Aller au contenu

fifi29

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    4 082

  • Inscription

  • Dernière visite

  • Jours gagnés

    3

 Type de contenu 

Tout ce qui a été posté par fifi29

  1. fifi29
    salut isula , voici un lien pour la config outlook: http://www.network-reseautique.com/outlook/index.html pop 3 : pop.aliceadsl.fr smtp : smtp.aliceadsl.fr allez a ++++
  2. fifi29
    salut bruce lee, je n'ai à prioris plus de pages indésirables. j'avais bien compris pour les bestioles, ma questions était technique . merci beaucoup et a ++++
  3. fifi29
    re salut , voici ce rapport: C:\WINDOWS\system32\A4E5.tmp moved successfully. C:\WINDOWS\QTFont.qfn moved successfully. C:\WINDOWS\QTFont.for moved successfully. C:\Documents and Settings\HP_Propriétaire\Application Data\ezpinst.exe moved successfully. C:\Documents and Settings\BRUNO\Application Data\wklnhst.dat moved successfully. C:\Documents and Settings\BRUNO\Application Data\ViewerApp.dat moved successfully. File/Folder c:\documents and settings\hp_propriétaire\local settings\application data\hkljgybdib.exe not found. File/Folder C:\Documents and Settings\All Users\Application Data\loudintermixlive not found. File/Folder C:\Program Files\Zango not found. Created on 12/16/2007 12:50:52 la seconde partie arrive aprés. rapport navilog Search Navipromo version 3.3.7 commencé le 16/12/2007 à 13:36:39,60 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 08.12.2007 à 16h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 *** *** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\application data" *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Aucun Fichier trouvé *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans C:\WINDOWS\system32 * * Recherche dans "C:\Documents and Settings\HP_Propriétaire\local settings\application data" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus : 2)Recherche Heuristique : * Dans C:\WINDOWS\system32 : * Dans "C:\Documents and Settings\HP_Propriétaire\local settings\application data" : 3)Recherche Certificats : Certificat Egroup absent ! *** Analyse terminée le 16/12/2007 à 13:47:43,75 *** pourrais tu m'expliquer à quoi correspond ce que l'on fait, merci et a ++++
  4. fifi29
    ^salut bruce lee, voila le nouveau rapport: ComboFix 07-12-15.3 - HP_Propriétaire 2007-12-16 8:20:43.3 - NTFSx86 Running from: C:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\ComboFix.exe Command switches used :: C:\Documents and Settings\HP_Propriétaire\Bureau\CFScript.txt * Created a new restore point . ((((((((((((((((((((((((((((( Fichiers créés 2007-11-16 to 2007-12-16 )))))))))))))))))))))))))))))))))))) . 2007-12-14 17:58 . 2007-12-14 17:58 164 --a------ C:\install.dat 2007-12-14 07:40 . 2007-12-14 07:40 16,896 --a------ C:\WINDOWS\system32\A4E5.tmp 2007-12-13 18:18 . 2007-12-13 18:18 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-12-13 18:18 . 2007-12-13 18:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2007-12-11 18:38 . 2007-12-15 14:45 <REP> d-------- C:\Program Files\Navilog1 2007-12-09 23:15 . 2007-12-09 23:15 <REP> d-------- C:\Program Files\Avira 2007-12-09 23:15 . 2007-12-09 23:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2007-12-04 14:43 . 2007-12-04 16:23 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Shared 2007-12-04 14:43 . 2007-12-04 16:23 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Shared 2007-12-04 14:43 . 2007-12-04 16:28 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Incomplete 2007-12-04 14:43 . 2007-12-04 16:28 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Incomplete 2007-12-04 14:42 . 2007-12-04 16:28 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\LimeWire 2007-12-04 14:39 . 2007-12-04 16:25 <REP> d-------- C:\Program Files\LimeWire 2007-12-03 10:18 . 2007-12-14 19:49 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2007-12-03 10:18 . 2007-12-03 10:37 1,409 --a------ C:\WINDOWS\QTFont.for 2007-11-30 15:22 . 2007-11-30 15:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2007-11-30 15:21 . 2007-11-30 15:21 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\AVS4YOU 2007-11-30 15:12 . 2007-12-01 10:50 <REP> d-------- C:\Program Files\Fichiers communs\AVSMedia 2007-11-30 15:12 . 2007-12-01 10:50 <REP> d-------- C:\Program Files\AVS4YOU 2007-11-30 13:46 . 2007-11-30 13:46 <REP> d-------- C:\Program Files\CCleaner 2007-11-30 13:13 . 1999-08-04 12:00 1,294,336 --a------ C:\WINDOWS\system32\MGIIpl2A6.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,261,568 --a------ C:\WINDOWS\system32\MGIIpl2M6.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,228,800 --a------ C:\WINDOWS\system32\MGIIpl2M5.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,105,920 --a------ C:\WINDOWS\system32\MGIIpl2P6.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,052,672 --a------ C:\WINDOWS\system32\MGIIpl2P5.dll 2007-11-30 13:12 . 2007-11-30 13:12 <REP> d-------- C:\Program Files\Fichiers communs\MGI Shared 2007-11-30 13:11 . 2007-11-30 13:11 <REP> d-------- C:\Program Files\MGI 2007-11-28 14:25 . 2007-11-28 14:25 <REP> d-------- C:\Program Files\ffdshow 2007-11-24 15:11 . 2007-12-15 07:03 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Vista Start Menu 2007-11-24 15:10 . 2007-11-24 15:10 <REP> d-------- C:\Program Files\Vista Start Menu 2007-11-18 16:12 . 2007-11-18 16:12 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Media Player Classic 2007-11-17 14:27 . 2007-11-17 14:27 <REP> d-------- C:\foot_Effets 2007-11-17 14:18 . 2007-11-17 14:27 <REP> d-------- C:\VTProjects 2007-11-17 14:18 . 2007-11-17 14:18 <REP> d-------- C:\VTExport 2007-11-17 10:17 . 2007-11-17 10:26 <REP> d-------- C:\Program Files\Free FLV Converter 2007-11-17 10:17 . 2005-05-14 20:09 2,179,072 --a------ C:\WINDOWS\system32\mfc71d.dll 2007-11-17 10:17 . 