Aller au contenu

Vels6

Membres
  • Compteur de contenus

    71
  • Inscription

  • Dernière visite

À propos de Vels6

  • Date de naissance 26/12/1975

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Sexe
    Male
  • Localisation
    Cruseilles
  • Intérêts
    33 ans, passionné d'aviation

Autres informations

  • Mes langues
    Français

Vels6's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. Bonjour, Tout est désinstallé ! Encore merci pour tout ! Je vous souhaite une excellente journée et bonne continuation !
  2. Bonsoir, Avant toutes choses, je tiens à vous remercier de l'accueil que vous m'avez réservé, nous avons pu largement échanger et votre écoute ainsi que votre disponibilité m'ont mis dans le meilleur des contextes pour suivre vos instructions. Oui j'estime que le problème est résolu puisque mon pc refonctionne normalement et que les fenêtres intempestives ont disparues. Que dois je désinstaller à présent ?
  3. Bonsoir, j'ai exécuter la totalité des opérations et répondu oui pour fixboot et fixmbr. * Vous ne pouvez donc pas utiliser les extensions de commande (par exemple Del pour Delete) : "Le paramètre n'est pas valide. Essayez le commutateur /? Pour obtenir de l'aide." * Vous ne pouvez pas parcourir les arborescences de votre disque dur : "Accès refusé". * Vous ne pouvez pas accéder à des lecteurs amovibles comme un lecteur de disquettes. * Vous ne pouvez pas copier des fichiers ou des dossiers. Ces 4 lignes ne sont pas apparues. Bonne soirée.
  4. Bonjour, Voici le rapport manquant ! Merci. ======= RAPPORT D'AD-REMOVER 2.0.0.0,C | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 22/04/10 à 19:00 Contact: [email protected] Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 19:38:15 le 23/04/2010 | Mode normal | Option: CLEAN Exécuté de: C:\Ad-Remover\ADR.exe SE: Microsoft® Windows XP™ Service Pack 3 - X86 Nom du PC: 8-7B4D6659A3644 Utilisateur actuel: Alexandre (Administrateur) . ============== ÉLÉMENT(S) NEUTRALISÉ(S) ============== . . C:\Documents and Settings\Alexandre\Application Data\Mozilla\FireFox\Profiles\o53l83wk.default\searchplugins\ask.xml C:\Documents and Settings\Alexandre\Local Settings\Application Data\Kiwee Toolbar C:\Documents and Settings\LocalService\Application Data\agi C:\Program Files\Macrogaming C:\Program Files\Mozilla FireFox\Components\AskSearch.js (!) -- Fichiers temporaires supprimés. . HKCU\Software\AppDataLow\AskBarDis HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} HKLM\Software\AskBarDis HKLM\Software\Classes\AskIBar.PopSwatterBarButton HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1 HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1 HKLM\Software\Classes\AskToolBar.SettingsPlugin HKLM\Software\Classes\AskToolBar.SettingsPlugin.1 HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c} HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b} HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362} HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA} HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9} HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742} HKLM\Software\Classes\MgMediaPlayer.GifAnimator HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1 HKLM\Software\Classes\SWEETIE.IEToolbar HKLM\Software\Classes\SWEETIE.IEToolbar.1 HKLM\Software\Classes\SWEETIE.SWEETIE HKLM\Software\Classes\SWEETIE.SWEETIE.1 HKLM\Software\Classes\ToolBand.SWEETIE HKLM\Software\Classes\ToolBand.SWEETIE.1 HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150} HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2} HKLM\Software\Macrogaming HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Sweetim HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} HKLM\Software\Microsoft\Internet Explorer\Toolbar|{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} . (Orpheline) BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} (CLSID manquant) . ============== SCAN ADDITIONNEL ============== . * Mozilla FireFox Version 3.6.3 (fr) * . C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\Alexandre\\Bureau C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.search.defaultenginename: Ask C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.search.defaulturl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.search.selectedEngine: Google C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.startup.homepage: hxxp://www.sfr.fr/ C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3 C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - keyword.URL: hxxp://redirecterror.sfr.fr/?q= C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - privacy.popups.showBrowserMessage, false C:\Documents and Settings\Alexandre\..\o53l83wk.default\user.js - keyword.URL: hxxp://redirecterror.sfr.fr/?q= C:\Documents and Settings\Reetu\..\xgdvhsp3.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\Reetu\\Bureau C:\Documents and Settings\Reetu\..\xgdvhsp3.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.1.7 . EFFACÉ: C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&crm=1"); . * Internet Explorer Version 8.0.6001.18702 * . [HKCU\Software\Microsoft\Internet Explorer\Main] . Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ . [HKLM\Software\Microsoft\Internet Explorer\Main] . Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ . [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] . Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm . ============== SUSPECT(S) ============== . C:\Documents and Settings\Alexandre\Application Data\BitTorrent\Native_Instruments_TRAKTOR_PRO_1.2.3_incl_Patch.torrent . ======================================== . C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp: 0 Fichier(s), 45 Dossier(s) C:\WINDOWS\temp: 5 Fichier(s), 4 Dossier(s) Temporary Internet Files: 2 Fichier(s), 8 Dossier(s) . C:\Ad-Remover\Quarantine: 2 Fichier(s) C:\Ad-Remover\Backup: 14 Fichier(s) . C:\Ad-Report-CLEAN[1].txt - 6497 Octet(s) C:\Ad-Report-SCAN[1].txt - 6361 Octet(s) . Fin à: 19:40:57, 23/04/2010 . ============== E.O.F - CLEAN[1] ==============
