vpey

bonjour, Tout est dans le titre. Voila ci-dessous le rapport. Merci pour votre aide. *************************************** Logfile of HijackThis v1.99.1 Scan saved at 16:55:04, on 17/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\SimpleCenter\bin\win\sclauncher.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Messenger\MSMSGS.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\ctfmon.exe C:\documents and settings\mathieu olivier\local settings\application data\iueymgo.exe C:\Program Files\Controle Parental\bin\optproxy.exe C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://kingkongsearch.com/search-kkc-hm.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kingkongsearch.com/search-kkc-hm.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {4FDDEB42-B849-4CBB-88D2-6D365CB942AC} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: XBTB06872 - {5FCB2823-9A85-48AF-8368-0D8D7A0C5E55} - C:\Program Files\IEToolbar\4 Search w google search\4search.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: 4 Search w google search - {0C9A45D1-6DF3-4615-9353-07FB5EE9B507} - C:\Program Files\IEToolbar\4 Search w google search\4search.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sclauncher] C:\Program Files\SimpleCenter\bin\win\sclauncher.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Wanadoo Messager.exe] "C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe" /background O4 - HKLM\..\Run: [Vaderetro Outlook] "C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe -s" O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\Hewlett-Packard\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\WINDOWS\TEMP\E_S3B.tmp" /EF "HKCU" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iueymgo] "c:\documents and settings\mathieu olivier\local settings\application data\iueymgo.exe" iueymgo O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1102016039078 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Bonjour, Connaissez vous une boite ou un site qui propose de vous racheter vos cartouches d'imprimantes non utilisées (pleines)? ( à part les mettre sur ebay!!!) Merci

Bonjour, J'utiise aujourd'hui Delrina Fax pour envoyer des fax. Mon problème est que Delrina Fax ne gère que 2 ports série et donc je ne peux envoyer que 2 fax simultanément. Connaissez-vous des logiciels Fax qui me permettrait de gérer 4 ou 5 ports série pour pourvoir envoyer plusieurs fax en même temps. Merci

Le fichier C:\WINNT\TEMP\RA569D.EXE n'existe pas sur mon disque. Ci dessous le rapport JavaRa : JavaRa 1.10 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Thu Jul 17 17:06:55 2008 Found and removed: C:\Program Files\Java\j2re1.4.2_13 Found and removed: C:\Program Files\Java\jre1.6.0_01 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03 Found and removed: Software\JavaSoft\Java2D\1.6.0_03 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\JavaPlugin.160_03 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142130} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23B06123E6D18D74FA6711404FCAC1B8 ------------------------------------ Finished reporting. et le rapport Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:11:08, on 17/07/2008 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Symantec\pcAnywhere\awhost32.exe C:\WINNT\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe C:\WINNT\system32\nvsvc32.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe C:\WINNT\TEMP\PXDE0A.EXE C:\WINNT\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\Smtray.exe C:\WINNT\system32\RUNDLL32.EXE C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Zetafax\ZETAFAX.EXE M:\prog91\bin\prowin32.exe C:\PROGRA~1\WINZIP\wzqkpick.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [igfxTray] C:\WINNT\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe O4 - HKLM\..\Run: [Watch] C:\PROGRA~1\Minitel\Watch.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Vaderetro Outlook] "C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe -s" O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow O4 - HKCU\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: ADSL.BAT O4 - Startup: ZETAFAX.lnk = C:\Program Files\Zetafax\ZETAFAX.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Scan en temps réel Trend Micro Client/Server Security Agent (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: Pare-feu personnel Trend Micro Client/Server Security Agent (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Trend Micro Client-Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe -- End of file - 5660 bytes

Et je fais comment pour les cloturer car j'ai soldé les autres sujets

Voici le rapport d'un pc que je trouve ralenti. Trouvez-vous des choses anormales ? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:38:47, on 16/07/2008 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Symantec\pcAnywhere\awhost32.exe C:\WINNT\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe C:\WINNT\system32\nvsvc32.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe C:\WINNT\TEMP\RA569D.EXE C:\WINNT\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\Smtray.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINNT\system32\RUNDLL32.EXE C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINNT\system32\internat.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Zetafax\ZETAFAX.EXE C:\WINNT\system32\wuauclt.exe M:\prog91\bin\prowin32.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [igfxTray] C:\WINNT\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe O4 - HKLM\..\Run: [Watch] C:\PROGRA~1\Minitel\Watch.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Vaderetro Outlook] "C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe -s" O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKCU\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - Startup: ADSL.BAT O4 - Startup: ZETAFAX.lnk = C:\Program Files\Zetafax\ZETAFAX.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Scan en temps réel Trend Micro Client/Server Security Agent (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: Pare-feu personnel Trend Micro Client/Server Security Agent (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Trend Micro Client-Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe -- End of file - 6615 bytes

Internet Explorer OK Windows Update OK ça a l'air de marcher. Je continue les tests mais dèjà merci beaucoup pour toute cette aide et peut être à bientôt sur le forum

Le pc a l'air de fonctionnait normalement hormis si j'essaie d'ouvrir internet explorer : 1- impossible de lancer Internet explorer. message d'erreur "Microsoft a rencontré un problème et doit fermer ...." 2- impossible de finir l'installation de windows update

* Postez le rapport ici.[/color] SDFix: Version 1.182 Run by atelier2008 on 09/07/2008 at 16:07 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-09 16:12:57 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper" "C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:Partage de l'application RTC" "C:\\WINDOWS\\system32\\tlntsvr.exe"="C:\\WINDOWS\\system32\\tlntsvr.exe:*:Enabled:Telnet" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Fri 13 May 2005 217,073 A.SHR --- "C:\WINDOWS\meta4.exe" Mon 3 Mar 2008 3,414 A.SH. --- "C:\WINDOWS\mlkklm.tmp" Sun 2 Sep 2007 102,840 A.SHR --- "C:\WINDOWS\spolis.exe" Tue 6 May 2008 86,016 ..SH. --- "C:\Documents and Settings\atelier2008\lsass.exe" Fri 27 Oct 2006 1,108,480 A..H. --- "C:\MARC1\dossier FLEXPICKER\~WRL0001.tmp" Thu 14 Jul 2005 27,648 A.SHR --- "C:\WINDOWS\system32\AVSredirect.dll" Sun 26 Jun 2005 616,448 A.SHR --- "C:\WINDOWS\system32\cygwin1.dll" Tue 21 Jun 2005 45,568 A.SHR --- "C:\WINDOWS\system32\cygz.dll" Wed 3 May 2006 163,328 A.SHR --- "C:\WINDOWS\system32\flvDX.dll" Sun 25 Jan 2004 70,656 A.SHR --- "C:\WINDOWS\system32\i420vfw.dll" Sun 2 Sep 2007 102,840 A.SHR --- "C:\WINDOWS\system32\LeChucK.exe" Wed 21 Feb 2007 31,232 A.SHR --- "C:\WINDOWS\system32\msfDX.dll" Mon 28 Feb 2005 240,128 A.SHR --- "C:\WINDOWS\system32\x.264.exe" Sun 25 Jan 2004 70,656 A.SHR --- "C:\WINDOWS\system32\yv12vfw.dll" Mon 12 Feb 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Sun 26 Jun 2005 616,448 A.SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll" Tue 21 Jun 2005 45,568 A.SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll" Sat 26 Jan 2008 72,704 A.SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe" Fri 27 Oct 2006 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll" Fri 19 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Tue 4 Jun 2002 84,992 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll" Tue 4 Jun 2002 44,032 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll" Tue 10 Dec 2002 73,766 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll" Tue 10 Dec 2002 65,575 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll" Sun 9 Jun 2002 36,864 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll" Tue 4 Jun 2002 20,480 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll" Tue 10 Dec 2002 102,437 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll" Tue 10 Dec 2002 176,165 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll" Tue 10 Dec 2002 208,935 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll" Tue 10 Dec 2002 217,127 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll" Sun 9 Jun 2002 40,448 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll" Sun 4 Nov 2001 225,280 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll" Tue 10 Apr 2001 225,280 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll" Fri 20 Feb 2004 232,960 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll" Sun 9 Jun 2002 525,824 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll" Tue 10 Dec 2002 245,805 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll" Tue 10 Dec 2002 45,093 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll" Tue 10 Dec 2002 98,341 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll" Tue 10 Dec 2002 94,247 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll" Tue 10 Dec 2002 90,151 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll" Tue 10 Dec 2002 102,439 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll" Sun 9 Jun 2002 49,152 A..HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll" Wed 7 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\BIT1.tmp" Tue 17 Jun 2008 14,771,744 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8171d23d6d072d8b50d065ca55a754fb\BITB.tmp" Tue 3 Jun 2008 532,008 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c7a938840821681a70686ad12465b831\BIT5.tmp" Tue 17 Jun 2008 2,397,600 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f6f71aab218464dc16c129348c36ff39\BIT3.tmp" Tue 3 Jun 2008 8,502,904 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\fa7431e5b6c6ef5b2a4a86419ca21980\BIT1.tmp" Tue 17 Jun 2008 166,432 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d24a4b9dfbec6c7724afa24733a7ee2f\download\BIT4.tmp" Finished! et un nouvel hijackthis, svp. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:15, on 2008-07-09 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\userinit.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (file missing) O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing) O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll (file missing) O3 - Toolbar: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1207044146335 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1213727724045 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_12.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: B&R Disk Image (BrDiskImageSvcx) - Bernecker + Rainer, Industrie-Elektronik Ges.m.b.H, A-5142, Austria, Europe - C:\BrAutomation\Pvi\Tools\PVITransfer\BrDiskImageSvc.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6389 bytes