2006-07-11 18:06 544,768 --a------ C:\WINDOWS\system32\msvcr71d.dll 2007-11-17 10:17 . 2007-06-18 23:22 364,544 --a------ C:\WINDOWS\system32\PropertyGrid.ocx 2007-11-17 10:17 . 2005-10-13 13:42 208,500 --a------ C:\WINDOWS\system32\ReyXpBasics.tlb 2007-11-17 10:17 . 2004-03-09 00:00 84,512 --a------ C:\WINDOWS\system32\PICCLP32.OCX 2007-11-17 10:17 . 2005-09-28 01:31 24,576 --a------ C:\WINDOWS\system32\ControlSubX.ocx 2007-11-17 10:17 . 1998-07-12 23:00 15,360 --a------ C:\WINDOWS\system32\inetfr.DLL 2007-11-17 10:17 . 1998-07-13 00:00 9,728 --a------ C:\WINDOWS\system32\PCCLPFR.DLL 2007-11-17 10:03 . 2007-11-17 10:03 <REP> d-------- C:\Program Files\FLVPlayer . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-16 07:11 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\SiteAdvisor 2007-12-15 19:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2007-12-15 18:46 --------- d-----w C:\Program Files\Ri-li 2007-12-15 17:33 --------- d-----w C:\Program Files\Mozilla Thunderbird 2007-12-15 16:10 507,092 -c--a-w C:\WINDOWS\system32\drivers\fwdrv.err 2007-12-14 16:18 --------- d-----w C:\Program Files\Hijackthis Version Française 2007-12-14 06:43 --------- d-----w C:\Program Files\Windows Desktop Search 2007-12-14 06:42 --------- d-----w C:\Program Files\PopTray 2007-12-14 06:42 --------- d-----w C:\Program Files\Fichiers communs\LightScribe 2007-12-14 06:42 --------- d-----w C:\Program Files\a-squared Free 2007-12-11 07:34 --------- d-----w C:\Program Files\Zylom Games 2007-12-10 18:45 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\PlayFirst 2007-12-10 18:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst 2007-12-10 18:44 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Zylom 2007-12-10 17:44 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Image Zone Express 2007-12-10 08:06 --------- d-----w C:\Program Files\Alwil Software 2007-12-08 17:01 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2007-12-08 11:17 25,084 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat 2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-03 14:24 --------- d-----w C:\Program Files\KC Softwares 2007-12-03 12:33 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\muvee Technologies 2007-12-02 17:05 --------- d-----w C:\Program Files\eMule 2007-12-02 16:34 --------- d-----w C:\Program Files\muvee Technologies 2007-12-02 16:34 --------- d-----w C:\Program Files\Fichiers communs\muvee Technologies 2007-12-02 16:30 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-02 07:46 --------- d-----w C:\Program Files\QuickTime 2007-12-01 11:52 --------- d-----w C:\Program Files\Fichiers communs\Real 2007-12-01 11:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-12-01 11:00 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Apple Computer 2007-11-30 08:59 --------- d-----w C:\Program Files\Windows Live 2007-11-28 13:16 --------- d-----w C:\Program Files\Microsoft Digital Image 10 2007-11-19 16:20 --------- d-----w C:\Program Files\iTunes 2007-11-19 16:20 --------- d-----w C:\Program Files\iPod 2007-11-19 08:41 --------- d-----w C:\Program Files\VideoLAN 2007-11-14 09:42 --------- d-----w C:\Program Files\PimpFish 2007-11-13 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zabersoft 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-11-12 09:41 --------- d-----w C:\Program Files\EO Video 2007-11-10 13:49 --------- d-----w C:\Program Files\Xi 2007-11-09 14:17 --------- d-----w C:\Program Files\Common Files 2007-11-09 13:54 724,992 -c--a-w C:\WINDOWS\iun6002.exe 2007-11-09 07:24 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\GeoVid 2007-11-09 07:22 --------- d-----w C:\Program Files\GeoVid 2007-11-04 13:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skyline 2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-28 22:15 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2007-10-28 21:15 --------- d-----w C:\Program Files\Web Media Player 2007-10-27 11:03 --------- d-----w C:\Program Files\VIPER TV PLAYER (v 7.1.1) 2007-10-25 12:24 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\dvdcss 2007-10-25 12:23 --------- d-----w C:\Program Files\ATI Technologies 2007-10-25 12:22 --------- d-----w C:\Program Files\HP 2007-10-25 12:22 --------- d-----w C:\Program Files\Hewlett-Packard 2007-10-25 12:22 --------- d-----w C:\Program Files\Fichiers communs\HP 2007-10-25 12:19 --------- d-----w C:\Program Files\ATI Technologies(2) 2007-10-25 12:01 --------- d-----w C:\Program Files\ATI 2007-10-25 10:47 --------- d-----w C:\Program Files\MSXML 6.0 2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-10-25 06:36 --------- d-----w C:\Program Files\Reference Assemblies 2007-10-25 06:36 --------- d-----w C:\Program Files\MSBuild 2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR 2007-10-21 13:19 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Skyline 2007-10-21 13:09 --------- d-----w C:\Program Files\Skyline 2007-10-21 09:46 --------- d-----w C:\Program Files\USB Disk Win98 Driver 2007-10-01 08:42 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe 2007-08-26 16:22 47,360 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\pcouffin.sys 2007-05-14 18:19 87,608 ----a-w C:\Documents and Settings\HP_Propriétaire\Application Data\ezpinst.exe 2006-07-12 09:12 524,300 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\position.bin 2006-06-06 13:22 278,528 -c--a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2006-03-17 15:42 774,144 -c-ha-r C:\Program Files\RngInterstitial.dll 2005-12-28 09:33 970 -c--a-w C:\Documents and Settings\BRUNO\Application Data\wklnhst.dat 2005-11-16 19:46 284 -c--a-w C:\Documents and Settings\BRUNO\Application Data\ViewerApp.dat 2006-07-17 12:23 22 -csha-w C:\WINDOWS\SMINST\HPCD.