  5. Bonjour, Je voulais savoir si le dernier rapport posté était normal ou pas et est ce que je dois desinstaller les logiciels comme combofix par exemple ? Bonne journée.
  6. Bonsoir, Voici le rapport demandé. J'ai aussi tout enlever au démarrage et seul la ligne avast (dans les lignes 04) qui ne 'sen va pas. Merci bonne soirée. . ======= RAPPORT D'AD-REMOVER 2.0.0.0,C | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 22/04/10 à 19:00 Contact: [email protected] Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 19:33:23 le 23/04/2010 | Mode normal | Option: SCAN Exécuté de: C:\Ad-Remover\ADR.exe SE: Microsoft® Windows XP™ Service Pack 3 - X86 Nom du PC: 8-7B4D6659A3644 Utilisateur actuel: Alexandre (Administrateur) . ============== ÉLÉMENT(S) TROUVÉ(S) ============== . . C:\Documents and Settings\Alexandre\Application Data\Mozilla\FireFox\Profiles\o53l83wk.default\searchplugins\ask.xml C:\Documents and Settings\Alexandre\Local Settings\Application Data\Kiwee Toolbar C:\Documents and Settings\LocalService\Application Data\agi C:\Program Files\Macrogaming C:\Program Files\Mozilla FireFox\Components\AskSearch.js . HKCU\Software\AppDataLow\AskBarDis HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} HKLM\Software\AskBarDis HKLM\Software\Classes\AskIBar.PopSwatterBarButton HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1 HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1 HKLM\Software\Classes\AskToolBar.SettingsPlugin HKLM\Software\Classes\AskToolBar.SettingsPlugin.1 HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c} HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b} HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362} HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA} HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9} HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742} HKLM\Software\Classes\MgMediaPlayer.GifAnimator HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1 HKLM\Software\Classes\SWEETIE.IEToolbar HKLM\Software\Classes\SWEETIE.IEToolbar.1 HKLM\Software\Classes\SWEETIE.SWEETIE HKLM\Software\Classes\SWEETIE.SWEETIE.1 HKLM\Software\Classes\ToolBand.SWEETIE HKLM\Software\Classes\ToolBand.SWEETIE.1 HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150} HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2} HKLM\Software\Macrogaming HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Sweetim HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} HKLM\Software\Microsoft\Internet Explorer\Toolbar|{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} . . ============== SCAN ADDITIONNEL ============== . * Mozilla FireFox Version 3.6.3 (fr) * . C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\Alexandre\\Bureau C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.search.defaultenginename: Ask C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.search.defaulturl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.search.selectedEngine: Google C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.startup.homepage: hxxp://www.sfr.fr/ C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3 C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - keyword.URL: hxxp://redirecterror.sfr.fr/?q= C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - privacy.popups.showBrowserMessage, false C:\Documents and Settings\Alexandre\..\o53l83wk.default\user.js - keyword.URL: hxxp://redirecterror.sfr.fr/?q= C:\Documents and Settings\Reetu\..\xgdvhsp3.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\Reetu\\Bureau C:\Documents and Settings\Reetu\..\xgdvhsp3.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.1.7 . TROUVÉ: C:\Documents and Settings\Alexandre\..\o53l83wk.default\prefs.js - user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&crm=1"); . * Internet Explorer Version 8.0.6001.18702 * . [HKCU\Software\Microsoft\Internet Explorer\Main] . Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Show_ToolBar: yes Start Page: hxxp://www.sfr.fr/kit/adsl/ . [HKLM\Software\Microsoft\Internet Explorer\Main] . Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157 . [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] . Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm . ============== SUSPECT(S) ============== . C:\Documents and Settings\Alexandre\Application Data\BitTorrent\Native_Instruments_TRAKTOR_PRO_1.2.3_incl_Patch.torrent . ======================================== . C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp: 5 Fichier(s), 45 Dossier(s) C:\WINDOWS\temp: 9 Fichier(s), 4 Dossier(s) Temporary Internet Files: 17 Fichier(s), 8 Dossier(s) . C:\Ad-Remover\Quarantine: 0 Fichier(s) C:\Ad-Remover\Backup: 1 Fichier(s) . C:\Ad-Report-SCAN[1].txt - 6237 Octet(s) . Fin à: 19:36:42, 23/04/2010 . ============== E.O.F - SCAN[1] ==============
  7. Bonjour, Voici le log de combo fix : ComboFix 10-04-21.01 - Alexandre 23/04/2010 12:23:20.1.2 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1496 [GMT 2:00] Lancé depuis: c:\documents and settings\Alexandre\Bureau\ComboFix.exe AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\install.exe c:\windows\Ddyhoa.exe c:\windows\Ddyhob.exe c:\windows\eSellerateEngine.dll c:\windows\system32\Process.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SSHNAS ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-23 au 2010-04-23 )))))))))))))))))))))))))))))))))))) . 2010-04-21 19:52 . 2010-04-21 19:52 -------- d-----w- c:\documents and settings\Alexandre\Application Data\Flight One Software 2010-04-21 16:25 . 2007-06-20 18:46 266088 ----a-w- c:\windows\system32\xactengine2_8.dll 2010-04-21 16:25 . 2007-06-20 18:45 18280 ----a-w- c:\windows\system32\x3daudio1_2.dll 2010-04-21 16:25 . 2007-05-16 14:45 443752 ----a-w- c:\windows\system32\d3dx10_34.dll 2010-04-21 16:25 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll 2010-04-21 16:25 . 