2008-07-10 22:54 . 2008-07-10 22:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Corel
2008-07-02 16:52 . 2008-07-02 16:52 <REP> d-------- C:\Program Files\SolSuite
2008-07-02 16:52 . 2008-07-02 16:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TreeCardGames
2008-07-02 16:52 . 2008-07-02 17:03 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\SolSuite
2008-06-29 18:06 . 2008-06-29 19:40 <REP> d-------- C:\Program Files\GIMP-2.0
2008-06-29 18:00 . 2008-06-29 18:24 <REP> d-------- C:\Documents and Settings\Administrateur\.thumbnails
2008-06-25 17:03 . 2008-06-25 17:03 <REP> d-------- C:\Program Files\Macallan Applications
2008-06-23 19:17 . 2008-06-23 19:17 <REP> d-------- C:\Program Files\Controle Parental
2008-06-23 19:17 . 2006-02-08 18:30 8,464 --------- C:\WINDOWS\sporder.dll
2008-06-23 19:17 . 2006-11-08 12:46 3,224 --------- C:\WINDOWS\sporder.zip

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-22 22:01 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\AVG7
2008-07-18 13:38 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\gtk-2.0
2008-06-23 17:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-20 23:18 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\MSN6
2008-06-16 15:17 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\SecondLife
2008-06-16 14:05 --------- d-----w C:\Program Files\SAGEM
2008-06-16 14:05 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\InstallShield
2008-06-16 14:04 --------- d-----w C:\Program Files\Securitoo
2008-06-08 08:54 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\123 Free Solitaire
2008-05-31 02:44 --------- d-----w C:\Program Files\Google
2008-05-22 17:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\iWin Games
2008-05-22 17:06 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\iWinArcade
2007-07-10 11:15 0 ----a-w C:\Documents and Settings\Administrateur\512k.dat
2006-08-17 15:22 81,920 ----a-w C:\Documents and Settings\Administrateur\Application Data\ezpinst.exe
2006-08-17 15:22 47,360 ----a-w C:\Documents and Settings\Administrateur\Application Data\pcouffin.sys
2004-08-04 03:54 37,901 --sha-w C:\WINDOWS\BricoPacks\SysFiles\68_iexplore.exe
2004-08-11 19:49 73,728 --sha-w C:\WINDOWS\BricoPacks\SysFiles\71_wmplayer.exe
2004-08-04 03:54 37,901 --sha-w C:\WINDOWS\BricoPacks\Vista Inspirat\PackFiles\68_iexplore.exe
2004-08-04 03:55 73,728 --sha-w C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
.

------- Sigcheck -------

2005-04-15 23:44 578048 c34920eb988ce98910bd6b0417f334eb C:\WINDOWS\system32\user32.dll

2006-02-02 23:10 359040 c81d6a930a7805f6daa0c7902b99037e C:\WINDOWS\system32\drivers\TCPIP.SYS

2005-04-15 23:45 2059008 5311776074b6c13f983dc75baeac9c0c C:\WINDOWS\system32\ntkrnlpa.exe

2005-04-15 23:40 2321408 209f3a54eedb976282da5e183c17388d C:\WINDOWS\system32\ntoskrnl.exe