Enfin, ça marche ******************************* Voici le rapport Combofix : ******************************* ComboFix 08-07-08.5 - atelier2008 2008-07-09 8:27:39.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.182 [GMT 2:00] Endroit: C:\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\autorun.inf C:\Documents and Settings\atelier2008\Application Data\macromedia\Flash Player\#SharedObjects\GZ66EKNG\www.broadcaster.com C:\Documents and Settings\atelier2008\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com C:\Documents and Settings\atelier2008\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol C:\Documents and Settings\slatelier\Application Data\macromedia\Flash Player\#SharedObjects\GZ66EKNG\www.broadcaster.com C:\Documents and Settings\slatelier\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com C:\Documents and Settings\slatelier\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol C:\WINDOWS\BM53bef932.txt C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\regedit.com C:\WINDOWS\system32\ajjwklun.dll C:\WINDOWS\system32\befNnnnn.ini C:\WINDOWS\system32\befNnnnn.ini2 C:\WINDOWS\system32\cmd.com C:\WINDOWS\system32\cmnyqbox.ini C:\WINDOWS\system32\dirhgckn.dll C:\WINDOWS\system32\EfLlRqru.ini C:\WINDOWS\system32\EfLlRqru.ini2 C:\WINDOWS\system32\fo-remove.exe C:\WINDOWS\system32\hasnbfdp.ini C:\WINDOWS\system32\igwgsjix.dll C:\WINDOWS\system32\ijjjPqss.ini C:\WINDOWS\system32\ijjjPqss.ini2 C:\WINDOWS\system32\lclkncsr.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mjupiggw.dll C:\WINDOWS\system32\MSINET.oca C:\WINDOWS\system32\msxsaxgt.ini C:\WINDOWS\system32\nubgpbqu.dll C:\WINDOWS\system32\nvs2.inf C:\WINDOWS\system32\pac.txt C:\WINDOWS\system32\pvmtyfbu.dll C:\WINDOWS\system32\qmpjnlkd.dll C:\WINDOWS\system32\rscnklcl.dll C:\WINDOWS\system32\sluseypy.dll C:\WINDOWS\system32\tgxasxsm.dll C:\WINDOWS\system32\wggipujm.ini C:\WINDOWS\system32\wins.exe C:\WINDOWS\system32\wmpohodu.ini C:\WINDOWS\system32\xijsgwgi.ini C:\WINDOWS\system32\xobqynmc.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_DOMAINSERVICE -------\Legacy_POWERMANAGER ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-09 to 2008-07-09 )))))))))))))))))))))))))))))))))))) . 2008-07-09 14:58 . 2008-07-09 14:57 4,097 --a------ C:\VirusBdRRepair.vbs 2008-07-09 12:38 . 2006-03-02 14:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex 2008-07-09 12:37 . 2006-03-02 14:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll 2008-07-09 12:36 . 2006-03-02 14:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll 2008-07-09 12:35 . 2006-03-02 14:00 290,816 --a--c--- C:\WINDOWS\system32\dllcache\adsiis51.dll 2008-07-09 12:35 . 2006-03-02 14:00 47,104 --a--c--- C:\WINDOWS\system32\dllcache\coadmin.dll 2008-07-09 12:35 . 2006-03-02 14:00 43,520 --a--c--- C:\WINDOWS\system32\dllcache\admwprox.dll 2008-07-09 12:30 . 2006-03-02 14:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe 2008-07-09 12:30 . 2008-07-09 12:30 749 -rah----- C:\WINDOWS\WindowsShell.Manifest 2008-07-09 12:30 . 2008-07-09 12:30 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest 2008-07-09 12:30 . 2008-07-09 12:30 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest 2008-07-09 12:30 . 2008-07-09 12:30 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest 2008-07-09 12:30 . 2008-07-09 12:30 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest 2008-07-09 12:30 . 2008-07-09 12:30 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest 2008-07-09 12:26 . 2004-08-19 16:09 154,112 --a------ C:\WINDOWS\system32\irftp.exe 2008-07-09 12:26 . 2004-08-03 23:00 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys 2008-07-09 12:26 . 2004-08-19 16:09 28,160 --a------ C:\WINDOWS\system32\irmon.dll 2008-07-09 12:26 . 2004-08-19 16:09 8,192 --a------ C:\WINDOWS\system32\wshirda.dll 2008-07-09 12:15 . 2001-08-17 21:51 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys 2008-07-09 08:41 . 2008-07-05 16:46 <REP> d-------- C:\327882R2FWJFW 2008-07-09 08:26 . 2008-07-09 08:25 2,608,075 --a------ C:\Combo-Fix.exe 2008-07-08 17:41 . 2008-07-08 17:41 <REP> d-------- C:\Program Files\Trend Micro 2008-07-08 17:40 . 2008-05-14 13:55 812,344 --a------ C:\HJTInstall.exe 2008-07-02 07:58 . 2008-07-02 07:58 <REP> d-------- C:\Documents and Settings\atelier2008\Application Data\Spamihilator 2008-07-02 07:22 . 2008-07-02 07:58 <REP> d-------- C:\Program Files\Spamihilator 2008-06-27 09:58 . 2008-05-06 22:02 86,016 ---hs---- C:\Documents and Settings\atelier2008\lsass.exe 2008-06-26 13:12 . 2007-01-19 23:19 <REP> d--h----- C:\Documents and Settings\atelier2008.WINDOWS-24655A6\Voisinage r‚seau 2008-06-26 13:12 . 2007-01-19 23:19 <REP> d--h----- C:\Documents and Settings\atelier2008.WINDOWS-24655A6\Voisinage d'impression 2008-06-26 13:12 . 2008-03-26 15:35 <REP> d--h----- C:\Documents and Settings\atelier2008.WINDOWS-24655A6\ModŠles 2008-06-26 13:12 . 2007-01-19 23:19 <REP> d-------- C:\Documents and Settings\atelier2008.WINDOWS-24655A6\Mes documents 2008-06-26 13:12 . 2007-01-19 23:19 <REP> dr------- C:\Documents and Settings\atelier2008.WINDOWS-24655A6\Menu D‚marrer 2008-06-26 13:12 . 2007-01-19 23:19 <REP> d-------- C:\Documents and Settings\atelier2008.WINDOWS-24655A6\Favoris 2008-06-26 13:12 . 2007-01-19 23:19 <REP> d-------- C:\Documents and Settings\atelier2008.WINDOWS-24655A6\Bureau 2008-06-26 13:12 . 2008-05-29 05:41 <REP> d-------- C:\Documents and Settings\atelier2008.WINDOWS-24655A6\Application Data\ACD Systems 2008-06-26 13:12 . 2008-07-02 07:05 <REP> d-------- C:\Documents and Settings\atelier2008.WINDOWS-24655A6 2008-06-25 15:56 . 2008-06-25 15:58 <REP> d-------- C:\WINDOWS\ServicePackFiles 2008-06-25 15:53 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\002737_.tmp 2008-06-25 10:56 . 2008-06-25 10:56 <REP> d-------- C:\Program Files\Windows Installer 4.5 SDK 2008-06-24 14:04 . 2008-06-24 14:04 <REP> d-------- C:\Program Files\PicLensIE 2008-06-20 14:10 . 2008-06-20 14:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-06-20 13:47 . 2008-06-20 13:47 <REP> d-------- C:\Program Files\Lavalys 2008-06-19 19:45 . 2008-06-19 19:45 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8 2008-06-19 19:45 . 2008-06-19 19:45 <REP> d-------- C:\Program Files\Microsoft Visual Studio .NET 2003 2008-06-19 19:45 . 2008-06-19 19:45 <REP> d-------- C:\Program Files\Microsoft Visual Studio .NET 2008-06-19 19:38 . 2008-06-19 19:43 696 --a------ C:\haspemul.reg 2008-06-19 13:48 . 2008-06-19 13:51 <REP> d-------- C:\Program Files\Antipub 2008-06-18 13:36 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-06-18 13:36 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-06-17 20:04 . 2008-06-17 20:04 120 --a------ C:\WINDOWS\Winchat.ini 2008-06-17 18:53 . 2008-06-17 18:53 126 --a------ C:\WINDOWS\system32\MMC.exe.config . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-23 16:55 --------- d-----w C:\Program Files\Alwil Software 2008-06-23 11:48 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-06-20 12:10 --------- d-----w C:\Program Files\Fichiers communs\ACD Systems 2008-06-20 12:06 --------- d-----w C:\Program Files\DivX 2008-05-07 18:09 5,776 ----a-w C:\WINDOWS\ upd.dll 2008-05-07 11:21 2,829 ----a-w C:\WINDOWS\ IEXPLORE.PIF 2008-04-13 17:33 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll 2007-06-20 15:05 47,360 ----a-w C:\Documents and Settings\slatelier\Application Data\pcouffin.sys 2007-06-20 15:05 47,360 ----a-w C:\Documents and Settings\atelier2008\Application Data\pcouffin.sys 2007-06-04 17:13 17,929,072 ----a-w C:\Program Files\Install_Messenger.exe 2007-05-04 07:52 384 ----a-w C:\Documents and Settings\slatelier\Application Data\internaldb6334.dat 2007-05-04 07:52 384 ----a-w C:\Documents and Settings\atelier2008\Application Data\internaldb6334.dat 2007-05-04 07:49 194 ----a-w C:\Documents and Settings\slatelier\Application Data\internaldb8467.dat 2007-05-04 07:49 194 ----a-w C:\Documents and Settings\atelier2008\Application Data\internaldb8467.dat 2007-05-04 07:49 18,432 ----a-w C:\Documents and Settings\slatelier\Application Data\internaldb41.dat 2007-05-04 07:49 18,432 ----a-w C:\Documents and Settings\atelier2008\Application Data\internaldb41.dat 2004-05-25 18:59 212,992 ----a-w C:\Program Files\Fichiers communs\progress software 2005-05-13 16:12 217,073 --sha-r C:\WINDOWS\meta4.exe 2008-03-05 07:03 3,414 --sha-w C:\WINDOWS\mlkklm.ini2 2007-09-02 18:52 102,840 --sha-r C:\WINDOWS\spolis.exe 2005-07-14 11:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll 2005-06-26 14:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll 2005-06-21 21:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll 2006-05-03 09:06 163,328 --sha-r C:\WINDOWS\system32\flvDX.dll 2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll 2007-09-02 18:52 102,840 --sha-r C:\WINDOWS\system32\LeChucK.exe 2007-02-21 10:47 31,232 --sha-r C:\WINDOWS\system32\msfDX.dll 2005-02-28 12:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe 2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-01-24 12:15 7311360] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-01-24 12:15 86016] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 03:11 925696] "LSA Shellu"="C:\Documents and Settings\atelier2008\lsass.exe" [2008-05-06 22:02 86016] "nwiz"="nwiz.exe" [2006-01-24 12:15 1519616 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableCAD"= 0 (0x0) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoClose"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.yv12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\startupfolder\C:^Documents and Settings^atelier2008^Menu Démarrer^Programmes^Démarrage^Anti-Pub.lnk] path=C:\Documents and Settings\atelier2008\Menu Démarrer\Programmes\Démarrage\Anti-Pub.lnk backup=C:\WINDOWS\pss\Anti-Pub.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2006-03-02 14:00 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iousc] --a------ 2008-06-30 17:17 380928 c:\Documents and Settings\atelier2008\Local Settings\Application Data\iousc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSA Shellu] ---hs---- 2008-05-06 22:02 86016 C:\Documents and Settings\atelier2008\lsass.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --------- 2008-04-13 19:34 1695232 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2006-01-24 12:15 7311360 C:\WINDOWS\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a------ 2006-01-24 12:15 86016 C:\WINDOWS\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-02-13 12:46 98304 C:\Program Files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] --a------ 2005-05-20 03:11 925696 C:\Program Files\Analog Devices\Core\smax4pnp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spamihilator] --a------ 2008-04-05 15:17 1060864 C:\Program Files\Spamihilator\spamihilator.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-01-25 10:42 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2006-01-24 12:15 1519616 C:\WINDOWS\system32\nwiz.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R1 PBUS;PBUS;C:\WINDOWS\system32\drivers\PBUS.sys [2001-09-19 10:56] S3 BrDiskImageSvcx;B&R Disk Image;C:\BrAutomation\Pvi\Tools\PVITransfer\BrDiskImageSvc.exe [2006-04-06 18:56] S3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2005-05-12 17:24] S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 14:00] S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b123ffe4-928e-11dc-8bd8-0018f3d4490a}] \Shell\Auto\command - Start.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c4848d76-ac6a-11db-9db1-0018f3d4490a}] \Shell\Auto\command - F:\Start.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1C61F025-E41F-958E-0606-070204080802}] C:\WINDOWS\test.exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-07-09 13:04:25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{52CCCE1F-6AD6-44E6-8672-7C497A6D2CFA}.job" - C:\WINDOWS\system32\msfeedssync.exe . - - - - ORPHANS REMOVED - - - - BHO-{0FDB4C5D-F715-4C75-9449-C750686367C0} - C:\WINDOWS\system32\ssqPjjji.dll BHO-{A9EE832B-B412-4A0E-94C1-7C1B777E9277} - C:\WINDOWS\system32\urqRlLfE.dll BHO-{B8A42496-7C38-426F-9DEA-46929D38EBE4} - C:\WINDOWS\system32\nnnnNfeb.dll HKLM-Run-BM53bef932 - C:\WINDOWS\system32\ajjwklun.dll HKU-Default-Run-swg - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe Notify-dattil - dattil.dll Notify-dskt97 - dskt97.dll Notify-tuvWQGwv - tuvWQGwv.dll MSConfigStartUp-508dcaae - C:\WINDOWS\system32\tgxasxsm.dll MSConfigStartUp-ares - C:\Program Files\Ares\Ares.exe MSConfigStartUp-avast! - C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe MSConfigStartUp-BM53bef932 - C:\WINDOWS\system32\ajjwklun.dll MSConfigStartUp-mscdti - C:\WINDOWS\cdti.exe MSConfigStartUp-swg - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-09 15:00:34 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . --------------------- DLLs a charg‚ sous des processus courants --------------------- PROCESS: C:\WINDOWS\system32\lsass.exe -> C:\Documents and Settings\atelier2008\lsass.exe . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\rundll32.exe . ************************************************************************** . Temps d'accomplissement: 2008-07-09 15:07:39 - machine was rebooted ComboFix-quarantined-files.txt 2008-07-09 13:07:35 Pre-Run: 62,782,545,920 octets libres Post-Run: 63,499,988,992 octets libres 255 --- E O F --- 2008-07-09 06:20:21 Maintenant le rapport ELIBAGLA : ************************************** Wed Jul 09 15:10:13 2008 EliBagle v11.57 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 8 de Julio del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): Wed Jul 09 15:10:41 2008 EliBagle v11.57 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 8 de Julio del 2008) ---------------------------------------------- Lista de Acciones (por Exploración): Explorando Unidad C:\ Nº Total de Directorios: 6264 Nº Total de Ficheros: 57821 Nº de Ficheros Analizados: 11153 Nº de Ficheros Infectados: 0 Nº de Ficheros Limpiados: 0 ET LE RAPPORT HIJACKTHIS : *********************************** Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:16, on 2008-07-09 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\nvsvc32.exe C:\Documents and Settings\atelier2008\lsass.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (file missing) O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing) O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll (file missing) O3 - Toolbar: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\atelier2008\lsass.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1207044146335 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1213727724045 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_12.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: B&R Disk Image (BrDiskImageSvcx) - Bernecker + Rainer, Industrie-Elektronik Ges.m.b.H, A-5142, Austria, Europe - C:\BrAutomation\Pvi\Tools\PVITransfer\BrDiskImageSvc.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6418 bytes VOILA LES 3 RAPPORTS