2007-05-16 14:45 1124720 ----a-w- c:\windows\system32\D3DCompiler_34.dll 2010-04-21 16:24 . 2010-04-21 16:24 -------- d-----w- c:\documents and settings\Alexandre\Local Settings\Application Data\Microsoft Game Studios 2010-04-21 11:50 . 2010-04-21 11:50 -------- d-----w- c:\program files\Microsoft Games 2010-04-21 11:04 . 2010-04-21 11:04 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-04-21 11:02 . 2010-04-22 08:47 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-04-21 11:01 . 2010-04-22 08:53 -------- d-----w- c:\documents and settings\Alexandre\Application Data\DAEMON Tools Lite 2010-04-21 11:01 . 2010-04-21 11:02 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite 2010-04-21 10:42 . 2010-04-21 10:42 -------- d-----w- c:\program files\PowerISO 2010-04-14 17:29 . 2010-04-14 17:31 376832 ----a-w- c:\windows\system32\AegisI5Installer.exe 2010-04-14 17:28 . 2010-04-15 12:09 -------- d-----w- c:\windows\system32\RtlGina 2010-04-13 11:34 . 2010-04-13 11:34 -------- d-----w- c:\program files\iPod 2010-04-13 11:34 . 2010-04-13 11:35 -------- d-----w- c:\program files\iTunes 2010-04-13 11:34 . 2010-04-13 11:35 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-04-13 11:28 . 2010-04-13 11:28 -------- d-----w- c:\program files\Bonjour 2010-03-24 10:52 . 2010-02-24 08:16 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-03-24 10:45 . 2010-03-24 10:46 -------- d-----w- c:\program files\Microsoft Security Essentials . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-22 20:20 . 2009-02-12 14:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-22 20:20 . 2010-04-22 20:20 5918775 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-04-22 16:12 . 2007-08-17 14:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2010-04-22 14:02 . 2006-03-02 12:00 95304 ----a-w- c:\windows\system32\perfc00C.dat 2010-04-22 14:02 . 2006-03-02 12:00 535882 ----a-w- c:\windows\system32\perfh00C.dat 2010-04-22 13:41 . 2009-01-23 15:37 -------- d-----w- c:\program files\CCleaner 2010-04-22 13:24 . 2009-10-23 11:49 -------- d-----w- c:\documents and settings\Alexandre\Application Data\Skype 2010-04-22 13:23 . 2010-01-05 09:14 -------- d-----w- c:\documents and settings\Alexandre\Application Data\BitTorrent 2010-04-22 11:59 . 2009-02-05 12:25 -------- d-----w- c:\documents and settings\Alexandre\Application Data\skypePM 2010-04-21 18:44 . 2009-01-08 19:14 78920 ----a-w- c:\documents and settings\Alexandre\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-04-21 12:48 . 2007-08-16 15:16 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-04-15 09:55 . 2007-08-16 15:16 -------- d-----w- c:\program files\Realtek 2010-04-14 17:32 . 2009-01-08 10:34 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys 2010-04-14 17:22 . 2009-01-08 19:25 -------- d-----w- c:\program files\ma-config.com 2010-04-14 17:22 . 2009-01-08 19:25 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com 2010-04-14 16:47 . 2008-08-20 06:47 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-04-14 16:47 . 2008-08-20 06:47 153184 ----a-w- c:\windows\system32\aswBoot.exe 2010-04-14 16:35 . 2008-08-20 06:47 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-04-14 16:35 . 2008-08-20 06:47 162768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-04-14 16:31 . 2008-08-20 06:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-04-14 16:31 . 2008-08-20 06:47 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-04-14 16:31 . 2008-08-20 06:47 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-04-14 16:31 . 2008-08-20 06:47 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-04-14 16:30 . 2008-08-20 06:47 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-04-14 10:37 . 2009-01-16 16:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-04-13 11:34 . 2009-01-18 15:15 -------- d-----w- c:\program files\Fichiers communs\Apple 2010-04-13 11:31 . 2009-01-18 15:16 -------- d-----w- c:\program files\QuickTime 2010-04-13 11:21 . 2010-04-13 11:21 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.0.79\SetupAdmin.exe 2010-03-29 22:46 . 2009-02-12 14:35 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-29 22:45 . 2009-02-12 14:35 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-24 23:28 . 2010-02-22 11:10 138504 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-03-24 23:28 . 2010-02-22 11:11 371776 ----a-w- c:\documents and settings\Alexandre\Application Data\id Software\quakelive\home\baseq3\cgamex86.dll 2010-03-24 23:28 . 2010-02-22 11:01 214488 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-03-24 23:28 . 2010-02-22 11:10 187456 ----a-w- c:\documents and settings\Alexandre\Application Data\id Software\quakelive\home\baseq3\uix86.dll 2010-03-24 23:28 . 2010-02-22 11:10 57344 ----a-w- c:\documents and settings\Alexandre\Application Data\id Software\quakelive\home\pb\pbag.dll 2010-03-24 23:28 . 2010-02-22 11:10 887856 ----a-w- c:\documents and settings\Alexandre\Application Data\id Software\quakelive\home\pb\pbcl.dll 2010-03-24 23:28 . 2010-02-22 11:10 2427968 ----a-w- c:\documents and settings\Alexandre\Application Data\id Software\quakelive\home\baseq3\quakelive.dll 2010-03-24 10:42 . 2010-03-24 10:42 0 ----a-r- c:\documents and settings\Alexandre\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe 2010-03-23 18:01 . 2009-01-03 14:01 -------- d-----w- c:\program files\Fichiers communs\Logishrd 2010-03-12 12:19 . 2010-02-22 11:11 461888 ----a-w- c:\documents and settings\Alexandre\Application Data\id Software\quakelive\home\baseq3\qagamex86.dll 2010-03-12 11:34 . 2008-08-20 06:47 -------- d-----w- c:\program files\Alwil Software 2010-03-12 11:25 . 2010-03-12 11:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-03-12 10:25 . 2010-03-12 10:25 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2010-03-12 10:19 . 2007-09-17 23:11 -------- d-----w- c:\program files\ATI Technologies 2010-03-12 10:05 . 