2004-10-14 02:38 1884672 008dc00ef81021e25be863a1412fed8d C:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:54 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-16 11:47 579584]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [BU]
"awotlwda"="C:\WINDOWS\system32\uixzusll.exe" [BU]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-10-10 15:49 7286784]
"KAVPersonal50"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" [BU]
"OPTENET_GUI"="C:\PROGRA~1\CONTRO~1\bin\optgui.exe" [2006-12-20 11:14 404536]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 05:55 110592 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 05:54 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-27 11:46 219136]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoAutoUpdate"= 1 (0x1)
"ClearDocsOnExit"= 64 (0x40)
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoAutoUpdate"= 1 (0x1)
"ClearDocsOnExit"= 64 (0x40)
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"anatolian"= {b28b396b-b9e8-44f5-aa04-ed4f383d79ad} - C:\WINDOWS\system32\yosdjh.dll [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.VP40"= vp4vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^iWin Desktop Alerts.lnk]
path=C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\iWin Desktop Alerts.lnk
backup=C:\WINDOWS\pss\iWin Desktop Alerts.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^Stardock ObjectDock.lnk]
path=C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Stardock ObjectDock.lnk
backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^Y'z ToolBar.lnk]
path=C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Y'z ToolBar.lnk
backup=C:\WINDOWS\pss\Y'z ToolBar.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Kaspersky Anti-Hacker.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Kaspersky Anti-Hacker.lnk
backup=C:\WINDOWS\pss\Kaspersky Anti-Hacker.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk
backup=C:\WINDOWS\pss\LE COMPAGNON CLUB.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 05:54 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
C:\Program Files\IncrediMail\bin\IncMail.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiddyWeb]
D:\Program Files\KiddyWeb\KiddyWeb.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemDoctor 2006 Free]
C:\Program Files\SystemDoctor 2006 Free\sd2006.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherOnTray]
C:\Program Files\HbTools\Bin\4.7.7.0\HbtWeatherOnTray.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\GestMaj.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"kavsvc"=2 (0x2)
"FTRTSVC"=2 (0x2)
"Boonty Games"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\FlashFXP\\flashfxp.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch REG_MULTI_SZ DcomLaunch
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-07-22 22:00:00 C:\WINDOWS\Tasks\At1.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-06-06 07:00:00 C:\WINDOWS\Tasks\At10.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-16 01:00:00 C:\WINDOWS\Tasks\At100.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-16 02:00:00 C:\WINDOWS\Tasks\At101.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-16 03:00:00 C:\WINDOWS\Tasks\At102.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-16 04:00:00 C:\WINDOWS\Tasks\At103.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-01-06 06:00:00 C:\WINDOWS\Tasks\At104.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-01-06 07:00:00 C:\WINDOWS\Tasks\At105.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-06-06 07:00:00 C:\WINDOWS\Tasks\At106.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-10 08:00:00 C:\WINDOWS\Tasks\At107.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-10 09:00:00 C:\WINDOWS\Tasks\At108.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 10:00:00 C:\WINDOWS\Tasks\At109.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-10 08:00:00 C:\WINDOWS\Tasks\At11.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 11:00:00 C:\WINDOWS\Tasks\At110.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 12:00:00 C:\WINDOWS\Tasks\At111.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 13:00:00 C:\WINDOWS\Tasks\At112.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 14:00:00 C:\WINDOWS\Tasks\At113.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 15:00:01 C:\WINDOWS\Tasks\At114.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 16:00:00 C:\WINDOWS\Tasks\At115.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 17:00:00 C:\WINDOWS\Tasks\At116.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 18:00:00 C:\WINDOWS\Tasks\At117.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 19:00:00 C:\WINDOWS\Tasks\At118.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 20:00:00 C:\WINDOWS\Tasks\At119.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-10 09:00:00 C:\WINDOWS\Tasks\At12.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 21:00:00 C:\WINDOWS\Tasks\At120.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 10:00:00 C:\WINDOWS\Tasks\At13.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 11:00:00 C:\WINDOWS\Tasks\At14.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 12:00:00 C:\WINDOWS\Tasks\At15.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 13:00:00 C:\WINDOWS\Tasks\At16.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 14:00:00 C:\WINDOWS\Tasks\At17.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 15:00:01 C:\WINDOWS\Tasks\At18.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 16:00:00 C:\WINDOWS\Tasks\At19.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 23:00:00 C:\WINDOWS\Tasks\At2.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 17:00:00 C:\WINDOWS\Tasks\At20.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 18:00:00 C:\WINDOWS\Tasks\At21.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 19:00:00 C:\WINDOWS\Tasks\At22.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 20:00:00 C:\WINDOWS\Tasks\At23.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 21:00:00 C:\WINDOWS\Tasks\At24.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 22:00:00 C:\WINDOWS\Tasks\At25.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 23:00:00 C:\WINDOWS\Tasks\At26.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 00:00:00 C:\WINDOWS\Tasks\At27.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-16 01:00:00 C:\WINDOWS\Tasks\At28.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-16 02:00:00 C:\WINDOWS\Tasks\At29.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 00:00:00 C:\WINDOWS\Tasks\At3.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-16 03:00:00 C:\WINDOWS\Tasks\At30.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-16 04:00:00 C:\WINDOWS\Tasks\At31.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-01-06 06:00:00 C:\WINDOWS\Tasks\At32.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-01-06 07:00:00 C:\WINDOWS\Tasks\At33.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-06-06 07:00:00 C:\WINDOWS\Tasks\At34.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-10 08:00:00 C:\WINDOWS\Tasks\At35.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-10 09:00:00 C:\WINDOWS\Tasks\At36.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 10:00:00 C:\WINDOWS\Tasks\At37.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 11:00:00 C:\WINDOWS\Tasks\At38.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 12:00:00 C:\WINDOWS\Tasks\At39.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-16 01:00:00 C:\WINDOWS\Tasks\At4.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 13:00:00 C:\WINDOWS\Tasks\At40.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 14:00:00 C:\WINDOWS\Tasks\At41.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 15:00:01 C:\WINDOWS\Tasks\At42.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 16:00:00 C:\WINDOWS\Tasks\At43.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 17:00:00 C:\WINDOWS\Tasks\At44.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 18:00:00 C:\WINDOWS\Tasks\At45.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 19:00:00 C:\WINDOWS\Tasks\At46.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 20:00:00 C:\WINDOWS\Tasks\At47.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 21:00:00 C:\WINDOWS\Tasks\At48.job"
