Un cheval de troie
Résolu/Fermé
sylvie81
Messages postés
103
Date d'inscription
mercredi 19 décembre 2007
Statut
Membre
Dernière intervention
27 juin 2012
-
26 août 2008 à 17:50
sylvie81 Messages postés 103 Date d'inscription mercredi 19 décembre 2007 Statut Membre Dernière intervention 27 juin 2012 - 10 sept. 2008 à 22:14
sylvie81 Messages postés 103 Date d'inscription mercredi 19 décembre 2007 Statut Membre Dernière intervention 27 juin 2012 - 10 sept. 2008 à 22:14
A voir également:
- Un cheval de troie
- Comment supprimer cheval de troie gratuitement - Télécharger - Antivirus & Antimalwares
- Ordinateur bloqué cheval de troie - Accueil - Arnaque
- Cheval de troie virus - Accueil - Virus
- Message cheval de troie - Forum Virus
- Skyrim cheval perdu - Forum Jeux PC
4 réponses
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
26 août 2008 à 17:55
26 août 2008 à 17:55
slt,
installe malwarebyte et colle nous le rapport après un scan complet:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_______
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
installe malwarebyte et colle nous le rapport après un scan complet:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_______
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
27 août 2008 à 18:53
27 août 2008 à 18:53
vires tout ce qui a été trouvé par malwarebyte et recolle un hijackhtis et dis tes soucis actuels
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:17:08, on 27/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://register.hp.com/servlet/WebReg.servlets.ProdReg1Servlet?appID=java_wreg_wreg_genpg&prodOS=011&gwCountry=FR&language=FR&PURCH_DT_MONTH=03&PURCH_DT_DAY=30&PURCH_DT_YEAR=2004&PROD_SERIAL_ID=CZB4081G3R&modelID=DW121A&LF=blue
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: adssite - {21fd0b23-527d-0da7-4bf1-f33dfc5f2dd0} - C:\WINDOWS\system32\nsi23C.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\EoAdv\EoRezoBHO.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - (no file)
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: TrayMin210.exe.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: HIPS Event Manager (UmxAgent) - Unknown owner - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe (file missing)
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - Unknown owner - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe (file missing)
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - Unknown owner - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe (file missing)
O23 - Service: HIPS Policy Manager (UmxPol) - Unknown owner - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe (file missing)
O24 - Desktop Component 0: (no name) - http://pics.centerblog.net/pic/pourleplaisir72/zdhqdnj0.jpg
Scan saved at 21:17:08, on 27/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://register.hp.com/servlet/WebReg.servlets.ProdReg1Servlet?appID=java_wreg_wreg_genpg&prodOS=011&gwCountry=FR&language=FR&PURCH_DT_MONTH=03&PURCH_DT_DAY=30&PURCH_DT_YEAR=2004&PROD_SERIAL_ID=CZB4081G3R&modelID=DW121A&LF=blue
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: adssite - {21fd0b23-527d-0da7-4bf1-f33dfc5f2dd0} - C:\WINDOWS\system32\nsi23C.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\EoAdv\EoRezoBHO.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - (no file)
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: TrayMin210.exe.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: HIPS Event Manager (UmxAgent) - Unknown owner - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe (file missing)
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - Unknown owner - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe (file missing)
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - Unknown owner - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe (file missing)
O23 - Service: HIPS Policy Manager (UmxPol) - Unknown owner - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe (file missing)
O24 - Desktop Component 0: (no name) - http://pics.centerblog.net/pic/pourleplaisir72/zdhqdnj0.jpg
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
28 août 2008 à 10:15
28 août 2008 à 10:15
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
slt,
apres quelques jours de repos je t'envoie le rapport de combofix
que devrais je faire?
j'attend de tes nouvelles ComboFix 08-08-27.05 - Propriétaire 2008-09-07 14:55:15.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.335 [GMT 2:00]
Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
.
- FONCTIONNALITES REDUITES -
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\install provider
C:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll
C:\WINDOWS\system32\adssite-remove.exe
C:\WINDOWS\system32\dao350.dll
D:\Autorun.inf
.
((((((((((((((((((((((((((((( Fichiers créés 2008-08-07 to 2008-09-07 ))))))))))))))))))))))))))))))))))))
.
2008-09-04 13:24 . 2008-09-04 13:24 350,208 --a------ C:\WINDOWS\system32\nsn27.dll
2008-09-01 16:31 . 2008-09-01 16:31 <REP> d-------- C:\Documents and Settings\Propriétaire\.gimp-2.4
2008-09-01 16:31 . 2008-09-01 16:31 <REP> d-------- C:\Documents and Settings\Propriétaire\.gimp-2.4
2008-08-27 13:10 . 2008-08-27 13:10 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
2008-08-27 13:09 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-27 13:09 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-27 13:08 . 2008-08-27 13:09 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-27 13:08 . 2008-08-27 13:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-25 20:40 . 2008-08-25 20:40 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-25 17:07 . 2008-09-06 08:48 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-25 17:07 . 2008-08-25 17:07 1,409 --a------ C:\WINDOWS\QTFont.for