2007-08-19 16:13 -------- d-----w- c:\program files\Driver Cleaner 2010-03-12 10:03 . 2009-02-15 19:04 -------- d-----w- c:\program files\REALTEK RTL8187B Wireless LAN Driver 2010-03-11 19:53 . 2010-03-11 19:53 -------- d-----w- c:\program files\Trend Micro 2010-03-10 17:00 . 2010-03-03 08:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2010-03-10 17:00 . 2010-03-05 17:11 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared 2010-03-10 06:16 . 2006-03-02 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-08 15:12 . 2010-03-08 15:12 -------- d-----w- c:\program files\Microsoft Small Business 2010-03-03 08:45 . 2010-03-03 08:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec 2010-03-03 08:45 . 2010-03-03 08:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2010-02-25 06:17 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2006-03-02 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-22 11:01 . 2010-02-22 11:01 -------- d-----w- c:\documents and settings\Alexandre\Application Data\id Software 2010-02-22 11:01 . 2010-02-22 11:01 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-02-22 11:01 . 2010-02-22 11:01 2373712 ----a-w- c:\windows\system32\pbsvc.exe 2010-02-22 11:01 . 2010-02-22 11:01 -------- d-----w- c:\documents and settings\All Users\Application Data\id Software 2010-02-16 19:06 . 2006-03-02 12:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 19:06 . 2004-08-19 16:04 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-12 10:03 . 2010-03-08 15:22 293376 ------w- c:\windows\system32\browserchoice.exe 2010-02-12 09:46 . 2010-02-12 09:46 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-02-12 09:46 . 2010-02-12 09:46 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-02-12 04:34 . 2006-03-02 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll 2010-02-11 12:02 . 2006-03-02 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys 2010-02-11 07:38 . 2007-03-15 01:57 3565056 ----a-w- c:\windows\system32\drivers\ati2mtag.sys 2010-02-11 05:17 . 2010-02-11 05:17 11845632 ----a-w- c:\windows\system32\atioglxx.dll 2010-02-11 05:07 . 2010-02-11 05:07 307200 ----a-w- c:\windows\system32\atiiiexx.dll 2010-02-11 04:46 . 2008-12-01 20:52 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2010-02-11 04:45 . 2009-03-29 14:42 325120 ----a-w- c:\windows\system32\ati2dvag.dll 2010-02-11 04:37 . 2007-07-28 03:06 290816 ----a-w- c:\windows\system32\atiok3x2.dll 2010-02-11 04:36 . 2009-02-25 21:30 204800 ----a-w- c:\windows\system32\atipdlxx.dll 2010-02-11 04:35 . 2010-02-11 04:35 155648 ----a-w- c:\windows\system32\Oemdspif.dll 2010-02-11 04:35 . 2010-02-11 04:35 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe 2010-02-11 04:35 . 2009-02-25 21:29 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2010-02-11 04:35 . 2009-02-25 21:29 155648 ----a-w- c:\windows\system32\ati2evxx.dll 2010-02-11 04:33 . 2009-02-25 21:27 602112 ----a-w- c:\windows\system32\ati2evxx.exe 2010-02-11 04:32 . 2010-02-11 04:32 53248 ----a-w- c:\windows\system32\ATIDDC.DLL 2010-02-11 04:25 . 2009-03-29 14:42 3818144 ----a-w- c:\windows\system32\ati3duag.dll 2010-02-11 04:23 . 2009-02-04 02:43 45056 ----a-w- c:\windows\system32\aticalrt.dll 2010-02-11 04:22 . 2009-02-04 02:42 45056 ----a-w- c:\windows\system32\aticalcl.dll 2010-02-11 04:21 . 2009-02-04 02:40 3227648 ----a-w- c:\windows\system32\aticaldd.dll 2010-02-11 04:19 . 2008-12-01 19:51 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2010-02-11 04:12 . 2009-03-29 14:42 2670592 ----a-w- c:\windows\system32\ativvaxx.dll 2010-02-11 04:12 . 2008-12-01 20:11 887724 ----a-w- c:\windows\system32\ativva6x.dat 2010-02-11 04:12 . 2008-12-01 20:11 3107788 ----a-w- c:\windows\system32\ativva5x.dat 2010-02-11 03:59 . 2008-12-01 19:57 49664 ----a-w- c:\windows\system32\amdpcom32.dll 2010-02-11 03:55 . 2007-07-28 02:47 475136 ----a-w- c:\windows\system32\atikvmag.dll 2010-02-11 03:54 . 2008-12-01 19:52 126976 ----a-w- c:\windows\system32\atiadlxx.dll 2010-02-11 03:53 . 2010-02-11 03:53 17408 ----a-w- c:\windows\system32\atitvo32.dll 2010-02-11 03:47 . 2009-03-29 14:42 626688 ----a-w- c:\windows\system32\ati2cqag.dll 2010-02-10 20:20 . 2010-03-12 10:16 593920 ------w- c:\windows\system32\ati2sgag.exe 2010-02-02 19:11 . 2009-01-16 19:55 78472 -c--a-w- c:\documents and settings\Reetu\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-26 11:09 . 2010-01-26 11:09 72704 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\RemoteControl.dll 2010-01-26 11:09 . 2010-01-26 11:09 613888 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\sound\WMASoundPlugin.dll 2010-01-26 11:09 . 2010-01-26 11:09 53760 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\zlib.dll 2010-01-26 11:09 . 2010-01-26 11:09 444928 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\sound\SystemMP3SoundPlugin.dll 2010-01-26 11:09 . 2010-01-26 11:09 1603072 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\sound\VorbisOGGSoundPlugin.dll 2010-01-26 11:09 . 2010-01-26 11:09 630272 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\CrashRpt.dll 2007-08-18 00:27 . 2007-08-18 00:27 61 -csh--w- c:\windows\cnerolf.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] 2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808] "Logitech Vid"="c:\program files\Logitech\Logitech Vid\Vid.exe" [2010-02-12 5933912] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1970176] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-04-14 2790472] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208] "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-16 47392] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-03-25 142120] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-11-09 180224] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Alexandre\Menu D‚marrer\Programmes\D‚marrage\ Logitech . Product Registration.lnk - c:\program files\Logitech\Logitech WebCam Software\eReg.exe [2009-10-14 517384] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2009-1-17 741376] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2008-05-02 01:42 72208 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\startupfolder\C:^Documents and Settings^Alexandre^Menu Démarrer^Programmes^Démarrage^2070234.lnk] path=c:\documents and settings\Alexandre\Menu Démarrer\Programmes\Démarrage\2070234.lnk backup=c:\windows\pss\2070234.