- C:\WINDOWS\system32\PTDq346B.exe
"2008-07-22 22:00:00 C:\WINDOWS\Tasks\At49.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-16 02:00:00 C:\WINDOWS\Tasks\At5.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 23:00:00 C:\WINDOWS\Tasks\At50.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 00:00:00 C:\WINDOWS\Tasks\At51.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-16 01:00:00 C:\WINDOWS\Tasks\At52.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-16 02:00:00 C:\WINDOWS\Tasks\At53.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-16 03:00:00 C:\WINDOWS\Tasks\At54.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-16 04:00:00 C:\WINDOWS\Tasks\At55.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-01-06 06:00:00 C:\WINDOWS\Tasks\At56.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-01-06 07:00:00 C:\WINDOWS\Tasks\At57.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-06-06 07:00:00 C:\WINDOWS\Tasks\At58.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-10 08:00:00 C:\WINDOWS\Tasks\At59.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-16 03:00:00 C:\WINDOWS\Tasks\At6.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-10 09:00:00 C:\WINDOWS\Tasks\At60.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 10:00:00 C:\WINDOWS\Tasks\At61.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 11:00:00 C:\WINDOWS\Tasks\At62.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 12:00:00 C:\WINDOWS\Tasks\At63.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 13:00:00 C:\WINDOWS\Tasks\At64.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 14:00:00 C:\WINDOWS\Tasks\At65.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 15:00:01 C:\WINDOWS\Tasks\At66.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 16:00:00 C:\WINDOWS\Tasks\At67.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 17:00:00 C:\WINDOWS\Tasks\At68.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 18:00:00 C:\WINDOWS\Tasks\At69.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-16 04:00:00 C:\WINDOWS\Tasks\At7.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 19:00:00 C:\WINDOWS\Tasks\At70.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 20:00:00 C:\WINDOWS\Tasks\At71.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 21:00:00 C:\WINDOWS\Tasks\At72.job"
- C:\WINDOWS\system32\AFM7UnnU.exe
"2008-07-22 22:00:00 C:\WINDOWS\Tasks\At73.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 23:00:00 C:\WINDOWS\Tasks\At74.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 00:00:00 C:\WINDOWS\Tasks\At75.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-16 01:00:00 C:\WINDOWS\Tasks\At76.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-16 02:00:00 C:\WINDOWS\Tasks\At77.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-16 03:00:00 C:\WINDOWS\Tasks\At78.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-16 04:00:00 C:\WINDOWS\Tasks\At79.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-01-06 06:00:00 C:\WINDOWS\Tasks\At8.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-01-06 06:00:00 C:\WINDOWS\Tasks\At80.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-01-06 07:00:00 C:\WINDOWS\Tasks\At81.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-06-06 07:00:00 C:\WINDOWS\Tasks\At82.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-10 08:00:00 C:\WINDOWS\Tasks\At83.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-10 09:00:00 C:\WINDOWS\Tasks\At84.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 10:00:00 C:\WINDOWS\Tasks\At85.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 11:00:00 C:\WINDOWS\Tasks\At86.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 12:00:00 C:\WINDOWS\Tasks\At87.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 13:00:00 C:\WINDOWS\Tasks\At88.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 14:00:00 C:\WINDOWS\Tasks\At89.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-01-06 07:00:00 C:\WINDOWS\Tasks\At9.job"
- C:\WINDOWS\system32\2vdaQ1f2.exe
"2008-07-22 15:00:02 C:\WINDOWS\Tasks\At90.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 16:00:00 C:\WINDOWS\Tasks\At91.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 17:00:00 C:\WINDOWS\Tasks\At92.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 18:00:00 C:\WINDOWS\Tasks\At93.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 19:00:00 C:\WINDOWS\Tasks\At94.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 20:00:00 C:\WINDOWS\Tasks\At95.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 21:00:00 C:\WINDOWS\Tasks\At96.job"
- C:\WINDOWS\system32\33Po60j5.exe
"2008-07-22 22:00:00 C:\WINDOWS\Tasks\At97.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 23:00:00 C:\WINDOWS\Tasks\At98.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 00:00:00 C:\WINDOWS\Tasks\At99.job"
- C:\WINDOWS\system32\p3EmTtg8.exe
"2008-07-22 23:44:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:35, on 2008-07-23
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\CONTRO~1\bin\optgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Mon dossier\loisirs\cuisine\pain\Nouveau dossier (3)\Nouveau dossier\SecondLife\SecondLife.exe
D:\Documents and Settings\Mon dossier\loisirs\cuisine\pain\Nouveau dossier (3)\Nouveau dossier\SecondLife\SLVoice.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - D:\Documents and Settings\dossier de valerie\Nouveau dossier (2)\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [awotlwda] C:\WINDOWS\system32\uixzusll.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
O4 - HKLM\..\Run: [SecureWeb] C:\WINDOWS\system32\PTDq346B.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [hztmgyzl] c:\documents and settings\administrateur\local settings\application data\hztmgyzl.exe hztmgyzl
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1409082233-1177238915-839522115-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?fda54e2d9c52427f839941fe621f54b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?fda54e2d9c52427f839941fe621f54b0
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CT id=e codeBase=http://www.www2.p0rt2.com/files/epl34bf2.cab classid=clsid:33331111-1111-1111-1111-615111193427} -
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O21 - SSODL: anatolian - {b28b396b-b9e8-44f5-aa04-ed4f383d79ad} - C:\WINDOWS\system32\yosdjh.dll (file missing)
O22 - SharedTaskScheduler: {b28b396b-b9e8-44f5-aa04-ed4f383d79ad} - anatolian - (no file)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
0
Réponse 30 / 51
Utilisateur anonyme
 