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 19:00] "VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2007-11-12 17:42] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43] "PS2"="C:\WINDOWS\system32\ps2.exe" [2004-10-25 22:17] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04] "HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 19:43] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 16:32] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 14:28 C:\WINDOWS\soundman.exe] "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 23:50] "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 18:06 C:\WINDOWS\AGRSMMSG.exe] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-09 23:22] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-12-12 06:38] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WIAWizardMenu"="RUNDLL32.exe" [2004-08-05 19:00 C:\WINDOWS\system32\rundll32.exe] C:\Documents and Settings\HP_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\ PopTray.lnk - C:\Program Files\PopTray\PopTray.exe [2006-09-16 14:01:16] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hyperappel de l'Encyclopédie Universelle Larousse.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Hyperappel de l'Encyclopédie Universelle Larousse.lnk backup=C:\WINDOWS\pss\Hyperappel de l'Encyclopédie Universelle Larousse.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^KODAK Software Updater.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\KODAK Software Updater.lnk backup=C:\WINDOWS\pss\KODAK Software Updater.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk backup=C:\WINDOWS\pss\Logiciel Kodak EasyShare.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk] backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk] backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^HDD temperature.lnk] path=C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage\HDD temperature.lnk backup=C:\WINDOWS\pss\HDD temperature.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^PrintKey 2000 Fr.lnk] path=C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage\PrintKey 2000 Fr.lnk backup=C:\WINDOWS\pss\PrintKey 2000 Fr.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2007-10-10 19:51 39792 --a--c--- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] 2005-04-06 04:05 339968 --a------ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-01-15 16:14 147456 --a------ C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Color] C:\Program Files\DL Software\D-Color\dcolor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlmMgr] C:\Program Files\Fichiers communs\Adobe\ESD\AdobeDownloadManager.exe restart=1 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hkljgybdib] c:\documents and settings\hp_propriétaire\local settings\application data\hkljgybdib.exe hkljgybdib [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-02-16 22:11 49152 --a------ C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe -start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV] C:\Program Files\Its Label\ItsTV\ItsTV.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2007-11-15 13:11 267048 --a------ C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kapere] C:\Program Files\Akretio\Kapere\Kapere.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LOCKS GRAM] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CURBLI~1\web bags.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe boot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] 2005-06-08 14:24 458752 --a------ C:\Program Files\Logitech\Video\ISStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] 2005-06-08 14:14 217088 --a------ C:\Program Files\Logitech\Video\LogiTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] 2004-10-14 21:54 253952 --a------ c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] 2006-07-27 18:34 190024 --a------ C:\Program Files\MessengerPlus! 3\MsgPlus.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAHSSStartup] C:\Program Files\OrangeHSS\Launcher\Launcher.exe -appid connectivityapp [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orange Desktop Search] C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe /tray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2007-08-31 15:46 1460560 --a------ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2006-11-10 11:35 90112 --a------ C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2007-07-12 03:00 132496 --a------ C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2007-04-02 19:46 68856 --a------ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystrayORAHSS] 2007-01-04 10:45 90112 --a------ C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ub4TrayApp] C:\Program Files\Astase\UltraBackup\4.0\bin\ubtray.exe /start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Storage Toolbox] 2005-09-14 19:44 65536 --a--c--- C:\Program Files\USB Disk Win98 Driver\Res.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" boot [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "UserFaultCheck"=%systemroot%\system32\dumprep 0 -u "SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0\bin\jusched.exe "AGRSMMSG"=AGRSMMSG.exe "AlcxMonitor"=ALCXMNTR.EXE "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe "HPHUPD06"=c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe "LSBWatcher"=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe R0 avgntmgr;avgntmgr;C:\WINDOWS\system32\DRIVERS\avgntmgr.sys R1 avgntdd;avgntdd;C:\WINDOWS\system32\DRIVERS\avgntdd.sys R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS S3 AdWatchDrv;AW Realtime Driver;\??\C:\WINDOWS\system32\drivers\AWRTPD.sys S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" S4 LicCtrlService;LicCtrl Service;rundll32.exe C:\WINDOWS\mmfs.dll,Service [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-12-10 16:00:43 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-12-15 19:00:00 C:\WINDOWS\Tasks\HPpromotions psc 1600 series.job" - C:\Program Files\HP\Digital Imaging\bin\HP Promotions\AiOMVC\HPpromo.exe . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-16 08:29:24 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-16 8:32:07 C:\ComboFix2.txt ... 2007-12-15 14:26 C:\ComboFix3.txt ... 2007-12-15 07:06 . 2007-12-12 05:47:43 --- E O F --- encore merci et a ++++