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Alexandre^Menu Démarrer^Programmes^Démarrage^OneNote 2007 - Capture d'écran et lancement.lnk] path=c:\documents and settings\Alexandre\Menu Démarrer\Programmes\Démarrage\OneNote 2007 - Capture d'écran et lancement.lnk backup=c:\windows\pss\OneNote 2007 - Capture d'écran et lancement.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Alexandre^Menu Démarrer^Programmes^Démarrage^Outil de détection de support Picture Motion Browser.lnk] path=c:\documents and settings\Alexandre\Menu Démarrer\Programmes\Démarrage\Outil de détection de support Picture Motion Browser.lnk backup=c:\windows\pss\Outil de détection de support Picture Motion Browser.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^ASUS WiFi-AP Solo.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\ASUS WiFi-AP Solo.lnk backup=c:\windows\pss\ASUS WiFi-AP Solo.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk backup=c:\windows\pss\Outil de mise à jour Google.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Status Monitor.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Status Monitor.lnk backup=c:\windows\pss\Status Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk backup=c:\windows\pss\Windows Search.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinZip Quick Pick.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Isabelle^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.2.lnk] path=c:\documents and settings\Isabelle\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.2.lnk backup=c:\windows\pss\OpenOffice.org 2.2.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Isabelle^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk] path=c:\documents and settings\Isabelle\Menu Démarrer\Programmes\Démarrage\Outil de notification Live Search.lnk backup=c:\windows\pss\Outil de notification Live Search.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Isabelle^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk] path=c:\documents and settings\Isabelle\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk backup=c:\windows\pss\RocketDock.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Isabelle^Menu Démarrer^Programmes^Démarrage^VirtuaGirl HD.LNK] path=c:\documents and settings\Isabelle\Menu Démarrer\Programmes\Démarrage\VirtuaGirl HD.LNK backup=c:\windows\pss\VirtuaGirl HD.LNKStartup [HKLM\~\startupfolder\C:^Documents and Settings^Isabelle^Menu Démarrer^Programmes^Démarrage^Y'z Toolbar.lnk] path=c:\documents and settings\Isabelle\Menu Démarrer\Programmes\Démarrage\Y'z Toolbar.lnk backup=c:\windows\pss\Y'z Toolbar.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^user^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.2.lnk] path=c:\documents and settings\user\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.2.lnk backup=c:\windows\pss\OpenOffice.org 2.2.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\36X Raid Configurer] 2006-11-16 09:05 1953792 ------r- c:\windows\system32\JMRaidSetup.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-03-24 18:17 952768 ----a-w- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2007-03-16 09:45 63712 -c--a-w- c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ai Quicker Help] 2006-11-09 19:29 3165696 ----a-w- c:\program files\ASUS\ASUS DH Remote\AsRc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 10:43 69632 -c----r- c:\windows\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusStartupHelp] 2006-11-14 06:25 363008 -c--a-r- c:\program files\ASUS\AASP\1.00.17\AsRunHelp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd] 2007-11-05 20:34 741376 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connexion SFR 9props.exe] 2009-10-15 08:53 959808 ----a-w- c:\program files\SFR\Kit\9props.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3] 2007-10-30 14:05 77824 -c----w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 02:33 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DT HPW] 2007-09-28 14:52 81920 -c--a-w- c:\program files\Fichiers communs\Portrait Displays\Shared\DT_Startup.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzBackup Manager] 2006-08-15 17:43 1902080 -c--a-w- c:\program files\EZ-Backup\EZ-Backup Manager\EzBackupManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui] 2009-08-05 21:48 647520 -c--a-w- c:\program files\Windows Live\Family Safety\fsui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] 2006-11-13 12:07 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch] 2007-10-11 18:01 46368 -c--a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-03-25 23:10 142120 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup] 2006-10-30 12:44 36864 -c----r- c:\windows\JM\JMInsIDE.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] 2008-02-29 02:12 76304 -c--a-w- c:\windows\KHALMNPR.Exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam] 2006-10-13 15:01 277296 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid] 2010-02-12 17:07 5933912 ----a-w- c:\program files\Logitech\Logitech Vid\Vid.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] 2009-10-14 12:36 2793304 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 02:34 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Neuf Media Center] 2008-10-10 18:24 726336 -c--a-w- c:\program files\SFR\Media Center\MediaCenter.