il me trouve aucun de ces fichiers à supprimer

Bonjour, c'est encore la même chose que précédement. Windows me demande avec quelle application je veux lancer le .exe J'ai fait une ré-installation Xp Pro par dessus. C'est toujours pareil. Qu'est-ce que je fais, je formate et je ré-installe ou je tente autre chose ??

Bonjour, Impossible également de lancer combofix.exe Windows me demande avec quelle application je veux lancer le .exe ça sent pas bon. Je fais quoi d'après vous ?

Bonjour, J'ai un de mes pc qui me pose problème: 1-J'ai de la pub sans arret. 2-Je n'arrive pas à accèder à C: par le poste de travail. Je le vois mais dès que je clique dessus j'ai l'erreur "l'application c: ne peutê tre éxécutée en mode Win32". Alors que j'arrive à acceder à mes lettres réseau. 3-Je n'arrive pas à lancer de rapport Hijackthis. Je fais quoi d'après vous . Je reformate ou vous avez une autre solution ? Merci de votre réponse

Ok, ça a l'air de mieux fonctionner. Merci pour le moment et si jamais j'ai un problème je re-poste un message. A+

Le voila: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:27, on 2008-06-25 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\agrsmsvc.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe C:\Program Files\Fichiers communs\SmartCom\Services\SmartcomSCPService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe C:\WINDOWS\system32\TODDSrv.exe c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe C:\WINDOWS\TEMP\ZF1DF2.EXE c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\WINDOWS\system32\TPSMain.exe C:\WINDOWS\system32\TDispVol.exe C:\WINDOWS\system32\ZoomingHook.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe C:\Program Files\ltmoh\Ltmoh.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\SmartCom\WellPhone XT Sagem\WellPhone2.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\WinZip\WZQKPICK.EXE c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\explorer.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://172.16.1.5/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O4 - HKLM\..\Run: [startCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [TDispVol] TDispVol.exe O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [setAudioDevice] "c:\windows\oemdrv\swhelper\XP_SetAnalogToDefault.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [WellPhone XT Sagem] "C:\Program Files\SmartCom\WellPhone XT Sagem\WellPhone2.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - https://projets.oleane.com/qp2.cab O16 - DPF: {21F49842-BFA9-11D2-A89C-00104B62BDDA} (ChartFX Internet Control) - http://www.fruits-et-legumes.net/download/CfxIEAx.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1204783174282 O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://bobtv.fr/download/cfweb_www.bobtv.f..._instmodule.exe O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = nicolas.siege O17 - HKLM\Software\..\Telephony: DomainName = nicolas.siege O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = nicolas.siege O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Scan en temps réel Trend Micro Client/Server Security Agent (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe O23 - Service: Pare-feu personnel Trend Micro Client/Server Security Agent (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe O23 - Service: SmartcomSCPService - Smartcom - C:\Program Files\Fichiers communs\SmartCom\Services\SmartcomSCPService.exe O23 - Service: Trend Micro Client-Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 12399 bytes