  5. fifi29
    salut bruce lee, voici déja le rapport conbofix: ComboFix 07-12-15.3 - HP_Propriétaire 2007-12-15 14:15:46.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.59 [GMT 1:00] Running from: C:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\ComboFix.exe Command switches used :: C:\Documents and Settings\HP_Propriétaire\Bureau\CFScript.txt * Created a new restore point . ((((((((((((((((((((((((((((( Fichiers créés 2007-11-15 to 2007-12-15 )))))))))))))))))))))))))))))))))))) . 2007-12-14 17:58 . 2007-12-14 17:58 164 --a------ C:\install.dat 2007-12-14 07:40 . 2007-12-14 07:40 16,896 --a------ C:\WINDOWS\system32\A4E5.tmp 2007-12-13 18:18 . 2007-12-13 18:18 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-12-13 18:18 . 2007-12-13 18:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2007-12-11 18:38 . 2007-12-12 13:51 <REP> d-------- C:\Program Files\Navilog1 2007-12-09 23:15 . 2007-12-09 23:15 <REP> d-------- C:\Program Files\Avira 2007-12-09 23:15 . 2007-12-09 23:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2007-12-04 14:43 . 2007-12-04 16:23 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Shared 2007-12-04 14:43 . 2007-12-04 16:23 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Shared 2007-12-04 14:43 . 2007-12-04 16:28 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Incomplete 2007-12-04 14:43 . 2007-12-04 16:28 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Incomplete 2007-12-04 14:42 . 2007-12-04 16:28 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\LimeWire 2007-12-04 14:39 . 2007-12-04 16:25 <REP> d-------- C:\Program Files\LimeWire 2007-12-03 10:18 . 2007-12-14 19:49 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2007-12-03 10:18 . 2007-12-03 10:37 1,409 --a------ C:\WINDOWS\QTFont.for 2007-11-30 15:22 . 2007-11-30 15:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2007-11-30 15:21 . 2007-11-30 15:21 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\AVS4YOU 2007-11-30 15:12 . 2007-12-01 10:50 <REP> d-------- C:\Program Files\Fichiers communs\AVSMedia 2007-11-30 15:12 . 2007-12-01 10:50 <REP> d-------- C:\Program Files\AVS4YOU 2007-11-30 13:46 . 2007-11-30 13:46 <REP> d-------- C:\Program Files\CCleaner 2007-11-30 13:13 . 1999-08-04 12:00 1,294,336 --a------ C:\WINDOWS\system32\MGIIpl2A6.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,261,568 --a------ C:\WINDOWS\system32\MGIIpl2M6.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,228,800 --a------ C:\WINDOWS\system32\MGIIpl2M5.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,105,920 --a------ C:\WINDOWS\system32\MGIIpl2P6.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,052,672 --a------ C:\WINDOWS\system32\MGIIpl2P5.dll 2007-11-30 13:12 . 2007-11-30 13:12 <REP> d-------- C:\Program Files\Fichiers communs\MGI Shared 2007-11-30 13:11 . 2007-11-30 13:11 <REP> d-------- C:\Program Files\MGI 2007-11-28 14:25 . 2007-11-28 14:25 <REP> d-------- C:\Program Files\ffdshow 2007-11-24 15:11 . 2007-12-15 07:03 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Vista Start Menu 2007-11-24 15:10 . 2007-11-24 15:10 <REP> d-------- C:\Program Files\Vista Start Menu 2007-11-18 16:12 . 2007-11-18 16:12 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Media Player Classic 2007-11-17 14:27 . 2007-11-17 14:27 <REP> d-------- C:\foot_Effets 2007-11-17 14:18 . 2007-11-17 14:27 <REP> d-------- C:\VTProjects 2007-11-17 14:18 . 2007-11-17 14:18 <REP> d-------- C:\VTExport 2007-11-17 10:17 . 2007-11-17 10:26 <REP> d-------- C:\Program Files\Free FLV Converter 2007-11-17 10:17 . 2005-05-14 20:09 2,179,072 --a------ C:\WINDOWS\system32\mfc71d.dll 2007-11-17 10:17 . 2006-07-11 18:06 544,768 --a------ C:\WINDOWS\system32\msvcr71d.dll 2007-11-17 10:17 . 2007-06-18 23:22 364,544 --a------ C:\WINDOWS\system32\PropertyGrid.ocx 2007-11-17 10:17 . 2005-10-13 13:42 208,500 --a------ C:\WINDOWS\system32\ReyXpBasics.tlb 2007-11-17 10:17 . 2004-03-09 00:00 84,512 --a------ C:\WINDOWS\system32\PICCLP32.OCX 2007-11-17 10:17 . 2005-09-28 01:31 24,576 --a------ C:\WINDOWS\system32\ControlSubX.ocx 2007-11-17 10:17 . 1998-07-12 23:00 15,360 --a------ C:\WINDOWS\system32\inetfr.DLL 2007-11-17 10:17 . 1998-07-13 00:00 9,728 --a------ C:\WINDOWS\system32\PCCLPFR.DLL 2007-11-17 10:03 . 2007-11-17 10:03 <REP> d-------- C:\Program Files\FLVPlayer . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-15 13:08 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\SiteAdvisor 2007-12-15 07:05 --------- d-----w C:\Program Files\Mozilla Thunderbird 2007-12-15 05:46 507,025 -c--a-w C:\WINDOWS\system32\drivers\fwdrv.err 2007-12-14 18:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2007-12-14 16:18 --------- d-----w C:\Program Files\Hijackthis Version Française 2007-12-14 06:43 --------- d-----w C:\Program Files\Windows Desktop Search 2007-12-14 06:42 --------- d-----w C:\Program Files\PopTray 2007-12-14 06:42 --------- d-----w C:\Program Files\Fichiers communs\LightScribe 2007-12-14 06:42 --------- d-----w C:\Program Files\a-squared Free 2007-12-11 07:34 --------- d-----w C:\Program Files\Zylom Games 2007-12-10 18:45 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\PlayFirst 2007-12-10 18:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst 2007-12-10 18:44 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Zylom 