2008-08-25 15:41 . 2008-08-25 15:41 <REP> d-------- C:\WINDOWS\l2schemas
2008-08-23 18:23 . 2008-04-14 04:33 483,840 --a------ C:\WINDOWS\system32\SET122.tmp
2008-08-23 18:23 . 2008-04-14 04:33 52,736 --a------ C:\WINDOWS\system32\SET123.tmp
2008-08-23 18:23 . 2008-04-14 04:33 25,088 --a------ C:\WINDOWS\system32\SET127.tmp
2008-08-23 18:23 . 2008-04-14 04:33 19,456 --a------ C:\WINDOWS\system32\SET129.tmp
2008-08-23 18:23 . 2008-04-14 04:33 18,432 --a------ C:\WINDOWS\system32\SET125.tmp
2008-08-23 18:23 . 2008-04-14 04:33 6,656 --a------ C:\WINDOWS\system32\SETE6F.tmp
2008-08-23 18:22 . 2008-04-14 04:33 265,216 --a------ C:\WINDOWS\system32\SET134.tmp
2008-08-23 18:22 . 2008-04-14 04:33 82,432 --a------ C:\WINDOWS\system32\SET131.tmp
2008-08-23 18:22 . 2008-04-14 04:33 80,896 --------- C:\WINDOWS\system32\SETE72.tmp
2008-08-23 18:22 . 2008-04-14 04:33 19,968 --a------ C:\WINDOWS\system32\SET130.tmp
2008-08-23 18:22 . 2008-04-14 04:33 14,336 --a------ C:\WINDOWS\system32\SET12C.tmp
2008-08-23 18:20 . 2008-04-14 04:33 734,720 --a------ C:\WINDOWS\system32\SET168.tmp
2008-08-23 18:20 . 2008-04-14 04:33 579,584 --a------ C:\WINDOWS\system32\SET169.tmp
2008-08-23 18:20 . 2008-04-14 04:33 434,176 --a------ C:\WINDOWS\system32\SET162.tmp
2008-08-23 18:20 . 2008-04-14 04:33 430,592 --a------ C:\WINDOWS\system32\SET15C.tmp
2008-08-23 18:20 . 2008-04-14 04:33 406,016 --a------ C:\WINDOWS\system32\SET167.tmp
2008-08-23 18:20 . 2008-04-14 04:33 219,648 --a------ C:\WINDOWS\system32\SET165.tmp
2008-08-23 18:20 . 2008-04-14 04:33 178,176 --a------ C:\WINDOWS\system32\SET15A.tmp
2008-08-23 18:20 . 2008-04-14 04:33 133,632 --a------ C:\WINDOWS\system32\SET170.tmp
2008-08-23 18:20 . 2008-04-14 04:33 18,944 --a------ C:\WINDOWS\system32\SET15E.tmp
2008-08-23 18:20 . 2008-04-14 04:33 16,896 --a------ C:\WINDOWS\system32\SET16B.tmp
2008-08-23 18:18 . 2008-04-13 20:36 2,986,496 --a------ C:\WINDOWS\system32\SETE85.tmp
2008-08-23 18:17 . 2008-04-14 04:33 8,517,632 --a------ C:\WINDOWS\system32\SET1C6.tmp
2008-08-23 18:16 . 2008-04-14 04:33 1,440,768 --a------ C:\WINDOWS\system32\SET20C.tmp
2008-08-23 18:15 . 2008-04-14 04:33 1,287,168 --a------ C:\WINDOWS\system32\SET237.tmp
2008-08-23 18:15 . 2008-04-14 04:33 124,928 --a------ C:\WINDOWS\system32\SET235.tmp
2008-08-23 18:15 . 2008-04-14 04:33 98,816 --a------ C:\WINDOWS\system32\SET219.tmp
2008-08-23 18:15 . 2008-04-14 04:33 84,992 --a------ C:\WINDOWS\system32\SET233.tmp
2008-08-23 18:15 . 2008-04-14 04:33 75,264 --a------ C:\WINDOWS\system32\SET236.tmp
2008-08-23 18:15 . 2008-04-14 04:33 34,304 --a------ C:\WINDOWS\system32\SET215.tmp
2008-08-23 18:15 . 2008-04-14 04:33 27,648 --a------ C:\WINDOWS\system32\SET21D.tmp
2008-08-23 18:15 . 2008-04-14 04:33 26,624 --a------ C:\WINDOWS\system32\SET229.tmp
2008-08-23 18:15 . 2008-04-14 04:33 23,040 --a------ C:\WINDOWS\system32\SET21A.tmp
2008-08-23 18:15 . 2008-04-14 04:33 17,408 --a------ C:\WINDOWS\system32\SET21F.tmp
2008-08-23 18:15 . 2008-04-14 04:33 15,360 --a------ C:\WINDOWS\system32\SET222.tmp
2008-08-23 18:13 . 2008-04-14 04:33 1,719,808 --a------ C:\WINDOWS\system32\SET263.tmp
2008-08-23 18:12 . 2008-04-14 04:33 1,104,896 --a------ C:\WINDOWS\system32\SET27D.tmp
2008-08-23 18:09 . 2008-04-14 04:33 2,843,136 --a------ C:\WINDOWS\system32\SET2A3.tmp
2008-08-23 18:09 . 2008-04-14 04:33 1,007,104 --a------ C:\WINDOWS\system32\SET2A6.tmp
2008-08-23 18:09 . 2008-04-13 17:39 884,736 --a------ C:\WINDOWS\system32\SET29C.tmp
2008-08-23 18:09 . 2008-04-14 04:33 539,136 --a------ C:\WINDOWS\system32\SETEAC.tmp
2008-08-23 18:09 . 2008-04-14 04:33 271,360 --a------ C:\WINDOWS\system32\SET29E.tmp
2008-08-23 18:09 . 2008-04-14 04:33 159,232 --a------ C:\WINDOWS\system32\SET29B.tmp
2008-08-23 18:09 . 2008-04-14 04:34 78,848 --a------ C:\WINDOWS\system32\SET29F.tmp
2008-08-23 18:09 . 2008-04-14 04:33 15,360 --a------ C:\WINDOWS\system32\SET29A.tmp
2008-08-23 18:09 . 2008-04-14 04:33 6,656 --a------ C:\WINDOWS\system32\SET2A1.tmp
2008-08-23 18:09 . 2008-04-14 04:33 4,608 --a------ C:\WINDOWS\system32\SET29D.tmp
2008-08-23 18:07 . 2008-04-14 04:33 1,028,096 --a------ C:\WINDOWS\system32\SET2D8.tmp
2008-08-23 18:07 . 2008-04-14 04:33 120,320 --a------ C:\WINDOWS\system32\SET2DB.tmp
2008-08-23 18:07 . 2008-04-14 04:33 100,352 --a------ C:\WINDOWS\system32\SET2EA.tmp
2008-08-23 18:07 . 2008-04-14 04:33 22,528 --a------ C:\WINDOWS\system32\SET2D7.tmp
2008-08-23 18:07 . 2008-04-14 04:33 19,968 --a------ C:\WINDOWS\system32\SET2EC.tmp
2008-08-23 18:07 . 2008-04-14 04:33 18,944 --a------ C:\WINDOWS\system32\SET2D6.tmp
2008-08-23 18:07 . 2008-04-14 04:34 13,312 --a------ C:\WINDOWS\system32\SET2E3.tmp
2008-08-23 18:06 . 2008-04-14 04:33 4,096 --a------ C:\WINDOWS\system32\SET2F2.tmp
2008-08-23 18:05 . 2008-04-14 04:33 512,000 --a------ C:\WINDOWS\system32\SET2FB.tmp
2008-08-23 18:05 . 2008-04-14 04:34 380,928 --------- C:\WINDOWS\system32\SETEC8.tmp
2008-08-23 18:05 . 2008-04-14 04:33 332,800 --a------ C:\WINDOWS\system32\SET30F.tmp
2008-08-23 18:05 . 2008-04-14 04:33 299,520 --a------ C:\WINDOWS\system32\SET2F7.tmp
2008-08-23 18:05 . 2008-04-14 04:33 185,344 --a------ C:\WINDOWS\system32\SET30B.tmp
2008-08-23 18:05 . 2008-04-14 04:33 95,744 --a------ C:\WINDOWS\system32\SET311.tmp
2008-08-23 18:05 . 2008-04-14 04:34 33,280 --a------ C:\WINDOWS\system32\SET2F5.tmp
2008-08-23 18:05 . 2008-04-14 04:34 17,408 --a------ C:\WINDOWS\system32\SET313.tmp
2008-08-23 18:04 . 2008-04-14 04:33 110,080 --a------ C:\WINDOWS\system32\SET31D.tmp
2008-08-23 18:04 . 2008-04-14 04:33 75,264 --a------ C:\WINDOWS\system32\SET319.tmp
2008-08-23 18:04 . 2008-04-14 04:02 50,688 --a------ C:\WINDOWS\system32\SET317.tmp
2008-08-23 18:04 . 2008-04-14 04:33 32,768 --a------ C:\WINDOWS\system32\SET31A.tmp
2008-08-23 18:04 . 2008-04-14 04:33 11,264 --a------ C:\WINDOWS\system32\SET32E.tmp