Voici le nouveau rapport : ComboFix 08-06-20.4 - nicolas 2008-06-25 12:02:00.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1402 [GMT 2:00] Endroit: C:\Documents and Settings\nicolas\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\nicolas\Bureau\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! FILE :: C:\WINDOWS\system32\byXNgdDu.dll C:\WINDOWS\system32\pmnKeCsR.dll C:\WINDOWS\system32\porbcsjv.dll C:\WINDOWS\system32\rqRHwVoN.dll C:\WINDOWS\system32\vjscbrop.ini . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\porbcsjv.dll C:\WINDOWS\system32\vjscbrop.ini . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-25 to 2008-06-25 )))))))))))))))))))))))))))))))))))) . 2008-06-25 09:51 . 2008-06-25 09:45 2,037,114 --a------ C:\ComboFix.exe 2008-06-23 17:16 . 2008-05-14 13:55 812,344 --a------ C:\HJTInstall.exe 2008-06-23 17:08 . 2008-05-15 21:21 570,657 --a------ C:\Navilog1.exe 2008-06-23 10:32 . 2008-06-23 17:14 <REP> d-------- C:\Program Files\Navilog1 2008-06-21 23:05 . 2008-06-23 07:56 544 --a------ C:\WINDOWS\wininit.ini 2008-06-21 22:35 . 2008-06-25 11:52 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-06-21 22:35 . 2008-06-25 11:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-06-16 07:11 . 2008-06-16 07:11 <REP> d-------- C:\Program Files\LogicFunctions 2008-06-10 21:54 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-10 21:54 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-10 21:54 . 2008-05-08 14:28 202,752 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-06-04 22:56 . 2008-06-04 22:56 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\Apple Computer 2008-06-04 22:55 . 2008-06-04 22:56 <REP> d-------- C:\Program Files\iTunes 2008-06-04 22:55 . 2008-06-04 22:55 <REP> d-------- C:\Program Files\iPod 2008-06-04 22:55 . 2008-06-04 22:55 <REP> d-------- C:\Program Files\Fichiers communs\Apple 2008-06-04 22:50 . 2008-06-04 22:50 <REP> d-------- C:\Program Files\Apple Software Update 2008-06-04 22:50 . 2008-06-04 22:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple 2008-06-02 18:18 . 2008-06-02 18:18 1,507 --a------ C:\WINDOWS\system32\Adiboud'chou.lnk 2008-06-02 18:17 . 2008-06-02 18:17 <REP> d-------- C:\coktel 2008-05-26 16:03 . 2008-06-25 12:05 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-05-26 16:03 . 2008-06-04 22:56 1,409 --a------ C:\WINDOWS\QTFont.for 2008-05-26 16:02 . 2008-05-26 16:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-05-26 15:59 . 2008-05-26 16:03 <REP> d-------- C:\Program Files\QuickTime 2008-05-26 15:45 . 2008-05-26 15:45 <REP> d-------- C:\Program Files\iWizz 2008-05-26 15:45 . 2008-05-31 15:37 <REP> d-------- C:\Documents and Settings\nicolas\iWizz 2008-05-26 15:45 . 2008-05-26 15:45 <REP> d-------- C:\Documents and Settings\nicolas\.bitrock . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-25 09:50 --------- d-----w C:\Program Files\Microsoft Works 2008-06-25 09:47 --------- d-----w C:\Documents and Settings\nicolas\Application Data\Skype 2008-06-25 07:16 --------- d-----w C:\Documents and Settings\nicolas\Application Data\skypePM 2008-06-25 07:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-06-23 15:16 --------- d-----w C:\Program Files\Trend Micro 2008-05-19 20:08 --------- d-----w C:\Documents and Settings\nicolas\Application Data\InterVideo 2008-05-18 18:44 --------- d-----w C:\Program Files\Google 2008-05-17 19:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-04-29 07:27 --------- d-----w C:\Program Files\SmartCom 2008-04-29 07:27 --------- d-----w C:\Program Files\Fichiers communs\SmartCom 2008-04-26 17:32 --------- d-----w C:\Program Files\VirginMega 2008-04-26 17:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-04-02 08:48 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat 2006-12-12 10:13 32,768 ----a-w C:\Documents and Settings\All Users\Application Data\EBLib.dll 2006-07-28 15:25 19,456 ----a-w C:\Documents and Settings\All Users\Application Data\LPCFilter.sys . ((((((((((((((((((((((((((((( snapshot@2008-06-25_10.31.09.54 ))))))))))))))))))))))))))))))))))))))))) . - 2008-03-11 11:16:13 997,992 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll + 2008-06-25 09:49:44 1,000,848 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll - 2008-03-11 11:16:13 1,100,392 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll + 2008-06-25 09:50:33 1,103,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll - 2008-03-11 11:16:14 141,928 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll + 2008-06-25 09:50:34 144,784 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll - 2008-03-11 11:16:14 408,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll + 2008-06-25 09:50:42 411,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll - 2008-03-11 11:16:14 35,448 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll + 2008-06-25 09:50:39 38,304 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll - 2008-03-11 11:16:14 461,416 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll + 2008-06-25 09:50:24 464,272 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll - 2008-03-11 11:16:14 223,856 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll + 2008-06-25 09:50:44 226,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll - 2008-03-11 11:16:14 20,080 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll + 2008-06-25 09:50:27 22,928 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll - 2008-03-11 11:16:14 662,120 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll + 2008-06-25 09:50:50 664,968 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll - 2008-03-11 11:16:13 371,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll + 2008-06-25 09:50:26 374,152 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll - 2008-03-11 11:16:14 64,088 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll + 2008-06-25 09:50:06 66,936 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll - 2008-03-11 11:16:14 223,800 ----a-w C:\WINDOWS\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL + 2008-06-25 09:49:55 226,656 ----a-w C:\WINDOWS\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL - 2008-06-25 08:27:12 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-25 10:04:37 2,048 --s-a-w C:\WINDOWS\bootstat.dat - 2008-04-14 15:52:45 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys + 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys + 2008-03-11 11:16:13 997,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\ACCESS.DLL + 2003-07-15 10:13:58 166,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\ACCWIZ.DLL + 2003-07-15 05:43:20 87,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\ADDRPARS.DLL + 2003-07-15 05:57:34 38,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL + 2003-07-15 05:53:06 94,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\AW.DLL + 2003-07-14 21:53:24 60,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\BLNMGR.DLL + 2003-07-14 21:53:22 46,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\BLNMGRPS.DLL + 2003-07-15 02:14:28 350,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\CDLMSO.DLL + 2003-07-15 10:18:12 47,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\DFUICOM.EXE + 2003-07-26 01:57:20 75,832 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\DLGSETP.DLL + 2003-07-15 05:56:54 14,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\DSITF.DLL + 2003-07-15 05:57:14 98,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\DSSM.EXE + 2003-07-31 22:19:52 131,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\ENVELOPE.DLL + 2003-08-13 09:34:38 10,073,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\EXCEL.EXE + 2008-03-11 11:16:13 1,100,392 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\EXCELPIA.DLL + 2003-07-15 05:41:44 13,368 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\FINDER.EXE + 2002-10-07 16:49:36 192,573 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\FORM.DLL + 2008-03-11 11:16:13 371,296 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\FORMSPIA.DLL + 2003-07-24 06:01:40 1,949,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\FPCUTL.DLL + 2003-07-15 06:36:14 186,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\FPDTC.DLL + 2003-07-15 05:40:12 179,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL + 2003-07-26 02:00:16 1,157,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\FPSRVUTL.DLL + 2003-07-26 02:14:50 799,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\FPWEC.DLL + 2003-07-15 06:11:42 2,139,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\GRAPH.EXE + 2008-03-11 11:16:14 141,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\GRAPHPIA.DLL + 2003-07-15 05:53:50 161,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\IETAG.DLL + 2003-07-24 05:32:32 121,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\IMPMAIL.DLL + 2003-05-28 22:42:48 514,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\INTLNAME.DLL + 2003-06-19 00:31:44 758,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MDIGRAPH.DLL + 2003-06-19 00:31:10 252,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL + 2003-06-19 00:31:48 17,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MDIMON.DLL + 2003-06-19 00:31:48 18,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MDIPPR.DLL + 2003-06-19 00:31:46 35,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MDIUI.DLL + 2003-06-19 00:31:34 443,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MDIVWCTL.DLL + 2003-05-28 22:42:50 342,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\METCONV.DLL + 2003-07-15 05:46:08 176,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MIMEDIR.DLL + 2003-07-15 06:01:44 445,496 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MODHELP.DLL + 2003-08-15 07:54:08 6,627,392 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSACCESS.EXE + 2003-07-15 10:13:58 130,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSAEXP30.DLL + 2003-07-15 05:57:14 124,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSB1CORE.DLL + 2003-07-15 06:12:22 47,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSB1XTOR.DLL + 2003-07-14 21:58:04 230,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSCDM.DLL + 2003-07-15 05:56:14 40,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSE7.EXE + 2003-07-15 05:51:44 87,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL + 2003-07-15 10:14:00 139,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSJSPP40.DLL + 2003-07-15 05:52:52 17,464 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSMH.DLL + 2003-08-08 07:23:16 12,172,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSO.DLL + 2003-07-14 21:57:16 120,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL + 2003-07-15 02:14:18 106,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOCF.DLL + 2003-07-23 21:35:26 127,032 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOCFU.DLL + 2003-07-15 05:52:52 27,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL + 2003-07-15 05:44:06 25,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL + 2003-07-15 05:52:56 55,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE + 2003-07-15 05:56:16 54,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOMSE.DLL + 2003-07-15 10:18:52 376,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL + 2003-07-14 21:52:54 28,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL + 2003-07-15 05:52:52 35,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL + 2003-07-15 05:53:00 55,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOSVABW.DLL + 2003-07-15 05:53:20 39,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL + 2003-07-15 05:46:16 42,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL + 2003-07-15 05:45:12 55,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE + 2003-07-15 05:45:12 39,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL + 2003-06-19 00:31:24 1,033,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSPCORE.DLL + 2003-06-19 00:31:54 788,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSPFILT.DLL + 2003-06-19 00:31:50 16,384 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL + 2003-06-19 23:05:52 128,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSPSCAN.EXE + 2003-06-19 23:05:50 364,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE + 2003-07-15 06:02:42 637,496 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSQRY32.EXE + 2003-07-15 05:52:58 41,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSSH.DLL + 2008-03-11 11:16:14 20,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSTAGPIA.DLL + 2003-07-15 06:02:14 627,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSTORDB.EXE + 2003-07-15 05:56:24 124,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSTORE.EXE + 2003-07-24 05:40:00 482,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSTORES.DLL + 2003-07-15 06:00:54 145,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL + 2003-07-15 05:57:10 56,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\NAME.DLL + 2003-07-15 05:56:52 13,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL + 2003-06-19 00:31:58 6,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OCRPS.DLL + 2008-03-11 11:16:14 223,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OFFICE.DLL + 2003-07-15 10:14:26 283,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OIS.EXE + 2003-07-15 10:14:26 828,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OISAPP.DLL + 2003-07-15 10:14:26 27,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OISCTRL.DLL + 2003-07-15 10:14:26 242,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL + 2008-03-11 11:16:14 35,448 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OLCTLPIA.DLL + 2003-07-15 06:05:24 1,054,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OMFC.DLL + 2003-07-15 06:05:24 1,054,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OMFC.DLL_0002 + 2003-07-14 21:53:08 95,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OSA.EXE + 2003-07-15 05:41:56 24,640 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OUTLACCT.DLL + 2003-07-15 05:44:34 102,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OUTLCTL.DLL + 2003-08-10 06:06:42 7,522,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OUTLLIB.DLL + 2003-07-15 05:44:32 88,128 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OUTLMIME.DLL + 2003-07-15 05:45:18 196,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OUTLOOK.EXE + 2003-07-15 05:43:48 139,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OUTLPH.DLL + 2008-03-11 11:16:14 408,176 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OUTLPIA.DLL + 2003-07-15 05:43:18 64,056 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OUTLRPC.DLL + 2003-07-15 05:43:16 49,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OUTLWAB.DLL + 2003-08-04 20:19:34 7,330,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OWC10.DLL + 2003-08-01 22:09:04 8,086,072 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OWC11.DLL + 2008-03-11 11:16:14 461,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\OWC11PIA.DLL + 2003-07-30 19:40:40 6,133,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\POWERPNT.EXE + 2003-07-15 10:18:54 430,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\PP4X322.DLL + 2003-07-15 10:18:44 93,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL + 2008-03-11 11:16:14 223,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\PPTPIA.DLL + 2003-07-31 22:21:08 1,782,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\PPTVIEW.EXE + 2002-10-07 17:11:00 167,997 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\PSOM.DLL + 2003-07-15 05:42:26 37,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\RECALL.DLL + 2003-05-09 04:54:00 77,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL + 2003-07-15 05:57:08 40,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL + 2002-10-07 16:49:42 81,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\REVERSE.DLL + 2003-07-15 05:43:30 74,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\RM.DLL + 2003-07-21 18:46:38 390,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\RTFHTML.DLL + 2003-07-15 05:57:18 349,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\SELFCERT.EXE + 2003-07-15 05:44:16 66,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\SENDTO.DLL + 2003-07-14 21:57:08 58,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL + 2003-08-06 20:31:22 362,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\SETLANG.EXE + 2003-07-15 05:53:14 11,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE + 2003-08-06 20:26:18 445,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\SOA.DLL + 2003-08-03 17:52:32 2,808,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\STSLIST.DLL + 2002-10-07 16:53:04 106,561 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\THOCRAPI.DLL + 2003-07-15 06:00:22 99,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\TRANSMGR.DLL + 2002-10-07 16:50:44 241,729 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\TWCUTCHR.DLL + 2002-10-07 16:51:04 180,289 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\TWCUTLIN.DLL + 2002-10-07 16:51:14 147,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\TWLAY32.DLL + 2002-10-07 16:51:20 102,467 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\TWORIENT.DLL + 2002-10-07 16:50:04 118,847 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\TWRECE.DLL + 2002-10-07 16:49:56 81,983 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\TWRECS.DLL + 2002-10-07 16:51:44 221,252 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\TWSTRUCT.DLL + 2003-07-15 05:57:40 59,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\UNBIND.EXE + 2003-07-03 22:19:36 2,502,656 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\VBE6.DLL + 2008-03-11 11:16:14 64,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\VBIDEPIA.DLL + 2003-08-06 20:24:20 12,037,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\WINWORD.EXE + 2008-03-11 11:16:14 662,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\WORDPIA.DLL + 2002-10-07 17:03:34 1,794,113 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\XIMAGE3B.DLL + 2003-04-30 18:52:32 1,581,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\XPAGE3C.DLL + 2003-01-17 21:03:34 59,466 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.5614\XSCAN32.DAT + 2001-06-05 15:13:22 289,926 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\ENGDIC.DAT + 2001-06-05 15:13:22 34,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\ENGIDX.DAT + 2001-06-05 15:13:24 18,844 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\JFONT.DAT + 2001-06-05 15:13:26 65,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\LOOKUP.DAT + 2005-05-03 23:06:28 465,640 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL + 2005-05-03 23:06:30 1,411,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL + 2005-05-03 23:06:24 199,408 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL + 2006-09-26 20:01:30 2,113,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\MSOLAP80.DLL + 2001-10-23 07:13:42 53,260 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\OCRHC.DAT + 2001-06-05 15:13:26 40,972 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\OCRVC.DAT - 2008-06-11 15:06:39 593,920 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\accicons.exe + 2008-06-25 09:51:00 593,920 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\accicons.exe - 2008-06-11 15:06:39 12,288 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe + 2008-06-25 09:51:00 12,288 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe - 2008-06-11 15:06:38 135,168 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\misc.exe + 2008-06-25 09:50:59 135,168 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\misc.exe - 2008-06-11 15:06:39 11,264 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe + 2008-06-25 09:51:00 11,264 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe - 2008-06-11 15:06:39 27,136 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2008-06-25 09:51:00 27,136 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe - 2008-06-11 15:06:39 4,096 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe + 2008-06-25 09:51:00 4,096 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe - 2008-06-11 15:06:39 794,624 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2008-06-25 09:51:00 794,624 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\outicon.exe - 2008-06-11 15:06:39 249,856 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pptico.exe + 2008-06-25 09:51:00 249,856 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pptico.exe - 2008-06-11 15:06:38 61,440 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pubs.exe + 2008-06-25 09:51:00 61,440 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pubs.exe - 2008-06-11 15:06:39 23,040 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe + 2008-06-25 09:51:00 23,040 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe - 2008-06-11 15:06:38 286,720 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe + 2008-06-25 09:50:59 286,720 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2008-06-11 15:06:38 409,600 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2008-06-25 09:50:59 409,600 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe - 2006-10-26 13:10:08 1,190,688 ----a-w C:\WINDOWS\system32\FM20.DLL + 2007-06-06 08:53:34 1,195,888 ----a-w C:\WINDOWS\system32\FM20.DLL - 2003-06-19 00:31:48 17,920 ----a-w C:\WINDOWS\system32\mdimon.dll + 2007-04-09 11:23:54 28,040 ----a-w C:\WINDOWS\system32\mdimon.dll - 2003-06-19 00:31:44 758,784 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll + 2007-04-09 11:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll - 2003-06-19 00:31:46 35,328 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll + 2007-04-09 11:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll - 2003-06-19 00:31:44 758,784 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll + 2007-04-09 11:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll - 2003-06-19 00:31:46 35,328 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll + 2007-04-09 11:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll - 2003-06-19 00:31:48 18,944 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll + 2007-04-09 11:23:54 28,552 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll + 2005-12-16 04:06:46 172,099 ----a-w C:\WINDOWS\TEMP\ZF1DF2.EXE . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ={750fdf0e-2a26-11d1-a3ea-080036587f03} ={4E77131D-3629-431c-9818-C5679DC83E81} ={99FD978C-D287-4F50-827F-B2C658EDA8E7} ={AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} ={920E6DB1-9907-4370-B3A0-BAFC03D81399} ={16F3DD56-1AF5-4347-846D-7C10C4192619} ={2916C86E-86A6-43FE-8112-43ABE6BF8DCC} ={b32a6748-f273-4546-b60a-3c5adc239de5} ={36A21736-36C2-4C11-8ACB-D4136F2B57BD} ={EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} ={666C7833-A9B6-4AB4-94ED-DC238C81E925} ={1F038B9D-83F5-4b28-BA76-8654EC297DD6} ={A825576B-0042-4F0F-8FB0-93CE0F054E69} "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360] "LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2007-01-09 15:23 191552] "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 17:08 65536] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184] "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 10:42 202088] "WellPhone XT Sagem"="C:\Program Files\SmartCom\WellPhone XT Sagem\WellPhone2.exe" [2008-04-09 14:27 1888920] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-09 08:30 68856] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 17:22 21898024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 13:35 90112] "RTHDCPL"="RTHDCPL.EXE" [2007-08-10 16:21 16384000 C:\WINDOWS\RTHDCPL.exe] "CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2007-07-06 07:49 651264] "HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-05-01 14:45 28672] "SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2006-05-25 12:17 65536] "TPSMain"="TPSMain.exe" [2005-08-12 12:14 266240 C:\WINDOWS\system32\TPSMain.exe] "TDispVol"="TDispVol.exe" [2005-12-27 14:06 73728 C:\WINDOWS\system32\TDispVol.exe] "Zooming"="ZoomingHook.exe" [2005-06-06 10:58 24576 C:\WINDOWS\system32\ZoomingHook.exe] "SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2007-05-11 12:59 143360] "NDSTray.exe"="NDSTray.exe" [] "DDWMon"="C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe" [2007-04-26 12:49 495616] "topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 10:24 581632] "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2007-06-01 06:40 53248] "SetAudioDevice"="c:\windows\oemdrv\swhelper\XP_SetAnalogToDefault.exe" [2007-09-10 18:17 200704] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-23 23:40 196608] "Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" [2007-05-22 11:50 413696] "OfficeScanNT Monitor"="C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" [2005-12-16 06:09 372813] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-26 15:59 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] "TCtryIOHook"="TCtrlIOHook.exe" [2007-06-30 09:18 28672 C:\WINDOWS\system32\TCtrlIOHook.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify] PCANotify.dll 2002-02-15 11:51 24638 C:\WINDOWS\system32\PCANotify.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\Program Files\\Symantec\\pcAnywhere\\winaw32.exe"= "C:\\Program Files\\Symantec\\pcAnywhere\\awhost32.exe"= "C:\\Program Files\\Symantec\\pcAnywhere\\awrem32.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "33162:TCP"= 33162:TCP:TCPEMULE "50813:UDP"= 50813:UDP:UDPEMULE R2 SmartcomSCPService;SmartcomSCPService;C:\Program Files\Fichiers communs\SmartCom\Services\SmartcomSCPService.exe [2008-04-09 14:27] R2 tdudf;TOSHIBA UDF File System Driver;C:\WINDOWS\system32\DRIVERS\tdudf.sys [2007-03-26 13:22] R2 trudf;TOSHIBA DVD-RAM UDF File System Driver;C:\WINDOWS\system32\DRIVERS\trudf.sys [2007-02-19 13:15] S3 TpChoice;Touch Pad Detection Filter driver;C:\WINDOWS\system32\DRIVERS\TpChoice.sys [] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f939d10-0074-11dd-9f0e-000b0d82196c}] \Shell\AutoRun\command - E:\InstallTomTomHOME.exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-06-13 13:52:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-25 12:05:53 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\agrsmsvc.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Trend Micro\Client Server Security Agent\NTRtScan.exe C:\Program Files\Trend Micro\Client Server Security Agent\TmListen.exe C:\WINDOWS\system32\TODDSrv.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe C:\WINDOWS\TEMP\ZF1DF2.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Toshiba\TOSHIBA Direct Disc Writer\DDWMon.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe C:\Program Files\Apoint2K\ApntEx.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\iPod\bin\iPodService.exe . ************************************************************************** . Temps d'accomplissement: 2008-06-25 12:08:38 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-25 10:08:34 ComboFix2.txt 2008-06-25 08:31:24 Pre-Run: 140,357,255,168 octets libres Post-Run: 140,364,460,032 octets libres 410 --- E O F --- 2008-06-25 09:51:38