2007-12-10 17:44 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Image Zone Express 2007-12-10 12:25 --------- d-----w C:\Program Files\Ri-li 2007-12-10 08:06 --------- d-----w C:\Program Files\Alwil Software 2007-12-08 17:01 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2007-12-08 11:17 25,084 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat 2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-03 14:24 --------- d-----w C:\Program Files\KC Softwares 2007-12-03 12:33 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\muvee Technologies 2007-12-02 17:05 --------- d-----w C:\Program Files\eMule 2007-12-02 16:34 --------- d-----w C:\Program Files\muvee Technologies 2007-12-02 16:34 --------- d-----w C:\Program Files\Fichiers communs\muvee Technologies 2007-12-02 16:30 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-02 07:46 --------- d-----w C:\Program Files\QuickTime 2007-12-01 11:52 --------- d-----w C:\Program Files\Fichiers communs\Real 2007-12-01 11:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-12-01 11:00 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Apple Computer 2007-11-30 08:59 --------- d-----w C:\Program Files\Windows Live 2007-11-28 13:16 --------- d-----w C:\Program Files\Microsoft Digital Image 10 2007-11-19 16:20 --------- d-----w C:\Program Files\iTunes 2007-11-19 16:20 --------- d-----w C:\Program Files\iPod 2007-11-19 08:41 --------- d-----w C:\Program Files\VideoLAN 2007-11-14 09:42 --------- d-----w C:\Program Files\PimpFish 2007-11-13 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zabersoft 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-11-12 09:41 --------- d-----w C:\Program Files\EO Video 2007-11-10 13:49 --------- d-----w C:\Program Files\Xi 2007-11-09 14:17 --------- d-----w C:\Program Files\Common Files 2007-11-09 13:54 724,992 -c--a-w C:\WINDOWS\iun6002.exe 2007-11-09 07:24 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\GeoVid 2007-11-09 07:22 --------- d-----w C:\Program Files\GeoVid 2007-11-04 13:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skyline 2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-28 22:15 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2007-10-28 21:15 --------- d-----w C:\Program Files\Web Media Player 2007-10-27 11:03 --------- d-----w C:\Program Files\VIPER TV PLAYER (v 7.1.1) 2007-10-25 12:24 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\dvdcss 2007-10-25 12:23 --------- d-----w C:\Program Files\ATI Technologies 2007-10-25 12:22 --------- d-----w C:\Program Files\HP 2007-10-25 12:22 --------- d-----w C:\Program Files\Hewlett-Packard 2007-10-25 12:22 --------- d-----w C:\Program Files\Fichiers communs\HP 2007-10-25 12:19 --------- d-----w C:\Program Files\ATI Technologies(2) 2007-10-25 12:01 --------- d-----w C:\Program Files\ATI 2007-10-25 10:47 --------- d-----w C:\Program Files\MSXML 6.0 2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-10-25 06:36 --------- d-----w C:\Program Files\Reference Assemblies 2007-10-25 06:36 --------- d-----w C:\Program Files\MSBuild 2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR 2007-10-21 13:19 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Skyline 2007-10-21 13:09 --------- d-----w C:\Program Files\Skyline 2007-10-21 09:46 --------- d-----w C:\Program Files\USB Disk Win98 Driver 2007-10-15 10:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\NannyMania 2007-10-01 08:42 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe 2007-08-26 16:22 47,360 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\pcouffin.sys 2007-05-14 18:19 87,608 ----a-w C:\Documents and Settings\HP_Propriétaire\Application Data\ezpinst.exe 2006-07-12 09:12 524,300 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\position.bin 2006-06-06 13:22 278,528 -c--a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2006-03-17 15:42 774,144 -c-ha-r C:\Program Files\RngInterstitial.dll 2005-12-28 09:33 970 -c--a-w C:\Documents and Settings\BRUNO\Application Data\wklnhst.dat 2005-11-16 19:46 284 -c--a-w C:\Documents and Settings\BRUNO\Application Data\ViewerApp.dat 2006-07-17 12:23 22 -csha-w C:\WINDOWS\SMINST\HPCD.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 19:00] "VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2007-11-12 17:42] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43] "PS2"="C:\WINDOWS\system32\ps2.exe" [2004-10-25 22:17] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04] "HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 19:43] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 16:32] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 14:28 C:\WINDOWS\soundman.exe] "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 23:50] "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 18:06 C:\WINDOWS\AGRSMMSG.exe] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-09 23:22] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-12-12 06:38] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WIAWizardMenu"="RUNDLL32.exe" [2004-08-05 19:00 C:\WINDOWS\system32\rundll32.exe] C:\Documents and Settings\HP_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\ PopTray.lnk - C:\Program Files\PopTray\PopTray.exe [2006-09-16 14:01:16] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hyperappel de l'Encyclopédie Universelle Larousse.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Hyperappel de l'Encyclopédie Universelle Larousse.lnk backup=C:\WINDOWS\pss\Hyperappel de l'Encyclopédie Universelle Larousse.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^KODAK Software Updater.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\KODAK Software Updater.lnk backup=C:\WINDOWS\pss\KODAK Software Updater.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk backup=C:\WINDOWS\pss\Logiciel Kodak EasyShare.