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD] 2007-10-11 18:03 29984 -c--a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2003-12-08 15:35 32768 -c--a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] 2006-05-14 20:47 344064 -c--a-w- c:\windows\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2006-04-17 07:34 16143872 ------r- c:\windows\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 08:03 210472 -c--a-w- c:\program files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2010-02-10 22:32 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-01-10 18:19 136600 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] 2007-10-14 17:09 103712 ----a-r- c:\program files\Macrogaming\SweetIM\SweetIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2007-08-17 14:57 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "c:\\Documents and Settings\\user\\Bureau\\fsd1110\\windows\\fsd.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Media Player\\wmplayer.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\VirtualDJ\\virtualdj.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\program files\SFR\Media Center\httpd\httpd.exe"= c:\program files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR) "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 "3587:TCP"= 3587:TCP:Groupement homologue Windows "3540:UDP"= 3540:UDP:Protocole PNRP (Peer Name Resolution Protocol) "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "1542:TCP"= 1542:TCP:Realtek WPS TCP Prot "1542:UDP"= 1542:UDP:Realtek WPS UDP Prot "53:UDP"= 53:UDP:Realtek AP UDP Prot [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21/04/2010 13:04 691696] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20/08/2008 08:47 162768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20/08/2008 08:47 19024] R2 EZ-Backup Manager;EZ-Backup Manager;c:\program files\EZ-Backup\EZ-Backup Manager\EzBackup.exe [08/01/2009 13:17 1124352] R2 FSD;FSD Server;c:\documents and settings\user\Bureau\fsd1110\windows\fsd.exe [19/08/2007 16:49 147456] R3 Net6IM;Net6;c:\windows\system32\drivers\net6im51.sys [18/03/2009 12:19 73368] S2 NIHardwareService;NIHardwareService;c:\program files\Fichiers communs\Native Instruments\Hardware\NIHardwareService.exe --> c:\program files\Fichiers communs\Native Instruments\Hardware\NIHardwareService.exe [?] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [03/04/2010 09:52 243056] S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys --> c:\windows\system32\DRIVERS\RTL8187B.sys [?] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [16/08/2007 17:22 332928] S3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [16/08/2007 17:21 13532] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc . Contenu du dossier 'Tâches planifiées' 2010-04-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2010-04-23 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-16 14:44] 2010-04-23 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-12-09 17:02] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.sfr.fr/kit/adsl/ uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - hxxp://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab FF - ProfilePath - c:\documents and settings\Alexandre\Application Data\Mozilla\Firefox\Profiles\o53l83wk.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.sfr.fr/ FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q= FF - plugin: c:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npvlc.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q= c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . - - - - ORPHELINS SUPPRIMES - - - - BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file) WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file) MSConfigStartUp-AppleSyncNotifier - c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe MSConfigStartUp-AVP - c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe MSConfigStartUp-Easy-PrintToolBox - c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe MSConfigStartUp-ISTray - c:\program files\Spyware Doctor\pctsTray.exe MSConfigStartUp-kuyqmoo - c:\documents and settings\isabelle\local settings\application data\kuyqmoo.exe MSConfigStartUp-LREC75DND7 - c:\docume~1\ALEXAN~1\LOCALS~1\Temp\c.exe MSConfigStartUp-mgyecuw - c:\documents and settings\isabelle\local settings\application data\mgyecuw.exe MSConfigStartUp-NeroFilterCheck - c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe MSConfigStartUp-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe MSConfigStartUp-SDTray - c:\program files\Spyware Doctor\SDTrayApp.exe MSConfigStartUp-TomTomHOME - c:\program files\TomTom HOME 2\TomTomHOMERunner.exe MSConfigStartUp-VX1000 - c:\windows\vVX1000.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-04-23 12:31 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys spkl.sys hal.dll >>UNKNOWN [0x8A876938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf765bf28 \Driver\ACPI -> ACPI.sys @ 0xf74a2cb8 \Driver\atapi -> atapi.sys @ 0xf783eb40 IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805e710a ParseProcedure -> ntoskrnl.exe @ 0x80578f7a \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805e710a ParseProcedure -> ntoskrnl.exe @ 0x80578f7a NDIS: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xba672bb0 PacketIndicateHandler -> NDIS.sys @ 0xba67fa21 SendHandler -> NDIS.sys @ 0xba65d87b user & kernel MBR OK ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1160) c:\windows\system32\Ati2evxx.dll c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll - - - - - - - > 'explorer.exe'(7408) c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\program files\Windows Desktop Search\deskbar.dll c:\program files\Windows Desktop Search\fr-fr\dbres.dll.mui c:\program files\Windows Desktop Search\dbres.dll c:\program files\Windows Desktop Search\wordwheel.dll c:\program files\Windows Desktop Search\fr-fr\msnlExtRes.dll.mui c:\program files\Windows Desktop Search\msnlExtRes.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Microsoft Security Essentials\MsMpEng.exe c:\windows\system32\Ati2evxx.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\program files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe c:\program files\Microsoft LifeCam\MSCamS32.exe c:\windows\system32\PnkBstrA.