Bonjour, Avec un peu de retard, voici le rapport de combofix: ComboFix 08-06-20.4 - nicolas 2008-06-25 10:24:09.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1239 [GMT 2:00] Endroit: C:\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\cookies.ini C:\WINDOWS\system32\bggidhvw.ini C:\WINDOWS\system32\dghhekck.ini C:\WINDOWS\system32\dpysxjiy.dll C:\WINDOWS\system32\edwvduwv.ini C:\WINDOWS\system32\geBsSmJd.dll C:\WINDOWS\system32\gpwsfglk.ini C:\WINDOWS\system32\khfCtsRl.dll C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\NoVwHRqr.ini C:\WINDOWS\system32\NoVwHRqr.ini2 C:\WINDOWS\system32\OpYJmUtv.ini C:\WINDOWS\system32\OpYJmUtv.ini2 C:\WINDOWS\system32\qoMeDWon.dll C:\WINDOWS\system32\RsCeKnmp.ini C:\WINDOWS\system32\RsCeKnmp.ini2 C:\WINDOWS\system32\sjfdomwk.ini C:\WINDOWS\system32\uDdgNXyb.ini C:\WINDOWS\system32\uDdgNXyb.ini2 C:\WINDOWS\system32\vjscbrop.ini C:\WINDOWS\system32\vtUmJYpO.dll C:\WINDOWS\system32\weoebeii.ini C:\WINDOWS\system32\yijxsypd.ini . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-25 to 2008-06-25 )))))))))))))))))))))))))))))))))))) . 2008-06-25 10:28 . 2008-06-25 10:28 294 ---hs---- C:\WINDOWS\system32\vjscbrop.ini 2008-06-25 09:51 . 2008-06-25 09:45 2,037,114 --a------ C:\ComboFix.exe 2008-06-25 08:59 . 2008-06-25 08:59 92,032 --a------ C:\WINDOWS\system32\porbcsjv.dll 2008-06-23 17:16 . 2008-05-14 13:55 812,344 --a------ C:\HJTInstall.exe 2008-06-23 17:08 . 2008-05-15 21:21 570,657 --a------ C:\Navilog1.exe 2008-06-23 10:32 . 2008-06-23 17:14 <REP> d-------- C:\Program Files\Navilog1 2008-06-21 23:05 . 2008-06-23 07:56 544 --a------ C:\WINDOWS\wininit.ini 2008-06-21 22:35 . 2008-06-21 22:35 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-06-21 22:35 . 2008-06-21 23:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-06-16 07:11 . 2008-06-16 07:11 <REP> d-------- C:\Program Files\LogicFunctions 2008-06-10 21:54 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-10 21:54 . 2008-04-14 17:52 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-10 21:54 . 2008-05-08 14:28 202,752 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-06-04 22:56 . 2008-06-04 22:56 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\Apple Computer 2008-06-04 22:55 . 2008-06-04 22:56 <REP> d-------- C:\Program Files\iTunes 2008-06-04 22:55 . 2008-06-04 22:55 <REP> d-------- C:\Program Files\iPod 2008-06-04 22:55 . 2008-06-04 22:55 <REP> d-------- C:\Program Files\Fichiers communs\Apple 2008-06-04 22:50 . 2008-06-04 22:50 <REP> d-------- C:\Program Files\Apple Software Update 2008-06-04 22:50 . 2008-06-04 22:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple 2008-06-02 18:18 . 2008-06-02 18:18 1,507 --a------ C:\WINDOWS\system32\Adiboud'chou.lnk 2008-06-02 18:17 . 2008-06-02 18:17 <REP> d-------- C:\coktel 2008-05-26 16:03 . 2008-06-25 10:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-05-26 16:03 . 2008-06-04 22:56 1,409 --a------ C:\WINDOWS\QTFont.for 2008-05-26 16:02 . 2008-05-26 16:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-05-26 15:59 . 2008-05-26 16:03 <REP> d-------- C:\Program Files\QuickTime 2008-05-26 15:45 . 2008-05-26 15:45 <REP> d-------- C:\Program Files\iWizz 2008-05-26 15:45 . 2008-05-31 15:37 <REP> d-------- C:\Documents and Settings\nicolas\iWizz 2008-05-26 15:45 . 2008-05-26 15:45 <REP> d-------- C:\Documents and Settings\nicolas\.bitrock . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-25 07:59 --------- d-----w C:\Documents and Settings\nicolas\Application Data\Skype 2008-06-25 07:16 --------- d-----w C:\Documents and Settings\nicolas\Application Data\skypePM 2008-06-25 07:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-06-23 15:16 --------- d-----w C:\Program Files\Trend Micro 2008-05-19 20:08 --------- d-----w C:\Documents and Settings\nicolas\Application Data\InterVideo 2008-05-18 18:44 --------- d-----w C:\Program Files\Google 2008-05-17 19:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-04-29 07:27 --------- d-----w C:\Program Files\SmartCom 2008-04-29 07:27 --------- d-----w C:\Program Files\Fichiers communs\SmartCom 2008-04-26 17:32 --------- d-----w C:\Program Files\VirginMega 2008-04-26 17:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-04-02 08:48 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat 2006-12-12 10:13 32,768 ----a-w C:\Documents and Settings\All Users\Application Data\EBLib.dll 2006-07-28 15:25 19,456 ----a-w C:\Documents and Settings\All Users\Application Data\LPCFilter.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18CB1A7B-94CD-4582-8022-ADA16851E44B}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1D6931F4-6F48-424C-AD55-3D3AA5EA2BF8}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2B5283D6-D1D7-4E2C-AB8F-5F4EA100B3A4}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3C8CD028-388B-4D29-95D7-F009A1E528C3}] C:\WINDOWS\system32\byXNgdDu.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{40C03EF5-7404-4C79-ABC9-EFF154970A51}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{507E876F-B290-4448-8E9F-A6EDC3B6D58E}] C:\WINDOWS\system32\rqRHwVoN.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{84327C78-174F-4AF7-A6F0-B1B64E54EEB9}] C:\WINDOWS\system32\pmnKeCsR.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CADCDC1E-7960-4EB0-8A52-BD5416B17CA6}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360] "LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2007-01-09 15:23 191552] "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 17:08 65536] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184] "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 10:42 202088] "WellPhone XT Sagem"="C:\Program Files\SmartCom\WellPhone XT Sagem\WellPhone2.exe" [2008-04-09 14:27 1888920] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-09 08:30 68856] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 17:22 21898024] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 13:35 90112] "RTHDCPL"="RTHDCPL.EXE" [2007-08-10 16:21 16384000 C:\WINDOWS\RTHDCPL.exe] "CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2007-07-06 07:49 651264] "HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-05-01 14:45 28672] "SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2006-05-25 12:17 65536] "TPSMain"="TPSMain.exe" [2005-08-12 12:14 266240 C:\WINDOWS\system32\TPSMain.exe] "TDispVol"="TDispVol.exe" [2005-12-27 14:06 73728 C:\WINDOWS\system32\TDispVol.exe] "Zooming"="ZoomingHook.exe" [2005-06-06 10:58 24576 C:\WINDOWS\system32\ZoomingHook.exe] "SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2007-05-11 12:59 143360] "NDSTray.exe"="NDSTray.exe" [] "DDWMon"="C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe" [2007-04-26 12:49 495616] "topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 10:24 581632] "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2007-06-01 06:40 53248] "SetAudioDevice"="c:\windows\oemdrv\swhelper\XP_SetAnalogToDefault.exe" [2007-09-10 18:17 200704] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-23 23:40 196608] "Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" [2007-05-22 11:50 413696] "OfficeScanNT Monitor"="C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" [2005-12-16 06:09 372813] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-26 15:59 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] "TFncKy"="TFncKy.exe" [] "TCtryIOHook"="TCtrlIOHook.exe" [2007-06-30 09:18 28672 C:\WINDOWS\system32\TCtrlIOHook.exe] "b893de0a"="C:\WINDOWS\system32\porbcsjv.dll" [2008-06-25 08:59 92032] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\geBsSmJd] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify] PCANotify.dll 2002-02-15 11:51 24638 C:\WINDOWS\system32\PCANotify.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\Program Files\\Symantec\\pcAnywhere\\winaw32.exe"= "C:\\Program Files\\Symantec\\pcAnywhere\\awhost32.exe"= "C:\\Program Files\\Symantec\\pcAnywhere\\awrem32.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "33162:TCP"= 33162:TCP:TCPEMULE "50813:UDP"= 50813:UDP:UDPEMULE R2 SmartcomSCPService;SmartcomSCPService;C:\Program Files\Fichiers communs\SmartCom\Services\SmartcomSCPService.exe [2008-04-09 14:27] R2 tdudf;TOSHIBA UDF File System Driver;C:\WINDOWS\system32\DRIVERS\tdudf.sys [2007-03-26 13:22] R2 trudf;TOSHIBA DVD-RAM UDF File System Driver;C:\WINDOWS\system32\DRIVERS\trudf.sys [2007-02-19 13:15] S3 TpChoice;Touch Pad Detection Filter driver;C:\WINDOWS\system32\DRIVERS\TpChoice.sys [] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f939d10-0074-11dd-9f0e-000b0d82196c}] \Shell\AutoRun\command - E:\InstallTomTomHOME.exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-06-13 13:52:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-25 10:28:24 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... C:\WINDOWS\system32\vjscbrop.ini 294 bytes Scan termin‚ avec succŠs Les fichiers cach‚s: 1 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\agrsmsvc.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Trend Micro\Client Server Security Agent\NTRtScan.exe C:\Program Files\Trend Micro\Client Server Security Agent\TmListen.exe C:\WINDOWS\system32\TODDSrv.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe C:\WINDOWS\Temp\AT5C10.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Toshiba\TOSHIBA Direct Disc Writer\DDWMon.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Toshiba\Commandes TOSHIBA\TFncKy.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe C:\Program Files\Apoint2K\ApntEx.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\iPod\bin\iPodService.exe . ************************************************************************** . Temps d'accomplissement: 2008-06-25 10:31:23 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-25 08:31:20 Pre-Run: 140,970,438,656 octets libres Post-Run: 140,922,863,616 octets libres 219 --- E O F --- 2008-06-11 15:08:03