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk] backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk] backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^HDD temperature.lnk] path=C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage\HDD temperature.lnk backup=C:\WINDOWS\pss\HDD temperature.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^PrintKey 2000 Fr.lnk] path=C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage\PrintKey 2000 Fr.lnk backup=C:\WINDOWS\pss\PrintKey 2000 Fr.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2007-10-10 19:51 39792 --a--c--- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] 2005-04-06 04:05 339968 --a------ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-01-15 16:14 147456 --a------ C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Color] C:\Program Files\DL Software\D-Color\dcolor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlmMgr] C:\Program Files\Fichiers communs\Adobe\ESD\AdobeDownloadManager.exe restart=1 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hkljgybdib] c:\documents and settings\hp_propriétaire\local settings\application data\hkljgybdib.exe hkljgybdib [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-02-16 22:11 49152 --a------ C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe -start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV] C:\Program Files\Its Label\ItsTV\ItsTV.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2007-11-15 13:11 267048 --a------ C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kapere] C:\Program Files\Akretio\Kapere\Kapere.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LOCKS GRAM] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CURBLI~1\web bags.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe boot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] 2005-06-08 14:24 458752 --a------ C:\Program Files\Logitech\Video\ISStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] 2005-06-08 14:14 217088 --a------ C:\Program Files\Logitech\Video\LogiTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] 2004-10-14 21:54 253952 --a------ c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] 2006-07-27 18:34 190024 --a------ C:\Program Files\MessengerPlus! 3\MsgPlus.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAHSSStartup] C:\Program Files\OrangeHSS\Launcher\Launcher.exe -appid connectivityapp [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orange Desktop Search] C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe /tray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2007-08-31 15:46 1460560 --a------ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2006-11-10 11:35 90112 --a------ C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2007-07-12 03:00 132496 --a------ C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2007-04-02 19:46 68856 --a------ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystrayORAHSS] 2007-01-04 10:45 90112 --a------ C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ub4TrayApp] C:\Program Files\Astase\UltraBackup\4.0\bin\ubtray.exe /start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Storage Toolbox] 2005-09-14 19:44 65536 --a--c--- C:\Program Files\USB Disk Win98 Driver\Res.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" boot [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "UserFaultCheck"=%systemroot%\system32\dumprep 0 -u "SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0\bin\jusched.exe "AGRSMMSG"=AGRSMMSG.exe "AlcxMonitor"=ALCXMNTR.EXE "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe "HPHUPD06"=c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe "LSBWatcher"=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe R0 avgntmgr;avgntmgr;C:\WINDOWS\system32\DRIVERS\avgntmgr.sys R1 avgntdd;avgntdd;C:\WINDOWS\system32\DRIVERS\avgntdd.sys R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS S3 AdWatchDrv;AW Realtime Driver;\??\C:\WINDOWS\system32\drivers\AWRTPD.sys S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" S4 LicCtrlService;LicCtrl Service;rundll32.exe C:\WINDOWS\mmfs.dll,Service [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-12-10 16:00:43 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-12-15 07:00:00 C:\WINDOWS\Tasks\HPpromotions psc 1600 series.job" - C:\Program Files\HP\Digital Imaging\bin\HP Promotions\AiOMVC\HPpromo.exe . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-15 14:23:27 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-15 14:26:00 C:\ComboFix2.txt ... 2007-12-15 07:06 . 2007-12-12 05:47:43 --- E O F --- ansi que navilog Search Navipromo version 3.3.7 commencé le 15/12/2007 à 14:34:21,84 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 08.12.2007 à 16h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 *** *** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\application data" *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Aucun Fichier trouvé *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans C:\WINDOWS\system32 * * Recherche dans "C:\Documents and Settings\HP_Propriétaire\local settings\application data" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus : 2)Recherche Heuristique : * Dans C:\WINDOWS\system32 : * Dans "C:\Documents and Settings\HP_Propriétaire\local settings\application data" : 3)Recherche Certificats : Certificat Egroup absent ! *** Analyse terminée le 15/12/2007 à 14:45:18,85 *** allez a ++++
  6. fifi29