2008-08-23 18:04 . 2008-04-14 04:31 3,584 --a------ C:\WINDOWS\system32\SET32B.tmp
2008-08-23 18:03 . 2008-04-14 04:33 614,912 --a------ C:\WINDOWS\system32\SET33C.tmp
2008-08-23 18:03 . 2008-04-14 04:33 563,712 --a------ C:\WINDOWS\system32\SET348.tmp
2008-08-23 18:03 . 2008-04-14 04:33 347,136 --a------ C:\WINDOWS\system32\SET334.tmp
2008-08-23 18:03 . 2008-04-14 04:33 285,184 --a------ C:\WINDOWS\system32\SET341.tmp
2008-08-23 18:03 . 2008-04-14 04:34 266,752 --a------ C:\WINDOWS\system32\SET33D.tmp
2008-08-23 18:03 . 2008-04-14 04:33 66,048 --a------ C:\WINDOWS\system32\SET34D.tmp
2008-08-23 18:03 . 2008-04-14 04:34 30,208 --a------ C:\WINDOWS\system32\SET336.tmp
2008-08-23 18:03 . 2008-04-14 04:33 24,064 --a------ C:\WINDOWS\system32\SET34B.tmp
2008-08-23 18:03 . 2008-04-14 04:33 20,992 --a------ C:\WINDOWS\system32\SET337.tmp
2008-08-23 18:02 . 2008-04-14 04:33 1,097,728 --a------ C:\WINDOWS\system32\SET363.tmp
2008-08-23 18:02 . 2008-04-14 04:34 1,037,824 --a------ C:\WINDOWS\SET445.tmp
2008-08-23 18:02 . 2008-04-14 04:33 451,584 --a------ C:\WINDOWS\system32\SET353.tmp
2008-08-23 18:02 . 2008-04-14 04:33 80,896 --a------ C:\WINDOWS\system32\SET35D.tmp
2008-08-23 18:02 . 2008-04-14 04:33 56,320 --a------ C:\WINDOWS\system32\SET361.tmp
2008-08-23 18:02 . 2008-04-14 04:33 23,040 --a------ C:\WINDOWS\system32\SET365.tmp
2008-08-23 18:02 . 2006-12-28 21:01 19,569 --a------ C:\WINDOWS\[u]0/u05486_.tmp
2008-08-23 18:01 . 2008-04-14 04:33 367,616 --a------ C:\WINDOWS\system32\SET376.tmp
2008-08-23 18:01 . 2008-04-14 04:33 290,816 --a------ C:\WINDOWS\system32\SET3AB.tmp
2008-08-23 18:01 . 2008-04-14 04:33 279,552 --a------ C:\WINDOWS\system32\SET3AF.tmp
2008-08-23 18:01 . 2008-04-13 19:37 138,752 --a------ C:\WINDOWS\system32\SET371.tmp
2008-08-23 18:01 . 2008-04-14 04:33 60,928 --a------ C:\WINDOWS\system32\SET384.tmp
2008-08-23 18:01 . 2008-04-14 04:33 59,904 --a------ C:\WINDOWS\system32\SET3AC.tmp
2008-08-23 18:01 . 2008-04-14 04:33 45,568 --a------ C:\WINDOWS\system32\SET38C.tmp
2008-08-23 18:01 . 2008-04-14 04:33 27,136 --a------ C:\WINDOWS\system32\SET3AE.tmp
2008-08-23 18:01 . 2008-04-14 04:33 14,336 --a------ C:\WINDOWS\system32\SET37C.tmp
2008-08-23 18:01 . 2008-04-14 04:33 8,704 --a------ C:\WINDOWS\system32\SET3B2.tmp
2008-08-23 18:00 . 2008-04-14 04:33 824,320 --a------ C:\WINDOWS\system32\SET3BE.tmp
2008-08-23 18:00 . 2008-04-14 04:33 640,000 --a------ C:\WINDOWS\system32\SET3B7.tmp
2008-08-23 18:00 . 2008-04-14 04:33 25,600 --a------ C:\WINDOWS\system32\SET3BA.tmp
2008-08-23 17:58 . 2008-04-14 04:33 498,688 --a------ C:\WINDOWS\system32\SET3E8.tmp
2008-08-23 17:58 . 2008-04-14 04:33 58,368 --a------ C:\WINDOWS\system32\SET3E2.tmp
2008-08-23 17:56 . 2008-04-14 04:33 125,952 --a------ C:\WINDOWS\system32\SET413.tmp
2008-08-23 17:56 . 2008-04-14 04:33 65,024 --a------ C:\WINDOWS\system32\SET410.tmp
2008-08-23 17:55 . 2008-04-14 04:33 193,536 --a------ C:\WINDOWS\system32\SET41E.tmp
2008-08-23 17:55 . 2008-04-14 04:33 143,360 --a------ C:\WINDOWS\system32\SET41A.tmp
2008-08-23 17:55 . 2008-04-14 04:33 98,304 --a------ C:\WINDOWS\system32\SET41C.tmp
2008-08-22 18:01 . 2008-07-18 22:09 29,896 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-08-22 18:01 . 2008-07-18 22:09 22,216 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-08-13 23:57 . 2008-05-01 16:31 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-13 23:57 . 2008-06-23 18:28 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-08-13 23:54 . 2008-04-11 21:05 691,712 --------- C:\WINDOWS\system32\SETF9D.tmp
2008-08-12 13:47 . 2008-08-12 13:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Go Go Gourmet
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-07 12:53 --------- d-----w C:\Program Files\Wanadoo
2008-09-07 08:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k7
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k6
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k5
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k4
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k3
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k2
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k1
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k0
2008-09-04 15:06 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-03 14:07 10,866 ----a-w C:\Documents and Settings\Propriétaire\Application Data\wklnhst.dat
2008-09-01 15:09 --------- d-----w C:\Program Files\Gamenext
2008-08-27 19:50 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-19 05:04 --------- d-----w C:\Program Files\Incomplete
2008-08-08 20:39 --------- d-----w C:\Program Files\MioNet
2008-08-01 12:29 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Home Sweet Home
2008-08-01 11:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-07-31 08:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\DivoGames
2008-07-30 09:43 --------- d-----w C:\Program Files\eMule
2008-07-25 14:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Fashion Solitaire 1.2
2008-07-25 12:20 --------- d-----w C:\Program Files\Google
2008-07-25 11:51 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\ViquaSoft
2008-07-24 14:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\VirtualFarm
2008-07-24 11:44 --------- d-----w C:\Program Files\Zylom Games
2008-07-23 14:04 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Big Fish Games
2008-07-23 11:03 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Zylom
2008-07-21 13:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\JollyBear
2008-07-21 11:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\SpinTop Games
2008-07-19 21:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\FreshGames
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-16 11:05 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Nokia Multimedia Player