tu peux m envoyer les rapport dans l amessagerie privé si tu veux
0
Réponse 31 / 51
Utilisateur anonyme
 
tu n y arrives pas ??

0
Réponse 32 / 51
lena91 Messages postés 27 Statut Membre
 
J'ai des soucis on dirai que je n'arrive pas a poster tout mes messages meme en privé mais le rapport de Combofix.txt et Hijackthis c'est finalement posté un peu plus en haut
0
Réponse 33 / 51
Utilisateur anonyme
 
réouvre hijackthis
fais scan only
coches ces lignes :

O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - D:\Documents and Settings\dossier de valerie\Nouveau dossier (2)\eoRezo\EoAdv\EoRezoBHO.dll (file missing)

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-21-1409082233-1177238915-839522115-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSn­iff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/­cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.­cab56907.cab
O16 - DPF: {CT id=e codeBase=http://www.www2.p0rt2.com/files/epl34bf2.cab classid=clsid:33331111-1111-1111-1111-615111193427} -
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O21 - SSODL: anatolian - {b28b396b-b9e8-44f5-aa04-ed4f383d79ad} - C:\WINDOWS\system32\yosdjh.dll (file missing)

tu les coches et tu clic sur fix checked

ensuite :

télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm

0
Réponse 34 / 51
lena91 Messages postés 27 Statut Membre
 
ca me marque des fichiers necessaires au fonctionnement de windows ont été remplacés par des fichiers d'une version non reconnue pour maintenir la stabilité du systeme windowq doit restaurer la version originale de ces fichiers
0
Réponse 35 / 51
Utilisateur anonyme
 
tu veux dire lop S&D ne marche pas

essai celui ci :

Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe

Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
0
Réponse 36 / 51
lena91 Messages postés 27 Statut Membre
 
non c'est qu'apparement en fesant fix checked ça m'a changé des donnees
0
Réponse 37 / 51
Utilisateur anonyme
 
ok c est un avertissement en fait n en tiens pas compte y a pas de soucis tu peux faite lop S&D et poster le rapport

0
Réponse 38 / 51
lena91 Messages postés 27 Statut Membre
 
ça donne ceci --------------------\\ Lop S&D 4.2.2-3 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Administrateur ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 2008-07-23 | 4:31:40.10 ] [ PC : URANIUMOFCOURSE ]
[ MAJ : 22-07-2008 | 17:35 ]

--------------------\\ Listing des dossiers dans Application Data

[2008-06-08|10:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\123 Free Solitaire
[2007-06-06|00:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\ABBYY
[2007-06-17|01:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[2006-02-07|18:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
[2006-08-17|17:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead
[2006-02-18|23:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[2006-02-21|20:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\ArcSoft
[2008-07-23|04:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\AVG7
[2007-06-17|18:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\BSplayer
[2007-06-17|14:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\BSplayer Pro
[2008-07-10|22:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Corel
[2006-02-01|19:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[2008-03-28|11:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\dvdcss
[2006-08-26|13:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\EPSON
[2006-08-17|17:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\ezpinst.exe
[2008-03-04|15:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[2008-07-18|15:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\gtk-2.0
[2006-02-07|18:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[2006-04-30|23:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[2008-06-16|16:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\InstallShield
[2008-05-22|19:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\iWinArcade
[2006-02-01|19:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[2006-02-04|13:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[2008-07-22|21:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
[2006-02-03|02:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Media Player Classic
[2008-02-04|09:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2007-06-22|10:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Motive
[2007-07-21|21:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[2008-06-21|01:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\MSN6
[2006-08-17|17:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\pcouffin.cat
[2006-08-17|17:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\pcouffin.inf
[2006-08-17|17:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\pcouffin.log
[2006-08-17|17:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\pcouffin.sys
[2008-06-16|17:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\SecondLife
[2008-03-12|12:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Smart Panel
[2008-07-02|17:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\SolSuite
[2006-11-03|15:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Steinberg
[2006-02-01|19:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[2006-02-02|23:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback
[2008-04-25|16:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[2006-02-02|22:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\WinPatrol

[2008-04-25|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2006-02-18|23:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2007-06-11|10:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[2008-02-09|03:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[2006-02-04|00:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[2008-07-10|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[2006-02-01|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2006-02-01|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[2007-02-19|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2007-06-13|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2006-08-23|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[2008-05-22|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin Games
[2008-07-22|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2006-02-02|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2007-06-22|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[2007-06-08|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[2007-07-21|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[2006-02-03|02:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2008-02-07|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[2007-07-08|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[2008-02-22|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-02-16|15:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio
[2008-07-02|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TreeCardGames
[2007-11-04|15:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2007-11-22|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[2008-04-29|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2006-09-29|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zabersoft