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\program files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Windows Media Player\WMPNetwk.exe c:\windows\system32\SearchIndexer.exe c:\program files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\progra~1\MI3AA1~1\rapimgr.exe c:\program files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Brother\Brmfcmon\BrMfcmon.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe . ************************************************************************** . Heure de fin: 2010-04-23 12:37:29 - La machine a redémarré ComboFix-quarantined-files.txt 2010-04-23 10:37 Avant-CF: 9,234,690,048 octets libres Après-CF: 9,218,183,168 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - B564C90A71B37DBE6077FBAF2A7AFFAC Merci et bonne journée !
  8. Bonsoir, Tout d'abord merci pour la rapidité de votre réponse ainsi que de vos claires explications. J'ai donc tout exécuter tel que vous me l'avez décrit et voici donc le rapport. En sachant qu'à la fin de la suppression, un message m'a averti que tout n'avait pas pu être supprimé. En attendant l'uc est retombée en dessous de 10%. Encore merci et bonne soirée. Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Version de la base de données: 3930 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22/04/2010 23:31:41 mbam-log-2010-04-22 (23-31-41).txt Type d'examen: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|) Elément(s) analysé(s): 221858 Temps écoulé: 55 minute(s), 21 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 6 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 5 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): c:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sshnas (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\LREC75DND7 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\E8WECRKKMV (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c (Trojan.FakeAlert) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot. C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Alexandre\results.txt (Malware.Trace) -> Quarantined and deleted successfully.
  9. bonjour, Depuis hier mon uc utilisée est 80% alors que d'ordinaire je suis a moins de 10. J'ai explorer qui s'ouvre tout seul des pages web alors que j'utilise firefox. A chaque fois j'ouvre firefox le pc me demande si je veux en faire mon navigateur par défaut ce a quoi je dis oui mais a chaque ouverture il me le redemande. Et surtout le pc rame a fond ! Alors s'il vous plait pourriez vous m'aider ? Voici le rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:08:17, on 22/04/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Essentials\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\SFR\Kit\9props.exe C:\Program Files\Logitech\Logitech Vid\Vid.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\Dl1.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe C:\Program Files\EZ-Backup\EZ-Backup Manager\EzBackup.exe C:\Documents and Settings\user\Bureau\fsd1110\windows\fsd.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ATITool\ATITool.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file) O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file) O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\Vid.exe" -bootmode O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [YVIBBBHA8C] C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\Dl1.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231355980062 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231355961515 O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - http://www.virginmega.fr/DownloadManager/R...rod/DownMan.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe O23 - Service: EZ-Backup Manager - Unknown owner - C:\Program Files\EZ-Backup\EZ-Backup Manager\EzBackup.exe O23 - Service: FSD Server (FSD) - Unknown owner - C:\Documents and Settings\user\Bureau\fsd1110\windows\fsd.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NIHardwareService - Unknown owner - C:\Program Files\Fichiers communs\Native Instruments\Hardware\NIHardwareService.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 14003 bytes Merci d'avance pour vos compétences
  10. Bonjour ! Merci pour les explications et voici les rapports : Search Navipromo version 3.7.2 commencé le 12/02/2009 à 14:09:29,45 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 07.02.2009 à 10h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 CPU 6600 @ 2.40GHz ) BIOS : BIOS Date: 07/10/08 11:03:49 Ver: 08.00.12 USER : Alexandre ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1335 [VPS 090211-0] 4.8.1335 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:74 Go (Free:5 Go) D:\ (CD or DVD) E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) Recherche executé en mode normal *** Recherche Programmes installés *** Favorit Live-Player WebMediaPlayer *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** ...\Live-Player trouvé ! ...\WebMediaPlayer trouvé ! *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** ...\Live-Player trouvé ! *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Alexandre\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\Reetu\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Alexandre\locals~1\applic~1" *** ...