2008-07-11 10:30 --------- d-----w C:\Program Files\Navilog1
2008-07-10 18:39 --------- d-----w C:\Program Files\CCleaner
2008-07-10 13:47 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\FloodLightGames
2008-07-10 13:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\FloodLightGames
2008-07-10 13:38 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Flood Light Games
2008-07-10 13:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Flood Light Games
2008-07-10 13:37 --------- d-----w C:\Program Files\Fichiers communs\Oberon Media
2008-07-10 12:53 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\PlayFirst
2008-07-10 12:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-07-09 22:05 --------- d-----w C:\Program Files\LimeWire
2008-07-09 16:35 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-09 16:12 --------- d-----w C:\Program Files\inKline Global
2008-07-08 14:39 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Fuzzy Games
2008-07-08 12:18 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Total Eclipse
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es(3).dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es(2).dll
2008-07-07 20:28 253,952 ------w C:\WINDOWS\system32\SETF98.tmp
2008-07-07 20:19 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\LimeWire
2008-07-07 15:05 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Gamelab
2008-06-24 16:44 74,240 ------w C:\WINDOWS\system32\SETFC5.tmp
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms(3).dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms(2).dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:47 247,808 ------w C:\WINDOWS\system32\SETFB6.tmp
2008-06-20 17:47 147,968 ------w C:\WINDOWS\system32\SETFB7.tmp
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock(2).dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dnsapi(2).dll
2007-10-09 19:13 2,539,808 ------w C:\Program Files\DVDFabHDDecrypter3200.exe
2007-10-06 13:09 774,144 ------w C:\Program Files\RngInterstitial.dll
2008-02-21 15:10 601,600 ----a-w C:\Program Files\mozilla firefox\plugins\MannequinPlayer2.dll
2007-06-05 15:33 32 -csha-w C:\WINDOWS\{42F21F2F-7EA5-40F2-AE8B-8DA531F8D6B8}.dat
2007-07-01 09:31 0 -csha-w C:\WINDOWS\SMINST\HPCD.sys
2007-06-05 15:33 32 --sha-w C:\WINDOWS\system32\{82BB5DD5-8CA0-400D-9149-38C06497D300}.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{21fd0b23-527d-0da7-4bf1-f33dfc5f2dd0}]
2008-09-04 13:24 350208 --a------ C:\WINDOWS\system32\nsn27.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 11:42 68856]
"BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2003-06-22 22:25 24576]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 11:28 139264]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"Acme.PCHButton"="C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe" [2003-01-01 20:13 155648]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2008-06-25 15:58 1209584]
"Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2008-01-01 17:49 4739072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 16:10 271360]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 03:23 443968]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 11:17 1241088]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-09 20:38:41 125624]
TrayMin210.exe.lnk - C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe [2007-06-11 15:17:08 278528]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
2006-03-09 13:46 73728 C:\WINDOWS\system32\UmxWNP.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
--a------ 2008-06-25 15:58 1209584 C:\Program Files\CCleaner\CCleaner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
--------- 2007-06-05 17:47 190024 C:\Program Files\MessengerPlus! 3\MsgPlus.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--------- 2006-01-12 16:40 155648 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
R0 KmxStart;KmxStart;C:\WINDOWS\system32\DRIVERS\kmxstart.sys [2006-08-30 15:19]
R1 KmxAgent;KmxAgent;C:\WINDOWS\system32\DRIVERS\kmxagent.sys [2006-09-26 01:43]
R1 KmxFile;KmxFile;C:\WINDOWS\system32\DRIVERS\KmxFile.sys [2006-09-26 01:44]
R1 KmxFw;KmxFw;C:\WINDOWS\system32\DRIVERS\kmxfw.sys [2006-10-26 15:54]
R2 KmxCF;KmxCF;C:\WINDOWS\system32\DRIVERS\KmxCF.sys [2006-10-30 12:05]
R2 KmxSbx;KmxSbx;C:\WINDOWS\system32\DRIVERS\KmxSbx.sys [2006-09-26 01:23]
R2 MioNet;MioNet Service;C:\Program Files\MioNet\MioNetManager.exe [2005-07-15 22:38]
R3 KmxCfg;KmxCfg;C:\WINDOWS\system32\DRIVERS\kmxcfg.sys [2006-09-25 15:38]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
S2 UmxAgent;HIPS Event Manager;C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe []
S2 UmxCfg;HIPS Configuration Interpreter;C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe []
S2 UmxPol;HIPS Policy Manager;C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe []
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 07:58]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\Info.exe folder.htt 480 480
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
2008-09-03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]
2007-10-22 C:\WINDOWS\Tasks\Connexion Facile à Internet.job
- C:\Program Files\Easy Internet signup\HPSdpApp.exe [2003-08-15 23:37]
2008-08-29 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe []
2008-08-29 C:\WINDOWS\Tasks\Norton Security Scan.job
- C:\Program Files\Norton Security Scan\Nss.exe [2007-09-18 23:42]
2008-09-07 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20]
2008-09-06 C:\WINDOWS\Tasks\WebReg 20070826001513.job
- c:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe [2003-07-07 09:43]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\itew3x1s.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 14:56:10
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll
.