    bonjour bruce lee, voici donc le rapport de combofix: ComboFix 07-12-15.3 - HP_Propriétaire 2007-12-15 6:54:54.1 - NTFSx86 Running from: C:\Documents and Settings\HP_Propriétaire\Mes documents\Downloads\ComboFix.exe * Created a new restore point . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\HP_Propriétaire\Application Data\inst.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\hkljgybdib.dat c:\documents and settings\hp_propriétaire\local settings\application data\hkljgybdib.exe c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\hkljgybdib_nav.dat C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\hkljgybdib_navps.dat C:\setup.exe C:\WINDOWS\system32\_000008_.tmp.dll D:\Autorun.inf . ((((((((((((((((((((((((((((( Fichiers créés 2007-11-15 to 2007-12-15 )))))))))))))))))))))))))))))))))))) . 2007-12-14 17:58 . 2007-12-14 17:58 164 --a------ C:\install.dat 2007-12-14 07:40 . 2007-12-14 07:40 16,896 --a------ C:\WINDOWS\system32\A4E5.tmp 2007-12-13 18:18 . 2007-12-13 18:18 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-12-13 18:18 . 2007-12-13 18:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2007-12-11 18:38 . 2007-12-12 13:51 <REP> d-------- C:\Program Files\Navilog1 2007-12-09 23:15 . 2007-12-09 23:15 <REP> d-------- C:\Program Files\Avira 2007-12-09 23:15 . 2007-12-09 23:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2007-12-04 14:43 . 2007-12-04 16:23 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Shared 2007-12-04 14:43 . 2007-12-04 16:23 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Shared 2007-12-04 14:43 . 2007-12-04 16:28 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Incomplete 2007-12-04 14:43 . 2007-12-04 16:28 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Incomplete 2007-12-04 14:42 . 2007-12-04 16:28 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\LimeWire 2007-12-04 14:39 . 2007-12-04 16:25 <REP> d-------- C:\Program Files\LimeWire 2007-12-03 10:18 . 2007-12-14 19:49 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2007-12-03 10:18 . 2007-12-03 10:37 1,409 --a------ C:\WINDOWS\QTFont.for 2007-11-30 15:22 . 2007-11-30 15:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2007-11-30 15:21 . 2007-11-30 15:21 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\AVS4YOU 2007-11-30 15:12 . 2007-12-01 10:50 <REP> d-------- C:\Program Files\Fichiers communs\AVSMedia 2007-11-30 15:12 . 2007-12-01 10:50 <REP> d-------- C:\Program Files\AVS4YOU 2007-11-30 13:46 . 2007-11-30 13:46 <REP> d-------- C:\Program Files\CCleaner 2007-11-30 13:13 . 1999-08-04 12:00 1,294,336 --a------ C:\WINDOWS\system32\MGIIpl2A6.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,261,568 --a------ C:\WINDOWS\system32\MGIIpl2M6.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,228,800 --a------ C:\WINDOWS\system32\MGIIpl2M5.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,105,920 --a------ C:\WINDOWS\system32\MGIIpl2P6.dll 2007-11-30 13:13 . 1999-08-04 12:00 1,052,672 --a------ C:\WINDOWS\system32\MGIIpl2P5.dll 2007-11-30 13:12 . 2007-11-30 13:12 <REP> d-------- C:\Program Files\Fichiers communs\MGI Shared 2007-11-30 13:11 . 2007-11-30 13:11 <REP> d-------- C:\Program Files\MGI 2007-11-28 14:25 . 2007-11-28 14:25 <REP> d-------- C:\Program Files\ffdshow 2007-11-24 15:11 . 2007-12-15 07:03 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Vista Start Menu 2007-11-24 15:10 . 2007-11-24 15:10 <REP> d-------- C:\Program Files\Vista Start Menu 2007-11-18 16:12 . 2007-11-18 16:12 <REP> d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Media Player Classic 2007-11-17 14:27 . 2007-11-17 14:27 <REP> d-------- C:\foot_Effets 2007-11-17 14:18 . 2007-11-17 14:27 <REP> d-------- C:\VTProjects 2007-11-17 14:18 . 2007-11-17 14:18 <REP> d-------- C:\VTExport 2007-11-17 10:17 . 2007-11-17 10:26 <REP> d-------- C:\Program Files\Free FLV Converter 2007-11-17 10:17 . 2005-05-14 20:09 2,179,072 --a------ C:\WINDOWS\system32\mfc71d.dll 2007-11-17 10:17 . 2006-07-11 18:06 544,768 --a------ C:\WINDOWS\system32\msvcr71d.dll 2007-11-17 10:17 . 2007-06-18 23:22 364,544 --a------ C:\WINDOWS\system32\PropertyGrid.ocx 2007-11-17 10:17 . 2005-10-13 13:42 208,500 --a------ C:\WINDOWS\system32\ReyXpBasics.tlb 2007-11-17 10:17 . 2004-03-09 00:00 84,512 --a------ C:\WINDOWS\system32\PICCLP32.OCX 2007-11-17 10:17 . 2005-09-28 01:31 24,576 --a------ C:\WINDOWS\system32\ControlSubX.ocx 2007-11-17 10:17 . 1998-07-12 23:00 15,360 --a------ C:\WINDOWS\system32\inetfr.DLL 2007-11-17 10:17 . 1998-07-13 00:00 9,728 --a------ C:\WINDOWS\system32\PCCLPFR.DLL 2007-11-17 10:03 . 2007-11-17 10:03 <REP> d-------- C:\Program Files\FLVPlayer . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-15 05:47 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\SiteAdvisor 2007-12-15 05:46 507,025 -c--a-w C:\WINDOWS\system32\drivers\fwdrv.err 2007-12-14 18:39 --------- d-----w C:\Program Files\Mozilla Thunderbird 2007-12-14 18:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2007-12-14 16:18 --------- d-----w C:\Program Files\Hijackthis Version Française 2007-12-14 06:43 --------- d-----w C:\Program Files\Windows Desktop Search 2007-12-14 06:42 --------- d-----w C:\Program Files\PopTray 2007-12-14 06:42 --------- d-----w C:\Program Files\Fichiers communs\LightScribe 2007-12-14 06:42 --------- d-----w C:\Program Files\a-squared Free 2007-12-11 07:34 --------- d-----w C:\Program Files\Zylom Games 2007-12-10 18:45 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\PlayFirst 2007-12-10 18:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst 2007-12-10 18:44 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Zylom 2007-12-10 17:44 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Image Zone Express 2007-12-10 12:25 --------- d-----w C:\Program Files\Ri-li 2007-12-10 08:06 --------- d-----w C:\Program Files\Alwil Software 2007-12-08 17:01 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2007-12-08 11:17 25,084 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat 2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-03 14:24 --------- d-----w C:\Program Files\KC Softwares 2007-12-03 