[2006-02-01|19:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[2006-02-01|18:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2006-08-23|18:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[2006-08-23|18:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[2006-08-23|18:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2008-07-23 03:44][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[2008-07-22 23:00][--a------] C:\WINDOWS\tasks\At120.job
[2008-07-22 22:00][--a------] C:\WINDOWS\tasks\At119.job
[2008-07-22 20:00][--a------] C:\WINDOWS\tasks\At117.job
[2008-07-22 21:00][--a------] C:\WINDOWS\tasks\At118.job
[2008-07-22 19:00][--a------] C:\WINDOWS\tasks\At116.job
[2008-07-22 18:00][--a------] C:\WINDOWS\tasks\At115.job
[2008-07-22 17:00][--a------] C:\WINDOWS\tasks\At114.job
[2008-07-22 16:00][--a------] C:\WINDOWS\tasks\At113.job
[2008-07-22 15:00][--a------] C:\WINDOWS\tasks\At112.job
[2008-07-22 14:00][--a------] C:\WINDOWS\tasks\At111.job
[2008-07-22 13:00][--a------] C:\WINDOWS\tasks\At110.job
[2008-07-22 12:00][--a------] C:\WINDOWS\tasks\At109.job
[2008-07-10 11:00][--a------] C:\WINDOWS\tasks\At108.job
[2008-06-06 09:00][--a------] C:\WINDOWS\tasks\At106.job
[2008-07-10 10:00][--a------] C:\WINDOWS\tasks\At107.job
[2008-01-06 09:00][--a------] C:\WINDOWS\tasks\At105.job
[2008-01-06 08:00][--a------] C:\WINDOWS\tasks\At104.job
[2008-07-16 06:00][--a------] C:\WINDOWS\tasks\At103.job
[2008-07-16 05:00][--a------] C:\WINDOWS\tasks\At102.job
[2008-07-23 04:00][--a------] C:\WINDOWS\tasks\At101.job
[2008-07-23 03:00][--a------] C:\WINDOWS\tasks\At100.job
[2008-07-23 01:00][--a------] C:\WINDOWS\tasks\At98.job
[2008-07-23 02:00][--a------] C:\WINDOWS\tasks\At99.job
[2008-07-23 00:00][--a------] C:\WINDOWS\tasks\At97.job
[2008-07-22 23:00][--a------] C:\WINDOWS\tasks\At96.job
[2008-07-22 22:00][--a------] C:\WINDOWS\tasks\At95.job
[2008-07-22 21:00][--a------] C:\WINDOWS\tasks\At94.job
[2008-07-22 19:00][--a------] C:\WINDOWS\tasks\At92.job
[2008-07-22 20:00][--a------] C:\WINDOWS\tasks\At93.job
[2008-07-22 18:00][--a------] C:\WINDOWS\tasks\At91.job
[2008-07-22 17:00][--a------] C:\WINDOWS\tasks\At90.job
[2008-07-22 16:00][--a------] C:\WINDOWS\tasks\At89.job
[2008-07-22 14:00][--a------] C:\WINDOWS\tasks\At87.job
[2008-07-22 15:00][--a------] C:\WINDOWS\tasks\At88.job
[2008-07-22 13:00][--a------] C:\WINDOWS\tasks\At86.job
[2008-07-10 11:00][--a------] C:\WINDOWS\tasks\At84.job
[2008-07-22 12:00][--a------] C:\WINDOWS\tasks\At85.job
[2008-07-10 10:00][--a------] C:\WINDOWS\tasks\At83.job
[2008-06-06 09:00][--a------] C:\WINDOWS\tasks\At82.job
[2008-01-06 09:00][--a------] C:\WINDOWS\tasks\At81.job
[2008-01-06 08:00][--a------] C:\WINDOWS\tasks\At80.job
[2008-07-16 05:00][--a------] C:\WINDOWS\tasks\At78.job
[2008-07-16 06:00][--a------] C:\WINDOWS\tasks\At79.job
[2008-07-23 04:00][--a------] C:\WINDOWS\tasks\At77.job
[2008-07-23 02:00][--a------] C:\WINDOWS\tasks\At75.job
[2008-07-23 03:00][--a------] C:\WINDOWS\tasks\At76.job
[2008-07-23 01:00][--a------] C:\WINDOWS\tasks\At74.job
[2008-07-23 00:00][--a------] C:\WINDOWS\tasks\At73.job
[2008-07-22 23:00][--a------] C:\WINDOWS\tasks\At72.job
[2008-07-22 22:00][--a------] C:\WINDOWS\tasks\At71.job
[2008-07-22 21:00][--a------] C:\WINDOWS\tasks\At70.job
[2008-07-22 20:00][--a------] C:\WINDOWS\tasks\At69.job
[2008-07-22 18:00][--a------] C:\WINDOWS\tasks\At67.job
[2008-07-22 19:00][--a------] C:\WINDOWS\tasks\At68.job
[2008-07-22 17:00][--a------] C:\WINDOWS\tasks\At66.job
[2008-07-22 16:00][--a------] C:\WINDOWS\tasks\At65.job
[2008-07-22 15:00][--a------] C:\WINDOWS\tasks\At64.job
[2008-07-22 14:00][--a------] C:\WINDOWS\tasks\At63.job
[2008-07-22 13:00][--a------] C:\WINDOWS\tasks\At62.job
[2008-07-22 12:00][--a------] C:\WINDOWS\tasks\At61.job
[2008-07-10 11:00][--a------] C:\WINDOWS\tasks\At60.job
[2008-07-10 10:00][--a------] C:\WINDOWS\tasks\At59.job
[2008-06-06 09:00][--a------] C:\WINDOWS\tasks\At58.job
[2008-01-06 09:00][--a------] C:\WINDOWS\tasks\At57.job
[2008-01-06 08:00][--a------] C:\WINDOWS\tasks\At56.job
[2008-07-16 06:00][--a------] C:\WINDOWS\tasks\At55.job
[2008-07-16 05:00][--a------] C:\WINDOWS\tasks\At54.job
[2008-07-23 04:00][--a------] C:\WINDOWS\tasks\At53.job
[2008-07-23 03:00][--a------] C:\WINDOWS\tasks\At52.job
[2008-07-23 02:00][--a------] C:\WINDOWS\tasks\At51.job
[2008-07-23 01:00][--a------] C:\WINDOWS\tasks\At50.job
[2008-07-23 00:00][--a------] C:\WINDOWS\tasks\At49.job
[2008-07-22 23:00][--a------] C:\WINDOWS\tasks\At48.job
[2008-07-22 22:00][--a------] C:\WINDOWS\tasks\At47.job
[2008-07-22 21:00][--a------] C:\WINDOWS\tasks\At46.job
[2008-07-22 20:00][--a------] C:\WINDOWS\tasks\At45.job
[2008-07-22 19:00][--a------] C:\WINDOWS\tasks\At44.job
[2008-07-22 18:00][--a------] C:\WINDOWS\tasks\At43.job
[2008-07-22 17:00][--a------] C:\WINDOWS\tasks\At42.job
[2008-07-22 16:00][--a------] C:\WINDOWS\tasks\At41.job
[2008-07-22 15:00][--a------] C:\WINDOWS\tasks\At40.job
[2008-07-22 14:00][--a------] C:\WINDOWS\tasks\At39.job
[2008-07-22 13:00][--a------] C:\WINDOWS\tasks\At38.job
[2008-07-22 12:00][--a------] C:\WINDOWS\tasks\At37.job
[2008-07-10 11:00][--a------] C:\WINDOWS\tasks\At36.job
[2008-07-10 10:00][--a------] C:\WINDOWS\tasks\At35.job