Temps d'accomplissement: 2008-09-07 15:03:01
ComboFix-quarantined-files.txt 2008-09-07 13:02:57
Pre-Run: 24,581,967,872 octets libres
Post-Run: 24,569,004,032 octets libres
326 --- E O F --- 2008-08-23 18:48:03es
apres quelques jours de repos je t'envoie le rapport de combofix
que devrais je faire?
j'attend de tes nouvelles ComboFix 08-08-27.05 - Propriétaire 2008-09-07 14:55:15.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.335 [GMT 2:00]
Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
.
- FONCTIONNALITES REDUITES -
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\install provider
C:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll
C:\WINDOWS\system32\adssite-remove.exe
C:\WINDOWS\system32\dao350.dll
D:\Autorun.inf
.
((((((((((((((((((((((((((((( Fichiers créés 2008-08-07 to 2008-09-07 ))))))))))))))))))))))))))))))))))))
.
2008-09-04 13:24 . 2008-09-04 13:24 350,208 --a------ C:\WINDOWS\system32\nsn27.dll
2008-09-01 16:31 . 2008-09-01 16:31 <REP> d-------- C:\Documents and Settings\Propriétaire\.gimp-2.4
2008-09-01 16:31 . 2008-09-01 16:31 <REP> d-------- C:\Documents and Settings\Propriétaire\.gimp-2.4
2008-08-27 13:10 . 2008-08-27 13:10 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
2008-08-27 13:09 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-27 13:09 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-27 13:08 . 2008-08-27 13:09 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-27 13:08 . 2008-08-27 13:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-25 20:40 . 2008-08-25 20:40 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-25 17:07 . 2008-09-06 08:48 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-25 17:07 . 2008-08-25 17:07 1,409 --a------ C:\WINDOWS\QTFont.for
2008-08-25 15:41 . 2008-08-25 15:41 <REP> d-------- C:\WINDOWS\l2schemas
2008-08-23 18:23 . 2008-04-14 04:33 483,840 --a------ C:\WINDOWS\system32\SET122.tmp
2008-08-23 18:23 . 2008-04-14 04:33 52,736 --a------ C:\WINDOWS\system32\SET123.tmp
2008-08-23 18:23 . 2008-04-14 04:33 25,088 --a------ C:\WINDOWS\system32\SET127.tmp
2008-08-23 18:23 . 2008-04-14 04:33 19,456 --a------ C:\WINDOWS\system32\SET129.tmp
2008-08-23 18:23 . 2008-04-14 04:33 18,432 --a------ C:\WINDOWS\system32\SET125.tmp
2008-08-23 18:23 . 2008-04-14 04:33 6,656 --a------ C:\WINDOWS\system32\SETE6F.tmp
2008-08-23 18:22 . 2008-04-14 04:33 265,216 --a------ C:\WINDOWS\system32\SET134.tmp
2008-08-23 18:22 . 2008-04-14 04:33 82,432 --a------ C:\WINDOWS\system32\SET131.tmp
2008-08-23 18:22 . 2008-04-14 04:33 80,896 --------- C:\WINDOWS\system32\SETE72.tmp
2008-08-23 18:22 . 2008-04-14 04:33 19,968 --a------ C:\WINDOWS\system32\SET130.tmp
2008-08-23 18:22 . 2008-04-14 04:33 14,336 --a------ C:\WINDOWS\system32\SET12C.tmp
2008-08-23 18:20 . 2008-04-14 04:33 734,720 --a------ C:\WINDOWS\system32\SET168.tmp
2008-08-23 18:20 . 2008-04-14 04:33 579,584 --a------ C:\WINDOWS\system32\SET169.tmp
2008-08-23 18:20 . 2008-04-14 04:33 434,176 --a------ C:\WINDOWS\system32\SET162.tmp
2008-08-23 18:20 . 2008-04-14 04:33 430,592 --a------ C:\WINDOWS\system32\SET15C.tmp
2008-08-23 18:20 . 2008-04-14 04:33 406,016 --a------ C:\WINDOWS\system32\SET167.tmp
2008-08-23 18:20 . 2008-04-14 04:33 219,648 --a------ C:\WINDOWS\system32\SET165.tmp
2008-08-23 18:20 . 2008-04-14 04:33 178,176 --a------ C:\WINDOWS\system32\SET15A.tmp
2008-08-23 18:20 . 2008-04-14 04:33 133,632 --a------ C:\WINDOWS\system32\SET170.tmp
2008-08-23 18:20 . 2008-04-14 04:33 18,944 --a------ C:\WINDOWS\system32\SET15E.tmp
2008-08-23 18:20 . 2008-04-14 04:33 16,896 --a------ C:\WINDOWS\system32\SET16B.tmp
2008-08-23 18:18 . 2008-04-13 20:36 2,986,496 --a------ C:\WINDOWS\system32\SETE85.tmp
2008-08-23 18:17 . 2008-04-14 04:33 8,517,632 --a------ C:\WINDOWS\system32\SET1C6.tmp
2008-08-23 18:16 . 2008-04-14 04:33 1,440,768 --a------ C:\WINDOWS\system32\SET20C.tmp
2008-08-23 18:15 . 2008-04-14 04:33 1,287,168 --a------ C:\WINDOWS\system32\SET237.tmp
2008-08-23 18:15 . 2008-04-14 04:33 124,928 --a------ C:\WINDOWS\system32\SET235.tmp
2008-08-23 18:15 . 2008-04-14 04:33 98,816 --a------ C:\WINDOWS\system32\SET219.tmp
2008-08-23 18:15 . 2008-04-14 04:33 84,992 --a------ C:\WINDOWS\system32\SET233.tmp
2008-08-23 18:15 . 2008-04-14 04:33 75,264 --a------ C:\WINDOWS\system32\SET236.tmp
2008-08-23 18:15 . 2008-04-14 04:33 34,304 --a------ C:\WINDOWS\system32\SET215.tmp
2008-08-23 18:15 . 2008-04-14 04:33 27,648 --a------ C:\WINDOWS\system32\SET21D.tmp
2008-08-23 18:15 . 2008-04-14 04:33 26,624 --a------ C:\WINDOWS\system32\SET229.tmp
2008-08-23 18:15 . 2008-04-14 04:33 23,040 --a------ C:\WINDOWS\system32\SET21A.tmp
2008-08-23 18:15 . 2008-04-14 04:33 17,408 --a------ C:\WINDOWS\system32\SET21F.tmp
2008-08-23 18:15 . 2008-04-14 04:33 15,360 --a------ C:\WINDOWS\system32\SET222.tmp
2008-08-23 18:13 . 2008-04-14 04:33 1,719,808 --a------ C:\WINDOWS\system32\SET263.tmp
2008-08-23 18:12 . 2008-04-14 04:33 1,104,896 --a------ C:\WINDOWS\system32\SET27D.tmp
2008-08-23 18:09 . 2008-04-14 04:33 2,843,136 --a------ C:\WINDOWS\system32\SET2A3.tmp
2008-08-23 18:09 . 2008-04-14 04:33 1,007,104 --a------ C:\WINDOWS\system32\SET2A6.tmp
2008-08-23 18:09 . 2008-04-13 17:39 884,736 --a------ C:\WINDOWS\system32\SET29C.tmp
2008-08-23 18:09 . 2008-04-14 04:33 539,136 --a------ C:\WINDOWS\system32\SETEAC.tmp
2008-08-23 18:09 . 2008-04-14 04:33 271,360 --a------ C:\WINDOWS\system32\SET29E.tmp
2008-08-23 18:09 . 2008-04-14 04:33 159,232 --a------ C:\WINDOWS\system32\SET29B.tmp
2008-08-23 18:09 . 2008-04-14 04:34 78,848 --a------ C:\WINDOWS\system32\SET29F.tmp