Bonjour, Je vous poste un rapport d'HijackThis car depuis quelques temps j'ai des pop-up et le pc est très ralenti. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:16:38, on 23/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\agrsmsvc.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe C:\Program Files\Fichiers communs\SmartCom\Services\SmartcomSCPService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\TODDSrv.exe c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe C:\WINDOWS\TEMP\XTF027.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\system32\TPSMain.exe C:\WINDOWS\system32\TDispVol.exe C:\WINDOWS\system32\ZoomingHook.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ltmoh\Ltmoh.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\SmartCom\WellPhone XT Sagem\WellPhone2.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://172.16.1.5/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: LogicFunctions module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - (no file) O2 - BHO: (no name) - {1D6931F4-6F48-424C-AD55-3D3AA5EA2BF8} - C:\WINDOWS\system32\geBsSmJd.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {3C8CD028-388B-4D29-95D7-F009A1E528C3} - C:\WINDOWS\system32\byXNgdDu.dll (file missing) O2 - BHO: (no name) - {507E876F-B290-4448-8E9F-A6EDC3B6D58E} - C:\WINDOWS\system32\rqRHwVoN.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {84327C78-174F-4AF7-A6F0-B1B64E54EEB9} - C:\WINDOWS\system32\pmnKeCsR.dll (file missing) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [startCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [TDispVol] TDispVol.exe O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [setAudioDevice] "c:\windows\oemdrv\swhelper\XP_SetAnalogToDefault.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [b893de0a] rundll32.exe "C:\WINDOWS\system32\kckehhgd.dll",b O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\RunOnce: [spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [spybotDeletingA357] command /c del "C:\WINDOWS\system32\byXNgdDu.dll_old" O4 - HKLM\..\RunOnce: [spybotDeletingC3486] cmd /c del "C:\WINDOWS\system32\byXNgdDu.dll_old" O4 - HKLM\..\RunOnce: [spybotDeletingA5109] command /c del "C:\WINDOWS\system32\rqRHwVoN.dll_old" O4 - HKLM\..\RunOnce: [spybotDeletingC6404] cmd /c del "C:\WINDOWS\system32\rqRHwVoN.dll_old" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [WellPhone XT Sagem] "C:\Program Files\SmartCom\WellPhone XT Sagem\WellPhone2.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - https://projets.oleane.com/qp2.cab O16 - DPF: {21F49842-BFA9-11D2-A89C-00104B62BDDA} (ChartFX Internet Control) - http://www.fruits-et-legumes.net/download/CfxIEAx.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1204783174282 O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://bobtv.fr/download/cfweb_www.bobtv.f..._instmodule.exe O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = NICOLAS.siege O17 - HKLM\Software\..\Telephony: DomainName = NICOLAS.siege O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = NICOLAS.siege O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: geBsSmJd - C:\WINDOWS\SYSTEM32\geBsSmJd.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Scan en temps réel Trend Micro Client/Server Security Agent (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe O23 - Service: Pare-feu personnel Trend Micro Client/Server Security Agent (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe O23 - Service: SmartcomSCPService - Smartcom - C:\Program Files\Fichiers communs\SmartCom\Services\SmartcomSCPService.exe O23 - Service: Trend Micro Client-Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 14413 bytes

Bonjour, Comme indiqué dans le sujet, je voudrais imprimer mon mail reçu sous Outlook 2003 avec la liste de mes pièces jointes. Avez-vous une idée ? - Merci

Bonjour, Je trouve qu'après toutes ces manips, j'ai retrouvé une certaine réactivité de mon portable. Je te remercie pour ton aide et te dis à bientot sur le forum

Bonjour, Voici le rapport Navilog1 : Clean Navipromo version 3.5.8 commencé le 17/06/2008 à 16:41:03,48 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "CHRISTIAN" Mise à jour le 06.06.2008 à 18h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.13 Système de fichiers : FAT32 Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** Creation backups fichiers trouvés par Catchme *** Copie vers "C:\Program Files\navilog1\Backupnavi" *** Suppression des fichiers trouvés avec Catchme *** ** 2ème passage avec résultats Catchme ** * Dans "C:\WINDOWS\system32" * ukyukoy.exe trouvé ! Copie ukyukoy.exe réalisée avec succès ! ukyukoy.exe supprimé ! ukyukoy.dat trouvé ! Copie ukyukoy.dat réalisée avec succès ! ukyukoy.dat supprimé ! ukyukoy_nav.dat trouvé ! Copie ukyukoy_nav.dat réalisée avec succès ! ukyukoy_nav.dat supprimé ! ukyukoy_navps.dat trouvé ! Copie ukyukoy_navps.dat réalisée avec succès ! ukyukoy_navps.dat supprimé ! * Dans "C:\Documents and Settings\CHRISTIAN\locals~1\applic~1" * *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\CHRISTIAN\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\menudÉ~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\CHRISTIAN\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~2\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\CHRISTIAN\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\CHRISTIAN\menud+~1\progra~1" *** *** Suppression fichiers *** *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\CHRISTIAN\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * * Dans "C:\Documents and Settings\CHRISTIAN\locals~1\applic~1" * * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Nettoyage terminé le 17/06/2008 à 16:45:24,81 *** et le nouveau rapport dss****************************************** Deckard's System Scanner v20071014.68 Run by CHRISTIAN on 2008-06-17 16:58:29 Computer is in Normal Mode. -------------------------------------------------------------------------------- Total Physical Memory: 511 MiB (512 MiB recommended). -- HijackThis (run as CHRISTIAN.exe) ------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:58:34, on 17/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\NOTEPAD.EXE C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Orange\Synchronisation Companion\Voxsync.exe C:\Program Files\Fichiers communs\Sonic Shared\cinetray.exe C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\utilitaire\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\CHRIST~1.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iomega Automatic Backup] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Synchronisation Companion.lnk = ? O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = ? O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD42/JSCDL/jr...ows-i586-jc.cab O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8465 bytes -- Files created between 2008-05-17 and 2008-06-17 ----------------------------- 2008-06-16 14:47:09 0 d-------- C:\WINDOWS\Sun 2008-06-16 14:47:09 0 d-------- C:\Documents and Settings\CHRISTIAN\Application Data\Sun 2008-06-16 14:45:02 0 d-------- C:\Program Files\Sun 2008-06-16 14:44:10 0 d-------- C:\Program Files\Java 2008-06-16 14:43:03 0 d-------- C:\Program Files\Fichiers communs\Java 2008-06-16 14:34:48 0 d-------- C:\Program Files\Navilog1 2008-06-08 20:39:17 0 d-------- C:\WINDOWS\E80F62FF5D3C4A1984099721F2928206.TMP 2008-06-08 20:11:40 0 d-------- C:\Documents and Settings\CHRISTIAN\Application Data\Malwarebytes 2008-06-08 20:11:27 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-06-08 20:11:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-06-05 21:48:15 0 d-------- C:\Program Files\Trend Micro 2008-06-05 21:28:29 0 d-------- C:\Documents and Settings\CHRISTIAN\Application Data\Lavasoft 2008-06-05 21:28:18 0 d-------- C:\Program Files\Lavasoft 2008-06-05 20:53:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-06-05 20:52:00 0 d-------- C:\utilitaire 2008-06-03 13:46:58 0 d--hs---- C:\FOUND.028 -- Find3M Report --------------------------------------------------------------- Nothing modified in this timespan. -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [13/07/2004 14:48] "MMTray"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [20/05/2002 19:51] "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" [12/03/2007 10:22] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [25/03/2008 04:28] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [05/08/2004 05:00] "Iomega Automatic Backup"="C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe" [] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19/01/2007 12:55] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [29/06/2007 01:28] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [09/08/2005 12:01:38] Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [09/08/2005 12:01:43] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/05/2005 23:23:26] D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [12/05/2005 00:49:24] Synchronisation Companion.lnk - C:\Program Files\Orange\Synchronisation Companion\Voxsync.exe [14/10/2006 13:16:29] Sonic CinePlayer Quick Launch.lnk - C:\Program Files\Fichiers communs\Sonic Shared\cinetray.exe [18/09/2002 15:16:30] Logiciel Kodak EasyShare.lnk - C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe [14/06/2006 23:11:40] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab4208b6-9248-11db-830a-000ae4a618b7}] AutoRun\command- F:\AutoRun\Demo32.exe -- End of Deckard's System Scanner: finished at 2008-06-17 16:58:55 ------------ Pensez-vous que tout est propre ? Merci