\Live-Player trouvé ! *** Recherche dossiers dans "C:\DOCUME~1\Reetu\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\user\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Alexandre\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\Reetu\menudm~1\progra~1" *** *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\Alexandre\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\Reetu\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\user\locals~1\applic~1" * *** Recherche fichiers *** c:\docume~1\alluse~1\bureau\Live-Player.lnk trouvé ! *** Recherche clés spécifiques dans le Registre *** !! Les clés trouvées ne sont pas forcément infectées !! [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "dfneuet"="\"c:\\documents and settings\\alexandre\\local settings\\application data\\dfneuet.exe\" dfneuet" *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\Alexandre\locals~1\applic~1" : dfneuet.exe trouvé ! dfneuet.dat trouvé ! dfneuet_nav.dat trouvé ! dfneuet_navps.dat trouvé ! * Dans "C:\DOCUME~1\Reetu\locals~1\applic~1" : * Dans "C:\DOCUME~1\user\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup absent ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche autres dossiers et fichiers connus : *** Analyse terminée le 12/02/2009 à 14:10:33,51 *** et le deuxième : Clean Navipromo version 3.7.2 commencé le 12/02/2009 à 14:12:11,64 Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 07.02.2009 à 10h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Core2 CPU 6600 @ 2.40GHz ) BIOS : BIOS Date: 07/10/08 11:03:49 Ver: 08.00.12 USER : Alexandre ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1335 [VPS 090211-0] 4.8.1335 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:74 Go (Free:5 Go) D:\ (CD or DVD) E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\Alexandre\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\Reetu\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\user\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** ...\Live-Player ...suppression... ...\Live-Player supprimé ! ...\WebMediaPlayer ...suppression... ...\WebMediaPlayer supprimé ! *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** ...\Live-Player ...suppression... ...\Live-Player supprimé ! *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Alexandre\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\Reetu\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Alexandre\locals~1\applic~1" *** ...\Live-Player ...suppression... ...\Live-Player supprimé ! *** Suppression dossiers dans "C:\DOCUME~1\Reetu\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\user\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Alexandre\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\Reetu\menudm~1\progra~1" *** *** Suppression fichiers *** c:\docume~1\alluse~1\bureau\Live-Player.lnk supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Alexandre\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * * Dans "C:\Documents and Settings\Alexandre\locals~1\applic~1" * dfneuet.exe trouvé ! Copie dfneuet.exe réalisée avec succès ! dfneuet.exe supprimé ! dfneuet.dat trouvé ! Copie dfneuet.dat réalisée avec succès ! dfneuet.dat supprimé ! dfneuet_nav.dat trouvé ! Copie dfneuet_nav.dat réalisée avec succès ! dfneuet_nav.dat supprimé ! dfneuet_navps.dat trouvé ! Copie dfneuet_navps.dat réalisée avec succès ! dfneuet_navps.dat supprimé ! * Dans "C:\DOCUME~1\Reetu\locals~1\applic~1" * * Dans "C:\DOCUME~1\user\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup absent ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltdt absent ! *** Recherche autres dossiers et fichiers connus *** *** Nettoyage terminé le 12/02/2009 à 14:16:33,46 *** Merci et bonne journée.
  11. Bonsoir et merci pour votre réponse rapide. Voici le rapport: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:55:26, on 12/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\documents and settings\alexandre\local settings\application data\dfneuet.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\Program Files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe C:\Program Files\EZ-Backup\EZ-Backup Manager\EzBackup.exe C:\Documents and Settings\user\Bureau\fsd1110\windows\fsd.exe C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\WMPNetwk.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchFilterHost.exe C:\Documents and Settings\Alexandre\Bureau\Karcher.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ati.com/online/cccwelcome/drivers.html R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing) O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [dfneuet] "c:\documents and settings\alexandre\local settings\application data\dfneuet.exe" dfneuet O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (User 'Default user') O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231355980062 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231355961515 O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - http://www.virginmega.fr/DownloadManager/R...rod/DownMan.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe O23 - Service: EZ-Backup Manager - Unknown owner - C:\Program Files\EZ-Backup\EZ-Backup Manager\EzBackup.exe O23 - Service: FSD Server (FSD) - Unknown owner - C:\Documents and Settings\user\Bureau\fsd1110\windows\fsd.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP4a\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP4a\RpcSandraSrv.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 13383 bytes Bonne lecture et merci d'avance.
  12. Bonjour, Voilà depuis 3 semaines que j'ai des pubs intempestives qui sont vraiment arrivées du jour au lendemain. La plus pénible c'est priceminister ainsi que les pub pour anti virus car elles apparaissent à l'écran presque a chaque ouverture d'onglet. Pourriez vous m'aider svp ? Ps. il n'y a que 2 sessions sur mon ordi et bizarrement les pubs intempestives ne sont que sur un seule de ces 2 sessions cad la mienne. Merci d'avance.
  13. Vels6

    nouveau materiel

    c juste que ma carte mere est une asus et mon boitier aussi alors voilà
  14. Vels6

    nouveau materiel

    alors voilà en fait jai bien comandé un rad mais pas celui prévu ! j'ai pris ça http://www.rueducommerce.fr/Composants/Ref...sockets.htm#pdd
  15. Vels6

    nouveau materiel

    oki oki alors je moccupe dacheter un nouveau rad de le monter et quand c'est fait je reviens ! Merci a vous tous pour vos réponses ! la prochaine fois que je reviens je serais bien équipé ! merci
×
×
  • Créer...