2008-08-23 18:09 . 2008-04-14 04:33 15,360 --a------ C:\WINDOWS\system32\SET29A.tmp
2008-08-23 18:09 . 2008-04-14 04:33 6,656 --a------ C:\WINDOWS\system32\SET2A1.tmp
2008-08-23 18:09 . 2008-04-14 04:33 4,608 --a------ C:\WINDOWS\system32\SET29D.tmp
2008-08-23 18:07 . 2008-04-14 04:33 1,028,096 --a------ C:\WINDOWS\system32\SET2D8.tmp
2008-08-23 18:07 . 2008-04-14 04:33 120,320 --a------ C:\WINDOWS\system32\SET2DB.tmp
2008-08-23 18:07 . 2008-04-14 04:33 100,352 --a------ C:\WINDOWS\system32\SET2EA.tmp
2008-08-23 18:07 . 2008-04-14 04:33 22,528 --a------ C:\WINDOWS\system32\SET2D7.tmp
2008-08-23 18:07 . 2008-04-14 04:33 19,968 --a------ C:\WINDOWS\system32\SET2EC.tmp
2008-08-23 18:07 . 2008-04-14 04:33 18,944 --a------ C:\WINDOWS\system32\SET2D6.tmp
2008-08-23 18:07 . 2008-04-14 04:34 13,312 --a------ C:\WINDOWS\system32\SET2E3.tmp
2008-08-23 18:06 . 2008-04-14 04:33 4,096 --a------ C:\WINDOWS\system32\SET2F2.tmp
2008-08-23 18:05 . 2008-04-14 04:33 512,000 --a------ C:\WINDOWS\system32\SET2FB.tmp
2008-08-23 18:05 . 2008-04-14 04:34 380,928 --------- C:\WINDOWS\system32\SETEC8.tmp
2008-08-23 18:05 . 2008-04-14 04:33 332,800 --a------ C:\WINDOWS\system32\SET30F.tmp
2008-08-23 18:05 . 2008-04-14 04:33 299,520 --a------ C:\WINDOWS\system32\SET2F7.tmp
2008-08-23 18:05 . 2008-04-14 04:33 185,344 --a------ C:\WINDOWS\system32\SET30B.tmp
2008-08-23 18:05 . 2008-04-14 04:33 95,744 --a------ C:\WINDOWS\system32\SET311.tmp
2008-08-23 18:05 . 2008-04-14 04:34 33,280 --a------ C:\WINDOWS\system32\SET2F5.tmp
2008-08-23 18:05 . 2008-04-14 04:34 17,408 --a------ C:\WINDOWS\system32\SET313.tmp
2008-08-23 18:04 . 2008-04-14 04:33 110,080 --a------ C:\WINDOWS\system32\SET31D.tmp
2008-08-23 18:04 . 2008-04-14 04:33 75,264 --a------ C:\WINDOWS\system32\SET319.tmp
2008-08-23 18:04 . 2008-04-14 04:02 50,688 --a------ C:\WINDOWS\system32\SET317.tmp
2008-08-23 18:04 . 2008-04-14 04:33 32,768 --a------ C:\WINDOWS\system32\SET31A.tmp
2008-08-23 18:04 . 2008-04-14 04:33 11,264 --a------ C:\WINDOWS\system32\SET32E.tmp
2008-08-23 18:04 . 2008-04-14 04:31 3,584 --a------ C:\WINDOWS\system32\SET32B.tmp
2008-08-23 18:03 . 2008-04-14 04:33 614,912 --a------ C:\WINDOWS\system32\SET33C.tmp
2008-08-23 18:03 . 2008-04-14 04:33 563,712 --a------ C:\WINDOWS\system32\SET348.tmp
2008-08-23 18:03 . 2008-04-14 04:33 347,136 --a------ C:\WINDOWS\system32\SET334.tmp
2008-08-23 18:03 . 2008-04-14 04:33 285,184 --a------ C:\WINDOWS\system32\SET341.tmp
2008-08-23 18:03 . 2008-04-14 04:34 266,752 --a------ C:\WINDOWS\system32\SET33D.tmp
2008-08-23 18:03 . 2008-04-14 04:33 66,048 --a------ C:\WINDOWS\system32\SET34D.tmp
2008-08-23 18:03 . 2008-04-14 04:34 30,208 --a------ C:\WINDOWS\system32\SET336.tmp
2008-08-23 18:03 . 2008-04-14 04:33 24,064 --a------ C:\WINDOWS\system32\SET34B.tmp
2008-08-23 18:03 . 2008-04-14 04:33 20,992 --a------ C:\WINDOWS\system32\SET337.tmp
2008-08-23 18:02 . 2008-04-14 04:33 1,097,728 --a------ C:\WINDOWS\system32\SET363.tmp
2008-08-23 18:02 . 2008-04-14 04:34 1,037,824 --a------ C:\WINDOWS\SET445.tmp
2008-08-23 18:02 . 2008-04-14 04:33 451,584 --a------ C:\WINDOWS\system32\SET353.tmp
2008-08-23 18:02 . 2008-04-14 04:33 80,896 --a------ C:\WINDOWS\system32\SET35D.tmp
2008-08-23 18:02 . 2008-04-14 04:33 56,320 --a------ C:\WINDOWS\system32\SET361.tmp
2008-08-23 18:02 . 2008-04-14 04:33 23,040 --a------ C:\WINDOWS\system32\SET365.tmp
2008-08-23 18:02 . 2006-12-28 21:01 19,569 --a------ C:\WINDOWS\[u]0/u05486_.tmp
2008-08-23 18:01 . 2008-04-14 04:33 367,616 --a------ C:\WINDOWS\system32\SET376.tmp
2008-08-23 18:01 . 2008-04-14 04:33 290,816 --a------ C:\WINDOWS\system32\SET3AB.tmp
2008-08-23 18:01 . 2008-04-14 04:33 279,552 --a------ C:\WINDOWS\system32\SET3AF.tmp
2008-08-23 18:01 . 2008-04-13 19:37 138,752 --a------ C:\WINDOWS\system32\SET371.tmp
2008-08-23 18:01 . 2008-04-14 04:33 60,928 --a------ C:\WINDOWS\system32\SET384.tmp
2008-08-23 18:01 . 2008-04-14 04:33 59,904 --a------ C:\WINDOWS\system32\SET3AC.tmp
2008-08-23 18:01 . 2008-04-14 04:33 45,568 --a------ C:\WINDOWS\system32\SET38C.tmp
2008-08-23 18:01 . 2008-04-14 04:33 27,136 --a------ C:\WINDOWS\system32\SET3AE.tmp
2008-08-23 18:01 . 2008-04-14 04:33 14,336 --a------ C:\WINDOWS\system32\SET37C.tmp
2008-08-23 18:01 . 2008-04-14 04:33 8,704 --a------ C:\WINDOWS\system32\SET3B2.tmp
2008-08-23 18:00 . 2008-04-14 04:33 824,320 --a------ C:\WINDOWS\system32\SET3BE.tmp
2008-08-23 18:00 . 2008-04-14 04:33 640,000 --a------ C:\WINDOWS\system32\SET3B7.tmp
2008-08-23 18:00 . 2008-04-14 04:33 25,600 --a------ C:\WINDOWS\system32\SET3BA.tmp
2008-08-23 17:58 . 2008-04-14 04:33 498,688 --a------ C:\WINDOWS\system32\SET3E8.tmp
2008-08-23 17:58 . 2008-04-14 04:33 58,368 --a------ C:\WINDOWS\system32\SET3E2.tmp
2008-08-23 17:56 . 2008-04-14 04:33 125,952 --a------ C:\WINDOWS\system32\SET413.tmp
2008-08-23 17:56 . 2008-04-14 04:33 65,024 --a------ C:\WINDOWS\system32\SET410.tmp
2008-08-23 17:55 . 2008-04-14 04:33 193,536 --a------ C:\WINDOWS\system32\SET41E.tmp
2008-08-23 17:55 . 2008-04-14 04:33 143,360 --a------ C:\WINDOWS\system32\SET41A.tmp
2008-08-23 17:55 . 2008-04-14 04:33 98,304 --a------ C:\WINDOWS\system32\SET41C.tmp
2008-08-22 18:01 . 2008-07-18 22:09 29,896 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-08-22 18:01 . 2008-07-18 22:09 22,216 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-08-13 23:57 . 2008-05-01 16:31 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-13 23:57 . 2008-06-23 18:28 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-08-13 23:54 . 2008-04-11 21:05 691,712 --------- C:\WINDOWS\system32\SETF9D.tmp