Bonjour, Voici le rapport Navilog: Search Navipromo version 3.5.8 commencé le 16/06/2008 à 14:36:19,29 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "CHRISTIAN" Mise à jour le 06.06.2008 à 18h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.13 Système de fichiers : FAT32 Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\menudÉ~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\CHRISTIAN\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~2\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\CHRISTIAN\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\CHRISTIAN\menud+~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Fichier(s) caché(s) : C:\WINDOWS\system32\ukyukoy.exe 327680 bytes C:\WINDOWS\system32\ukyukoy.dat 16384 bytes C:\WINDOWS\system32\ukyukoy_nav.dat 442368 bytes C:\WINDOWS\system32\ukyukoy_navps.dat 16384 bytes *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * Fichiers trouvés : ukyukoy.exe trouvé ! * Recherche dans "C:\Documents and Settings\CHRISTIAN\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : ukyukoy.dat trouvé ! * Dans "C:\Documents and Settings\CHRISTIAN\locals~1\applic~1" : * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 16/06/2008 à 14:37:58,73 *** ******************************************************************************** *************** Maintenant, le rapport de Kaspersky: KASPERSKY ONLINE SCANNER 7 REPORT Monday, June 16, 2008 Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Monday, June 16, 2008 12:08:05 Records in database: 872350 Scan settings Scan using the following database extended Scan archives yes Scan mail databases yes Scan area My Computer C:\ D:\ E:\ Scan statistics Files scanned 96406 Threat name 9 Infected objects 13 Suspicious objects 0 Duration of the scan 01:28:22 File name Threat name Threats count C:\WINDOWS\ifepkfab.dll Infected: Trojan.Win32.Obfuscated.gx 1 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Télécharger des logiciels.exe Infected: Backdoor.Win32.Hupigon.bnca 1 C:\Documents and Settings\CHRISTIAN\Bureau\Télécharger des logiciels.exe Infected: Backdoor.Win32.Hupigon.bnca 1 C:\Program Files\Navilog1\reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1 C:\System Volume Information\_restore{A65CAB81-8F87-4280-8ABC-C81056D754CC}\RP473\A0140743.exe Infected: not-a-virus:Downloader.Win32.Agent.ad 1 C:\System Volume Information\_restore{A65CAB81-8F87-4280-8ABC-C81056D754CC}\RP475\A0140827.SYS Infected: Rootkit.Win32.Agent.xs 1 C:\System Volume Information\_restore{A65CAB81-8F87-4280-8ABC-C81056D754CC}\RP477\A0140878.exe Infected: Trojan.Win32.Inject.yf 1 C:\System Volume Information\_restore{A65CAB81-8F87-4280-8ABC-C81056D754CC}\RP480\A0142967.exe Infected: not-a-virus:Porn-Dialer.Win32.Glodial 1 C:\System Volume Information\_restore{A65CAB81-8F87-4280-8ABC-C81056D754CC}\RP490\A0146217.exe Infected: Trojan.Win32.Obfuscated.aqn 1 C:\Deckard\System Scanner\backup\WINDOWS\temp\79B69014.exe Infected: Trojan.Win32.Agent.eeu 1 C:\utilitaire\Navilog1.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1 D:\Documents and Settings\CHRISTIAN\Bureau\Télécharger des logiciels.exe Infected: Backdoor.Win32.Hupigon.bnca 1 D:\Révisions\Documents and Settings\CHRISTIAN\Bureau\Télécharger des logiciels.(1).exe Infected: Backdoor.Win32.Hupigon.bnca 1 The selected area was scanned. et enfin le rapport de dss: Deckard's System Scanner v20071014.68 Run by CHRISTIAN on 2008-06-16 16:38:21 Computer is in Normal Mode. -------------------------------------------------------------------------------- Total Physical Memory: 511 MiB (512 MiB recommended). -- HijackThis (run as CHRISTIAN.exe) ------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:38:35, on 16/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Orange\Synchronisation Companion\Voxsync.exe C:\Program Files\Fichiers communs\Sonic Shared\cinetray.exe C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\utilitaire\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\CHRIST~1.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [ukyukoy] c:\windows\system32\ukyukoy.exe ukyukoy O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iomega Automatic Backup] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Synchronisation Companion.lnk = ? O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = ? O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD42/JSCDL/jr...ows-i586-jc.cab O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8426 bytes -- Files created between 2008-05-16 and 2008-06-16 ----------------------------- 2008-06-16 14:47:09 0 d-------- C:\WINDOWS\Sun 2008-06-16 14:47:09 0 d-------- C:\Documents and Settings\CHRISTIAN\Application Data\Sun 2008-06-16 14:45:02 0 d-------- C:\Program Files\Sun 2008-06-16 14:44:10 0 d-------- C:\Program Files\Java 2008-06-16 14:43:03 0 d-------- C:\Program Files\Fichiers communs\Java 2008-06-16 14:34:48 0 d-------- C:\Program Files\Navilog1 2008-06-08 20:39:17 0 d-------- C:\WINDOWS\E80F62FF5D3C4A1984099721F2928206.TMP 2008-06-08 20:11:40 0 d-------- C:\Documents and Settings\CHRISTIAN\Application Data\Malwarebytes 2008-06-08 20:11:27 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-06-08 20:11:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-06-05 21:48:15 0 d-------- C:\Program Files\Trend Micro 2008-06-05 21:28:29 0 d-------- C:\Documents and Settings\CHRISTIAN\Application Data\Lavasoft 2008-06-05 21:28:18 0 d-------- C:\Program Files\Lavasoft 2008-06-05 20:53:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-06-05 20:52:00 0 d-------- C:\utilitaire 2008-06-03 13:46:58 0 d--hs---- C:\FOUND.028 -- Find3M Report --------------------------------------------------------------- Nothing modified in this timespan. -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [13/07/2004 14:48] "MMTray"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [20/05/2002 19:51] "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" [12/03/2007 10:22] "ukyukoy"="c:\windows\system32\ukyukoy.exe" [16/06/2008 14:03] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [25/03/2008 04:28] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [05/08/2004 05:00] "Iomega Automatic Backup"="C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe" [] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19/01/2007 12:55] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [29/06/2007 01:28] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [09/08/2005 12:01:38] Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [09/08/2005 12:01:43] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/05/2005 23:23:26] D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [12/05/2005 00:49:24] Synchronisation Companion.lnk - C:\Program Files\Orange\Synchronisation Companion\Voxsync.exe [14/10/2006 13:16:29] Sonic CinePlayer Quick Launch.lnk - C:\Program Files\Fichiers communs\Sonic Shared\cinetray.exe [18/09/2002 15:16:30] Logiciel Kodak EasyShare.lnk - C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe [14/06/2006 23:11:40] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab4208b6-9248-11db-830a-000ae4a618b7}] AutoRun\command- F:\AutoRun\Demo32.exe -- End of Deckard's System Scanner: finished at 2008-06-16 16:39:00 ------------ Voila , bonne analyse !!