[2008-06-06 09:00][--a------] C:\WINDOWS\tasks\At34.job
[2008-01-06 09:00][--a------] C:\WINDOWS\tasks\At33.job
[2008-01-06 08:00][--a------] C:\WINDOWS\tasks\At32.job
[2008-07-16 06:00][--a------] C:\WINDOWS\tasks\At31.job
[2008-07-16 05:00][--a------] C:\WINDOWS\tasks\At30.job
[2008-07-23 04:00][--a------] C:\WINDOWS\tasks\At29.job
[2008-07-23 03:00][--a------] C:\WINDOWS\tasks\At28.job
[2008-07-23 02:00][--a------] C:\WINDOWS\tasks\At27.job
[2008-07-23 01:00][--a------] C:\WINDOWS\tasks\At26.job
[2008-07-23 00:00][--a------] C:\WINDOWS\tasks\At25.job
[2008-07-22 23:00][--a------] C:\WINDOWS\tasks\At24.job
[2008-07-22 22:00][--a------] C:\WINDOWS\tasks\At23.job
[2008-07-22 21:00][--a------] C:\WINDOWS\tasks\At22.job
[2008-07-22 20:00][--a------] C:\WINDOWS\tasks\At21.job
[2008-07-22 19:00][--a------] C:\WINDOWS\tasks\At20.job
[2008-07-22 18:00][--a------] C:\WINDOWS\tasks\At19.job
[2008-07-22 17:00][--a------] C:\WINDOWS\tasks\At18.job
[2008-07-22 16:00][--a------] C:\WINDOWS\tasks\At17.job
[2008-07-22 15:00][--a------] C:\WINDOWS\tasks\At16.job
[2008-07-22 13:00][--a------] C:\WINDOWS\tasks\At14.job
[2008-07-22 14:00][--a------] C:\WINDOWS\tasks\At15.job
[2008-07-22 12:00][--a------] C:\WINDOWS\tasks\At13.job
[2008-07-10 11:00][--a------] C:\WINDOWS\tasks\At12.job
[2008-07-10 10:00][--a------] C:\WINDOWS\tasks\At11.job
[2008-06-06 09:00][--a------] C:\WINDOWS\tasks\At10.job
[2008-01-06 08:00][--a------] C:\WINDOWS\tasks\At8.job
[2008-01-06 09:00][--a------] C:\WINDOWS\tasks\At9.job
[2008-07-16 06:00][--a------] C:\WINDOWS\tasks\At7.job
[2008-07-16 05:00][--a------] C:\WINDOWS\tasks\At6.job
[2008-07-23 04:00][--a------] C:\WINDOWS\tasks\At5.job
[2008-07-23 03:00][--a------] C:\WINDOWS\tasks\At4.job
[2008-07-23 02:00][--a------] C:\WINDOWS\tasks\At3.job
[2008-07-23 01:00][--a------] C:\WINDOWS\tasks\At2.job
[2008-07-23 00:00][--a------] C:\WINDOWS\tasks\At1.job
[2008-07-23 01:43][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2001-08-24 19:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[2007-06-07|12:53] C:\Program Files\ABBYY
[2008-04-25|20:50] C:\Program Files\Adobe
[2006-02-01|18:59] C:\Program Files\Ahead
[2007-06-07|12:57] C:\Program Files\ArcSoft
[2006-02-02|22:49] C:\Program Files\BillP Studios
[2007-07-15|19:59] C:\Program Files\BitComet
[2006-03-06|19:24] C:\Program Files\BitComet Toolbar
[2007-06-08|10:50] C:\Program Files\BroadJump
[2007-09-02|21:22] C:\Program Files\Club-Internet
[2007-06-08|10:54] C:\Program Files\Common Files
[2008-06-23|19:17] C:\Program Files\Controle Parental
[2006-11-10|19:38] C:\Program Files\directx
[2007-07-21|21:39] C:\Program Files\DivX
[2006-06-30|18:09] C:\Program Files\DVD Shrink
[2007-06-07|13:00] C:\Program Files\EPSON
[2008-07-23|01:40] C:\Program Files\Fichiers communs
[2006-02-04|00:20] C:\Program Files\FlashFXP
[2008-06-29|19:40] C:\Program Files\GIMP-2.0
[2008-05-31|04:44] C:\Program Files\Google
[2006-08-23|18:00] C:\Program Files\Grisoft
[2008-03-07|14:37] C:\Program Files\HTML Direct
[2008-02-04|09:51] C:\Program Files\IncrediMail
[2008-06-23|19:17] C:\Program Files\InstallShield Installation Information
[2008-07-18|15:00] C:\Program Files\Internet Explorer
[2006-02-01|19:04] C:\Program Files\Java
[2006-02-01|19:02] C:\Program Files\Kaspersky Lab
[2006-02-01|19:06] C:\Program Files\Lavasoft
[2008-06-25|17:03] C:\Program Files\Macallan Applications
[2008-07-22|21:03] C:\Program Files\Malwarebytes' Anti-Malware
[2008-02-15|20:35] C:\Program Files\Messenger
[2008-07-22|22:51] C:\Program Files\microsoft frontpage
[2008-04-29|15:09] C:\Program Files\Microsoft SQL Server Compact Edition
[2007-06-08|10:54] C:\Program Files\Motive
[2006-02-01|18:52] C:\Program Files\Movie Maker
[2008-07-23|01:49] C:\Program Files\Mozilla Firefox
[2008-07-13|18:51] C:\Program Files\Mozilla Sunbird
[2008-04-29|15:12] C:\Program Files\MSN
[2008-07-22|22:51] C:\Program Files\msn gaming zone
[2006-02-01|18:53] C:\Program Files\NetMeeting
[2006-02-01|19:06] C:\Program Files\OO Software
[2007-06-23|09:52] C:\Program Files\Outlook Express
[2006-08-21|19:59] C:\Program Files\QuickTime
[2008-06-16|16:05] C:\Program Files\SAGEM
[2006-02-01|19:06] C:\Program Files\Satsuki Decoder Pack
[2008-06-16|16:04] C:\Program Files\Securitoo
[2006-02-01|18:53] C:\Program Files\Services en ligne
[2007-06-21|17:34] C:\Program Files\SlySoft
[2007-06-07|12:57] C:\Program Files\Smart Panel
[2008-07-02|16:52] C:\Program Files\SolSuite
[2006-02-01|19:02] C:\Program Files\SuperCopier
[2008-07-22|18:26] C:\Program Files\Trend Micro
[2007-02-16|11:00] C:\Program Files\Uninstall Information
[2008-02-11|01:27] C:\Program Files\VideoLAN
[2007-06-21|17:18] C:\Program Files\vso
[2007-05-16|10:56] C:\Program Files\Wanadoo
[2007-06-17|14:25] C:\Program Files\Webteh
[2008-05-03|02:25] C:\Program Files\Windows Live
[2007-11-22|10:09] C:\Program Files\Windows Live Safety Center
[2007-11-22|10:09] C:\Program Files\Windows Live Toolbar
[2006-02-01|19:04] C:\Program Files\Windows Media Player
[2006-02-01|18:50] C:\Program Files\Windows NT
[2006-02-01|18:53] C:\Program Files\WindowsUpdate
[2007-07-02|10:48] C:\Program Files\WinRAR
[2008-07-22|22:51] C:\Program Files\xerox
[2006-02-03|00:42] C:\Program Files\Zhongxing