2008-08-12 13:47 . 2008-08-12 13:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Go Go Gourmet
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-07 12:53 --------- d-----w C:\Program Files\Wanadoo
2008-09-07 08:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k7
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k6
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k5
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k4
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k3
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k2
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k1
2008-09-04 18:30 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k0
2008-09-04 15:06 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-03 14:07 10,866 ----a-w C:\Documents and Settings\Propriétaire\Application Data\wklnhst.dat
2008-09-01 15:09 --------- d-----w C:\Program Files\Gamenext
2008-08-27 19:50 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-19 05:04 --------- d-----w C:\Program Files\Incomplete
2008-08-08 20:39 --------- d-----w C:\Program Files\MioNet
2008-08-01 12:29 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Home Sweet Home
2008-08-01 11:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-07-31 08:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\DivoGames
2008-07-30 09:43 --------- d-----w C:\Program Files\eMule
2008-07-25 14:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Fashion Solitaire 1.2
2008-07-25 12:20 --------- d-----w C:\Program Files\Google
2008-07-25 11:51 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\ViquaSoft
2008-07-24 14:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\VirtualFarm
2008-07-24 11:44 --------- d-----w C:\Program Files\Zylom Games
2008-07-23 14:04 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Big Fish Games
2008-07-23 11:03 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Zylom
2008-07-21 13:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\JollyBear
2008-07-21 11:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\SpinTop Games
2008-07-19 21:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\FreshGames
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-16 11:05 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Nokia Multimedia Player
2008-07-11 10:30 --------- d-----w C:\Program Files\Navilog1
2008-07-10 18:39 --------- d-----w C:\Program Files\CCleaner
2008-07-10 13:47 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\FloodLightGames
2008-07-10 13:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\FloodLightGames
2008-07-10 13:38 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Flood Light Games
2008-07-10 13:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Flood Light Games
2008-07-10 13:37 --------- d-----w C:\Program Files\Fichiers communs\Oberon Media
2008-07-10 12:53 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\PlayFirst
2008-07-10 12:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-07-09 22:05 --------- d-----w C:\Program Files\LimeWire
2008-07-09 16:35 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-09 16:12 --------- d-----w C:\Program Files\inKline Global
2008-07-08 14:39 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Fuzzy Games
2008-07-08 12:18 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Total Eclipse
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es(3).dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es(2).dll
2008-07-07 20:28 253,952 ------w C:\WINDOWS\system32\SETF98.tmp
2008-07-07 20:19 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\LimeWire
2008-07-07 15:05 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Gamelab
2008-06-24 16:44 74,240 ------w C:\WINDOWS\system32\SETFC5.tmp
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms(3).dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms(2).dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:47 247,808 ------w C:\WINDOWS\system32\SETFB6.tmp
2008-06-20 17:47 147,968 ------w C:\WINDOWS\system32\SETFB7.tmp
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock(2).dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dnsapi(2).dll
2007-10-09 19:13 2,539,808 ------w C:\Program Files\DVDFabHDDecrypter3200.exe
2007-10-06 13:09 774,144 ------w C:\Program Files\RngInterstitial.dll
2008-02-21 15:10 601,600 ----a-w C:\Program Files\mozilla firefox\plugins\MannequinPlayer2.dll
2007-06-05 15:33 32 -csha-w C:\WINDOWS\{42F21F2F-7EA5-40F2-AE8B-8DA531F8D6B8}.dat
2007-07-01 09:31 0 -csha-w C:\WINDOWS\SMINST\HPCD.sys
2007-06-05 15:33 32 --sha-w C:\WINDOWS\system32\{82BB5DD5-8CA0-400D-9149-38C06497D300}.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{21fd0b23-527d-0da7-4bf1-f33dfc5f2dd0}]
2008-09-04 13:24 350208 --a------ C:\WINDOWS\system32\nsn27.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 11:42 68856]
"BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2003-06-22 22:25 24576]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 11:28 139264]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"Acme.PCHButton"="C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe" [2003-01-01 20:13 155648]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2008-06-25 15:58 1209584]
"Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2008-01-01 17:49 4739072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 16:10 271360]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 03:23 443968]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 11:17 1241088]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-09 20:38:41 125624]