Bonjour, Avec un peu de retard, je vous poste les rapports demandés (pour cause de vacances): ************** le rapport de Malwarebytes' Anti-Malware : ************** Malwarebytes' Anti-Malware 1.12 Version de la base de données: 722 Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 129885 Temps écoulé: 27 minute(s), 36 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) ******************************************************************************** *************************************** et les rapports de dss ******************************************************************************** *************************************** Deckard's System Scanner v20071014.68 Run by CHRISTIAN on 2008-06-14 16:26:29 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 51: 2008-06-14 14:26:34 UTC - RP499 - Deckard's System Scanner Restore Point 50: 2008-06-14 13:50:46 UTC - RP498 - Point de vérification système 49: 2008-06-05 19:27:38 UTC - RP497 - Spybot-S&D Spyware removal 48: 2008-06-05 19:13:51 UTC - RP496 - Point de vérification système 47: 2008-05-27 18:36:40 UTC - RP495 - Software Distribution Service 3.0 -- First Restore Point -- 1: 2008-03-25 18:29:43 UTC - RP449 - Point de vérification système Backed up registry hives. Performed disk cleanup. Total Physical Memory: 511 MiB (512 MiB recommended). -- HijackThis (run as CHRISTIAN.exe) ------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:28:48, on 14/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Shareaza\Shareaza.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Orange\Synchronisation Companion\Voxsync.exe C:\Program Files\Fichiers communs\Sonic Shared\cinetray.exe C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\utilitaire\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\CHRISTIAN.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: [ewfxsscba] c:\windows\system32\ewfxsscba.exe ewfxsscba O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iomega Automatic Backup] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Synchronisation Companion.lnk = ? O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = ? O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O21 - SSODL: rdihost - {68CF5788-F127-4DE4-A958-3760E7BDDBCE} - rdihost.dll (file missing) O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 7863 bytes -- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) ----------- backup-20080608-200858-151 O2 - BHO: (no name) - {FC7FF7DC-C5F6-D3CA-D1F2-CD9E1FC437EB} - C:\WINDOWS\system32\wininet2_.dll -- File Associations ----------------------------------------------------------- .reg - regfile - shell\open\command - regedit.exe "%1" %* .scr - scrfile - shell\open\command - "%1" %* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 iomdisk (Iomega Devices Disk Filter Services) - c:\windows\system32\drivers\iomdisk.sys <Not Verified; Iomega Corporation; Microsoft® Windows NT® Operating System> R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7> R1 Hotkey - c:\windows\system32\drivers\hotkey.sys R1 StarOpen - c:\windows\system32\drivers\staropen.sys R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\ntidrvr.sys <Not Verified; NewTech Infosystems, Inc.; > R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell> S1 Wbutton - c:\windows\system32\drivers\wbutton.sys (file missing) S2 osaio - c:\windows\system32\drivers\osaio.sys (file missing) S2 osanbm - c:\windows\system32\drivers\osanbm.sys (file missing) S3 EraserUtilDrvI4 - c:\program files\fichiers communs\symantec shared\eengine\eraserutildrvi4.sys (file missing) S3 PalmUSBD - c:\windows\system32\drivers\palmusbd.sys (file missing) S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - c:\windows\system32\pcampr5.sys (file missing) S3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - c:\windows\system32\pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows> S3 POWERKEY - c:\program files\launch manager\powerkey.sys S3 SymIM (Symantec Network Security Intermediate Filter Service) - c:\windows\system32\drivers\symim.sys (file missing) S3 SymIMMP - c:\windows\system32\drivers\symim.sys (file missing) S3 VIAudio (Vinyl AC'97 Audio Controller (WDM)) - c:\windows\system32\drivers\viaudios.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Iomega App Services - "c:\progra~1\iomega\system32\appservices.exe" <Not Verified; Iomega Corporation; Iomega App Services> S2 LiveUpdate Notice Ex (LiveUpdate Notice Service Ex) - "c:\program files\fichiers communs\symantec shared\ccsvchst.exe" /h cccommon (file missing) S4 Iomega Activity Disk2 - "" -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Contrôleur Ethernet Device ID: PCI\VEN_17FE&DEV_2220&SUBSYS_03051468&REV_00\3&61AAA01&0&50 Manufacturer: Name: Contrôleur Ethernet PNP Device ID: PCI\VEN_17FE&DEV_2220&SUBSYS_03051468&REV_00\3&61AAA01&0&50 Service: -- Scheduled Tasks ------------------------------------------------------------- 2008-06-14 15:51:02 364 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job -- Files created between 2008-05-14 and 2008-06-14 ----------------------------- 2008-06-08 20:39:17 0 d-------- C:\WINDOWS\E80F62FF5D3C4A1984099721F2928206.TMP 2008-06-08 20:11:40 0 d-------- C:\Documents and Settings\CHRISTIAN\Application Data\Malwarebytes 2008-06-08 20:11:27 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-06-08 20:11:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-06-05 21:48:15 0 d-------- C:\Program Files\Trend Micro 2008-06-05 21:28:29 0 d-------- C:\Documents and Settings\CHRISTIAN\Application Data\Lavasoft 2008-06-05 21:28:18 0 d-------- C:\Program Files\Lavasoft 2008-06-05 20:53:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-06-05 20:52:00 0 d-------- C:\utilitaire 2008-06-03 13:46:58 0 d--hs---- C:\FOUND.028 -- Find3M Report --------------------------------------------------------------- Nothing modified in this timespan. -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EoEngine"="" [] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [13/07/2004 14:48] "MMTray"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [20/05/2002 19:51] "ewfxsscba"="c:\windows\system32\ewfxsscba.exe" [31/05/2008 13:28] "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" [12/03/2007 10:22] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [05/08/2004 05:00] "Iomega Automatic Backup"="C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe" [12/06/2003 18:46] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19/01/2007 12:55] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [29/06/2007 01:28] "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [05/02/2007 04:05] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [09/08/2005 12:01:38] Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [09/08/2005 12:01:43] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/05/2005 23:23:26] D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [12/05/2005 00:49:24] Synchronisation Companion.lnk - C:\Program Files\Orange\Synchronisation Companion\Voxsync.exe [14/10/2006 13:16:29] Sonic CinePlayer Quick Launch.lnk - C:\Program Files\Fichiers communs\Sonic Shared\cinetray.exe [18/09/2002 15:16:30] Logiciel Kodak EasyShare.lnk - C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe [14/06/2006 23:11:40] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "rdihost"= {68CF5788-F127-4DE4-A958-3760E7BDDBCE} - rdihost.dll [ ] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Reserved] @="Driver Group" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab4208b6-9248-11db-830a-000ae4a618b7}] AutoRun\command- F:\AutoRun\Demo32.exe -- End of Deckard's System Scanner: finished at 2008-06-14 16:29:24 ------------ ******************************************************************************** ********************************* Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Édition familiale (build 2600) SP 2.0 Architecture: X86; Language: French CPU 0: Mobile AMD Sempron Processor 3000+ Percentage of Memory in Use: 60% Physical Memory (total/avail): 510.98 MiB / 203.71 MiB Pagefile Memory (total/avail): 1244.74 MiB / 903.18 MiB Virtual Memory (total/avail): 2047.88 MiB / 1936.09 MiB C: is Fixed (FAT32) - 26.77 GiB total, 5.46 GiB free. D: is Fixed (FAT32) - 26.94 GiB total, 21.44 GiB free. E: is CDROM (No Media) F: is Removable (FAT) \\.\PHYSICALDRIVE0 - IC25N060ATMR04-0 - 55.89 GiB - 3 partitions \PARTITION0 - Unknown - 2.15 GiB \PARTITION1 (bootable) - Unknown - 26.78 GiB - C: \PARTITION2 - Étendu avec Inter. 13 étendue - 26.96 GiB - D: \\.\PHYSICALDRIVE1 - Kingston DataTraveler 2.0 USB Device - 1913.99 MiB - 1 partition \PARTITION0 - MS-DOS V4 Huge - 1917.88 MiB - F: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FirstRunDisabled is set. [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Messenger\\MSMSGS.EXE"="C:\\Program Files\\Messenger\\MSMSGS.EXE:*:Enabled:Windows Messenger" "C:\\Program Files\\HP\\Digital Imaging\\BIN\\HPQTRA08.EXE"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\HPQTRA08.EXE:*:Enabled:hpqtra08.exe" "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe:*:Enabled:hposid01.exe" "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\\Program Files\\Orange Link\\Application\\eConfv4\\OLINKP.EXE"="C:\\Program Files\\Orange Link\\Application\\eConfv4\\OLINKP.EXE:*:Enabled:Orange Link Player" "C:\\Program Files\\Orange Link\\Application\\Exe\\Orange Link.exe"="C:\\Program Files\\Orange Link\\Application\\Exe\\Orange Link.exe:*:Disabled:Orange Link" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\KODAK\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\KODAK\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza" "C:\\DOCUME~1\\CHRIST~1\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\CHRIST~1\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Player2" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\CHRISTIAN\Application Data CommonProgramFiles=C:\Program Files\Fichiers communs COMPUTERNAME=ACER-1916361FFD ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\CHRISTIAN LOGONSERVER=\\ACER-1916361FFD NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sonic\MyDVD;;C:\Program Files\Sonic\MyDVD;C:\Program Files\Support Tools\;C:\Program Files\Samsung\Samsung PC Studio 3\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 28 Stepping 0, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=1c00 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp TMP=C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp USERDOMAIN=ACER-1916361FFD USERNAME=CHRISTIAN USERPROFILE=C:\Documents and Settings\CHRISTIAN windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- CHRISTIAN (admin) Administrateur (new local, admin) -- Add/Remove Programs --------------------------------------------------------- --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu" --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf --> VTUninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Timer' Ad-Aware SE Personal --> C:\PROGRA~1\LAVASOFT\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\LAVASOFT\AD-AWA~1\INSTALL.LOG Adobe Acrobat 4.0 --> C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.dll" Adobe ActiveShare 1.5 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3C7CA81-27EB-11D4-A59C-00E02C071F5C}\setup.exe" UNINSTALL Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Agere Systems AC'97 Modem --> agrsmdel CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} Correctif pour Lecteur Windows Media 11 (KB939683) --> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Correctif Windows XP - KB873333 --> C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Correctif Windows XP - KB885250 --> C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Correctif Windows XP - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Correctif Windows XP - KB887742 --> C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe Correctif Windows XP - KB888113 --> C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Correctif Windows XP - KB890175 --> C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Correctif Windows XP - KB893086 --> "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe" DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6} ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4} ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD} ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091} ESSSONIC --> MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34} ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589} essvatgt --> MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F} essvcpt --> MsiExec.exe /I{D1973749-F5E7-40EB-B528-F2B78685B9FF} GdiplusUpgrade --> MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5} Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar5.dll" HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall HLPPDOCK --> MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21} Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP Extended Capabilities 5.3 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Image Zone 5.3 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Imaging Device Functions 5.3 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat HP PSC & OfficeJet 5.3.A --> "C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat Indeo® Software --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" Iomega Automatic Backup --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{42ABF3F2-2C5E-43FA-BBFF-58E4295F23CA} Iomega HotBurn Pro --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CCB1507A-AAEA-4778-AC4B-DD5EAB1A961E}\Setup.exe" -l0x40c UNINSTALL kgcbase --> MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE} KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267} Launch Manager V1.0.7.6 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\setup.exe" -l0x40c LiveUpdate (Symantec Corporation) --> MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate" LiveUpdate (Symantec Corporation) --> MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206} LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8} Logiciel Kodak EasyShare --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0010_472e59\Setup.exe /APR-REMOVE Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Messager Wanadoo --> C:\PROGRA~1\MESSAG~1\Uninstall.exe Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Works 7.0 --> MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72} Mise à jour de sécurité pour Lecteur Windows Media (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) --> "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB883939) --> "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893066) --> "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896422) --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896688) --> "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899588) --> "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB903235) --> "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905915) --> "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB912812) --> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB916281) --> "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928090) --> "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB933566) --> "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB937143) --> "C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944338) --> "C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944533) --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB947864) --> "C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB896727) --> "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB932823-v3) --> "C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB946627) --> "C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe" MUSICMATCH Jukebox --> C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Uninst.isu" -cC:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.dll Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2} NTI Backup NOW! 3 --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4E68EAA3-775A-4542-A08A-47DB8E8E74A6} /l1036 BUNText NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI OfotoXMI --> MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45} OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C} OTtBPSDK --> MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353} PhotoFiltre --> "C:\Program Files\PhotoFiltre\Uninst.exe" Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe" Picture Package --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x40c UNINSTALL PowerDVD --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall Programme de gestion Camera de Logitech® --> "C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log SAMSUNG CDMA Modem Driver Set --> C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe SAMSUNG Mobile Composite Device Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe Samsung Mobile phone USB driver Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B} Shareaza version 2.2.5.0 --> "C:\Program Files\Shareaza\Uninstall\unins000.exe" SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237} SKIN0001 --> MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE} SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F} Sonic CinePlayer --> MsiExec.exe /X{26792CA7-D87A-4DBE-896B-C2F66B344511} SpeedTouch USB Software --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\setup.exe" /l040c -Control_Panel Spybot - Search & Destroy 1.3 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" staticcr --> MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2} Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Synchronisation Companion --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C2EBC2F1-B766-4AE3-A10C-6EBBC1EE3B02}\Setup.exe" -l0x40c UNINSTALL VIA Rhine Family Fast Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex Rhine VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370} Wanadoo --> C:\PROGRA~1\WANADOO\Shell.exe desinstall.shl Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} Windows Live Sign-in Assistant --> MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D} Windows Live Toolbar --> C:\Program Files\Windows Live Toolbar\UnInstall.exe {DE56FE92-9AD5-4DCB-9111-DDDF73EA5E5E} Windows Live Toolbar --> MsiExec.exe /X{DE56FE92-9AD5-4DCB-9111-DDDF73EA5E5E} Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Support Tools --> MsiExec.exe /I{89B078C4-50B0-453E-BF53-3A7E6A0D85FA} WinPerformance --> C:\Program Files\WinPerformance\uninstall.exe WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F} Yahoo! Toolbar avec bloqueur de fenêtres pop-up --> C:\PROGRA~1\YAHOO!\COMMON\unyt.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type31439 / Warning Event Submitted/Written: 06/08/2008 08:36:47 PM Event ID/Source: 101 / Automatic LiveUpdate Scheduler Event Description: Niveau d'information : warning Une session LiveUpdate est déjà en cours. Impossible de lancer LiveUpdate automatique. Event Record #/Type31421 / Warning Event Submitted/Written: 06/08/2008 08:31:45 PM Event ID/Source: 101 / Automatic LiveUpdate Scheduler Event Description: Niveau d'information : warning Une session LiveUpdate est déjà en cours. Impossible de lancer LiveUpdate automatique. Event Record #/Type31415 / Warning Event Submitted/Written: 06/08/2008 08:26:44 PM Event ID/Source: 101 / Automatic LiveUpdate Scheduler Event Description: Niveau d'information : warning Une session LiveUpdate est déjà en cours. Impossible de lancer LiveUpdate automatique. Event Record #/Type31177 / Error Event Submitted/Written: 05/31/2008 01:41:18 PM Event ID/Source: 1000 / Application Error Event Description: Application défaillante ccSvcHst.exe, version 107.0.3.7, module défaillant msvcrt.dll, version 7.0.2600.2180, adresse de défaillance 0x00037fd4. Traitement de l'événement propre au support pour [ccSvcHst.exe!ws!] Event Record #/Type31132 / Error Event Submitted/Written: 05/29/2008 08:51:50 PM Event ID/Source: 1000 / Application Error Event Description: Application défaillante msnmsgr.exe, version 8.1.178.0, module défaillant ntdll.dll, version 5.1.2600.2180, adresse de défaillance 0x00018fea. Traitement de l'événement propre au support pour [msnmsgr.exe!ws!] -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type440893 / Error Event Submitted/Written: 06/14/2008 03:19:38 PM Event ID/Source: 16 / Windows Update Agent Event Description: Connexion impossible : Windows ne parvient pas à se connecter au service Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation des mises à jour définies par la planification. Windows continuera d'essayer d'établir la connexion. Event Record #/Type440875 / Error Event Submitted/Written: 06/14/2008 03:18:40 PM Event ID/Source: 7026 / Service Control Manager Event Description: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : Ttn45 Event Record #/Type440874 / Error Event Submitted/Written: 06/14/2008 03:18:34 PM Event ID/Source: 7000 / Service Control Manager Event Description: Le service Planificateur LiveUpdate automatique n'a pas pu démarrer en raison de l'erreur : %%1053 Event Record #/Type440873 / Error Event Submitted/Written: 06/14/2008 03:18:34 PM Event ID/Source: 7009 / Service Control Manager Event Description: Délai (30000 millisecondes) d'attente pour une connexion du service Planificateur LiveUpdate automatique. Event Record #/Type440872 / Error Event Submitted/Written: 06/14/2008 03:18:34 PM Event ID/Source: 7000 / Service Control Manager Event Description: Le service osanbm n'a pas pu démarrer en raison de l'erreur : %%2 -- End of Deckard's System Scanner: finished at 2008-06-14 16:29:24 ------------ Voilà, j'attends vos commentaires. Encore Merci