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[2008-04-25|20:50] C:\Program Files\Fichiers communs\Adobe
[2006-02-01|18:59] C:\Program Files\Fichiers communs\Ahead
[2008-07-10|22:58] C:\Program Files\Fichiers communs\Corel
[2006-11-10|19:35] C:\Program Files\Fichiers communs\InstallShield
[2006-02-01|19:04] C:\Program Files\Fichiers communs\Java
[2006-08-15|12:25] C:\Program Files\Fichiers communs\Kaspersky Lab
[2006-03-01|23:10] C:\Program Files\Fichiers communs\Micro Application Shared
[2008-04-29|15:06] C:\Program Files\Fichiers communs\Microsoft Shared
[2007-06-08|10:54] C:\Program Files\Fichiers communs\Motive
[2006-02-01|18:52] C:\Program Files\Fichiers communs\MSSoap
[2006-02-01|19:46] C:\Program Files\Fichiers communs\ODBC
[2007-06-07|12:57] C:\Program Files\Fichiers communs\Python
[2006-08-15|12:25] C:\Program Files\Fichiers communs\Services
[2006-02-01|19:46] C:\Program Files\Fichiers communs\SpeechEngines
[2006-02-01|18:52] C:\Program Files\Fichiers communs\System
[2006-09-30|05:30] C:\Program Files\Fichiers communs\Vbox
[2008-04-29|15:06] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 32 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-23 04:33:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2701