TrayMin210.exe.lnk - C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe [2007-06-11 15:17:08 278528]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
2006-03-09 13:46 73728 C:\WINDOWS\system32\UmxWNP.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
--a------ 2008-06-25 15:58 1209584 C:\Program Files\CCleaner\CCleaner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
--------- 2007-06-05 17:47 190024 C:\Program Files\MessengerPlus! 3\MsgPlus.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--------- 2006-01-12 16:40 155648 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
R0 KmxStart;KmxStart;C:\WINDOWS\system32\DRIVERS\kmxstart.sys [2006-08-30 15:19]
R1 KmxAgent;KmxAgent;C:\WINDOWS\system32\DRIVERS\kmxagent.sys [2006-09-26 01:43]
R1 KmxFile;KmxFile;C:\WINDOWS\system32\DRIVERS\KmxFile.sys [2006-09-26 01:44]
R1 KmxFw;KmxFw;C:\WINDOWS\system32\DRIVERS\kmxfw.sys [2006-10-26 15:54]
R2 KmxCF;KmxCF;C:\WINDOWS\system32\DRIVERS\KmxCF.sys [2006-10-30 12:05]
R2 KmxSbx;KmxSbx;C:\WINDOWS\system32\DRIVERS\KmxSbx.sys [2006-09-26 01:23]
R2 MioNet;MioNet Service;C:\Program Files\MioNet\MioNetManager.exe [2005-07-15 22:38]
R3 KmxCfg;KmxCfg;C:\WINDOWS\system32\DRIVERS\kmxcfg.sys [2006-09-25 15:38]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
S2 UmxAgent;HIPS Event Manager;C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe []
S2 UmxCfg;HIPS Configuration Interpreter;C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe []
S2 UmxPol;HIPS Policy Manager;C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe []
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 07:58]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\Info.exe folder.htt 480 480
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
2008-09-03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]
2007-10-22 C:\WINDOWS\Tasks\Connexion Facile à Internet.job
- C:\Program Files\Easy Internet signup\HPSdpApp.exe [2003-08-15 23:37]
2008-08-29 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe []
2008-08-29 C:\WINDOWS\Tasks\Norton Security Scan.job
- C:\Program Files\Norton Security Scan\Nss.exe [2007-09-18 23:42]
2008-09-07 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20]
2008-09-06 C:\WINDOWS\Tasks\WebReg 20070826001513.job
- c:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe [2003-07-07 09:43]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\itew3x1s.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 14:56:10
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll
.
Temps d'accomplissement: 2008-09-07 15:03:01
ComboFix-quarantined-files.txt 2008-09-07 13:02:57
Pre-Run: 24,581,967,872 octets libres
Post-Run: 24,569,004,032 octets libres
326 --- E O F --- 2008-08-23 18:48:03es
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 sept. 2008 à 13:38
8 sept. 2008 à 13:38
analyse ces fichiers sur virurs total et colles les rapports : https://www.virustotal.com/gui/
C:\WINDOWS\system32\nsn27.dll
C:\WINDOWS\system32\drivers\kmxcfg.u2k7
C:\WINDOWS\system32\SET122.tmp
C:\WINDOWS\system32\SET134.tmp
C:\WINDOWS\system32\nsn27.dll
C:\WINDOWS\system32\drivers\kmxcfg.u2k7
C:\WINDOWS\system32\SET122.tmp
C:\WINDOWS\system32\SET134.tmp
sylvie81
Messages postés
103
Date d'inscription
mercredi 19 décembre 2007
Statut
Membre
Dernière intervention
27 juin 2012
10 sept. 2008 à 22:14
10 sept. 2008 à 22:14
excuse moi mais le pc avait pas mal de soucis et t'chikiti ma bien aider je te remercie quand meme de m'avoir répondu et a un prochain jour byebye
syl
syl
27 août 2008 à 18:02
Version de la base de données: 1088
Windows 5.1.2600 Service Pack 2
17:58:24 27/08/2008
mbam-log-08-27-2008 (17-57-57).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 167309
Temps écoulé: 2 hour(s), 41 minute(s), 22 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 15
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 7
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{48dc6ffb-64d7-42e8-949d-8ef2641eb73a} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{c1a6d8b8-93c3-4186-9dd1-13983f9f1d9b} (Adware.RightOnAds) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{b4094603-dda9-4caf-9b13-0ad1034c9c53} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{3160f356-e8c3-4de2-a698-92eeeb3d3400} (Adware.RightOnAds) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adssite (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MySidesearch (Adware.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21fd0b23-527d-0da7-4bf1-f33dfc5f2dd0} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{21fd0b23-527d-0da7-4bf1-f33dfc5f2dd0} (Adware.BHO) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> No action taken.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP237\A0029338.dll (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP237\A0029341.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\nsjA.dll (Adware.BHO) -> No action taken.
C:\WINDOWS\system32\nsuBF.dll (Adware.BHO) -> No action taken.
C:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> No action taken.
C:\Documents and Settings\Propriétaire\Application Data\urlredir.cfg (Adware.RightOnAds) -> No action taken.
C:\WINDOWS\system32\nsi23C.dll (Adware.BHO) -> No action taken.
-----------\\ ToolBar S&D 1.0.3 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\ToolBar SD" ] [ Selection : 1 ]
[ 27/08/2008 | 18:00:25,20 ] [ PC : SYLVIE ]
[ MAJ : 08-07-2008 | 22:24 ]
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [HKCU\..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
-----------\\ Fin du rapport a 18:01:28,15
voila,mes rapports et est ce que tu peux voir ce qu'il faut faire?
a plus