--------------------\\ Recherche d'autres infections

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hztmgyzl"="c:\\documents and settings\\administrateur\\local settings\\application data\\hztmgyzl.exe hztmgyzl"

[b]==> EGDACCESS <==/b

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job
C:\WINDOWS\Tasks\At49.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At50.job
C:\WINDOWS\Tasks\At51.job
C:\WINDOWS\Tasks\At52.job
C:\WINDOWS\Tasks\At53.job
C:\WINDOWS\Tasks\At54.job
C:\WINDOWS\Tasks\At55.job
C:\WINDOWS\Tasks\At56.job
C:\WINDOWS\Tasks\At57.job
C:\WINDOWS\Tasks\At58.job
C:\WINDOWS\Tasks\At59.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At60.job
C:\WINDOWS\Tasks\At61.job
C:\WINDOWS\Tasks\At62.job
C:\WINDOWS\Tasks\At63.job
C:\WINDOWS\Tasks\At64.job
C:\WINDOWS\Tasks\At65.job
C:\WINDOWS\Tasks\At66.job
C:\WINDOWS\Tasks\At67.job
C:\WINDOWS\Tasks\At68.job
C:\WINDOWS\Tasks\At69.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At70.job
C:\WINDOWS\Tasks\At71.job
C:\WINDOWS\Tasks\At72.job
C:\WINDOWS\Tasks\At73.job
C:\WINDOWS\Tasks\At74.job
C:\WINDOWS\Tasks\At75.job
C:\WINDOWS\Tasks\At76.job
C:\WINDOWS\Tasks\At77.job
C:\WINDOWS\Tasks\At78.job
C:\WINDOWS\Tasks\At79.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At80.job
C:\WINDOWS\Tasks\At81.job
C:\WINDOWS\Tasks\At82.job
C:\WINDOWS\Tasks\At83.job
C:\WINDOWS\Tasks\At84.job
C:\WINDOWS\Tasks\At85.job
C:\WINDOWS\Tasks\At86.job
C:\WINDOWS\Tasks\At87.job
C:\WINDOWS\Tasks\At88.job
C:\WINDOWS\Tasks\At89.job
C:\WINDOWS\Tasks\At9.job
C:\WINDOWS\Tasks\At90.job
C:\WINDOWS\Tasks\At91.job
C:\WINDOWS\Tasks\At92.job
C:\WINDOWS\Tasks\At93.job
C:\WINDOWS\Tasks\At94.job
C:\WINDOWS\Tasks\At95.job
C:\WINDOWS\Tasks\At96.job
C:\WINDOWS\Tasks\At97.job
C:\WINDOWS\Tasks\At98.job
C:\WINDOWS\Tasks\At99.job

--------------------\\ Cracks & Keygens ..

=> C:\DOCUME~1\ADMINI~1\Favoris\tel\OEM TOP - CRACKS SERIALS KEYGENS ISO APP XXX VIDEO.url

[F:1][D:1]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[F:23][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:2][D:0]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 4:34:54.81
0
Réponse 39 / 51
Utilisateur anonyme
 
ok voila ce que je te propose

on va arreter la et reprendre demain car j ai besoin d un avis extérieur

en attendant fais ceci :

Fix.reg

Ouvre le bloc-notes (click droit sur le bureau > dans l´arborescence choisie nouveau et nouveau fichier texte) et fais un copier coller de ce qui est en citation ci-dessous (copie tout d'un trait-sans les barres(x)) :

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion­\Run]
"hztmgyzl"=-

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Note : Regedit4 est sur la premiere ligne dans le bloc note et il y a une ligne blanche a la fin.
Puis click sur "fichier"/"enregistrer sous" :
dans : sur le bureau
Nom du fichier : fix.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"

ca doit ressembler a ca une fois enrregistré :

http://img520.imageshack.us/img520/4251/screenshot005ps2.png

double clique sur fix.reg => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"
0
Réponse 40 / 51
lena91 Messages postés 27 Statut Membre
 
mon Ad-Watch ne se met plus dans la barre de tache en bas a droite et j'ai l'impression que mon écran deconne
0

Discussions similaires

Télé qui s'allume toute seule à 3h du marin
TheDarkNether -
MPMP10 -

14 réponses
TV s'allume toute seule la nuit
Yasuka -
anonyne -

6 réponses
Mon ordinateur ouvre des pages du bureau tout seul
Tanguy -
Tanguy -

9 réponses
Problème Philips 42PFL3605H/12
PETERH1979 -
Mouss -

13 réponses
J'allume ma télé puis elle s'éteint toute seule
jc-hem -
Andy31200 -

18 réponses