12:33 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\muvee Technologies 2007-12-02 17:05 --------- d-----w C:\Program Files\eMule 2007-12-02 16:34 --------- d-----w C:\Program Files\muvee Technologies 2007-12-02 16:34 --------- d-----w C:\Program Files\Fichiers communs\muvee Technologies 2007-12-02 16:30 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-02 07:46 --------- d-----w C:\Program Files\QuickTime 2007-12-01 11:52 --------- d-----w C:\Program Files\Fichiers communs\Real 2007-12-01 11:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-12-01 11:00 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Apple Computer 2007-11-30 08:59 --------- d-----w C:\Program Files\Windows Live 2007-11-28 13:16 --------- d-----w C:\Program Files\Microsoft Digital Image 10 2007-11-19 16:20 --------- d-----w C:\Program Files\iTunes 2007-11-19 16:20 --------- d-----w C:\Program Files\iPod 2007-11-19 08:41 --------- d-----w C:\Program Files\VideoLAN 2007-11-14 09:42 --------- d-----w C:\Program Files\PimpFish 2007-11-13 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zabersoft 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-11-12 09:41 --------- d-----w C:\Program Files\EO Video 2007-11-10 13:49 --------- d-----w C:\Program Files\Xi 2007-11-09 14:17 --------- d-----w C:\Program Files\Common Files 2007-11-09 13:54 724,992 -c--a-w C:\WINDOWS\iun6002.exe 2007-11-09 07:24 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\GeoVid 2007-11-09 07:22 --------- d-----w C:\Program Files\GeoVid 2007-11-04 13:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skyline 2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-28 22:15 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2007-10-28 21:15 --------- d-----w C:\Program Files\Web Media Player 2007-10-27 11:03 --------- d-----w C:\Program Files\VIPER TV PLAYER (v 7.1.1) 2007-10-25 12:24 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\dvdcss 2007-10-25 12:23 --------- d-----w C:\Program Files\ATI Technologies 2007-10-25 12:22 --------- d-----w C:\Program Files\HP 2007-10-25 12:22 --------- d-----w C:\Program Files\Hewlett-Packard 2007-10-25 12:22 --------- d-----w C:\Program Files\Fichiers communs\HP 2007-10-25 12:19 --------- d-----w C:\Program Files\ATI Technologies(2) 2007-10-25 12:01 --------- d-----w C:\Program Files\ATI 2007-10-25 10:47 --------- d-----w C:\Program Files\MSXML 6.0 2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-10-25 06:36 --------- d-----w C:\Program Files\Reference Assemblies 2007-10-25 06:36 --------- d-----w C:\Program Files\MSBuild 2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR 2007-10-21 13:19 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Skyline 2007-10-21 13:09 --------- d-----w C:\Program Files\Skyline 2007-10-21 09:46 --------- d-----w C:\Program Files\USB Disk Win98 Driver 2007-10-15 10:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\NannyMania 2007-10-01 08:42 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe 2007-08-26 16:22 47,360 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\pcouffin.sys 2007-05-14 18:19 87,608 ----a-w C:\Documents and Settings\HP_Propriétaire\Application Data\ezpinst.exe 2006-07-12 09:12 524,300 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\position.bin 2006-06-06 13:22 278,528 -c--a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2006-03-17 15:42 774,144 -c-ha-r C:\Program Files\RngInterstitial.dll 2005-12-28 09:33 970 -c--a-w C:\Documents and Settings\BRUNO\Application Data\wklnhst.dat 2005-11-16 19:46 284 -c--a-w C:\Documents and Settings\BRUNO\Application Data\ViewerApp.dat 2006-07-17 12:23 22 -csha-w C:\WINDOWS\SMINST\HPCD.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 19:00] "VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2007-11-12 17:42] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43] "PS2"="C:\WINDOWS\system32\ps2.exe" [2004-10-25 22:17] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04] "HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 19:43] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 16:32] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 14:28 C:\WINDOWS\soundman.exe] "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 23:50] "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 18:06 C:\WINDOWS\AGRSMMSG.exe] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-09 23:22] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-12-12 06:38] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WIAWizardMenu"="RUNDLL32.exe" [2004-08-05 19:00 C:\WINDOWS\system32\rundll32.exe] C:\Documents and Settings\HP_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\ PopTray.lnk - C:\Program Files\PopTray\PopTray.exe [2006-09-16 14:01:16] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hyperappel de l'Encyclopédie Universelle Larousse.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Hyperappel de l'Encyclopédie Universelle Larousse.lnk backup=C:\WINDOWS\pss\Hyperappel de l'Encyclopédie Universelle Larousse.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^KODAK Software Updater.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\KODAK Software Updater.lnk backup=C:\WINDOWS\pss\KODAK Software Updater.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk backup=C:\WINDOWS\pss\Logiciel Kodak EasyShare.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk] backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk] backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^HDD temperature.lnk] path=C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage\HDD temperature.lnk backup=C:\WINDOWS\pss\HDD temperature.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^PrintKey 2000 Fr.lnk] path=C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage\PrintKey 2000 Fr.lnk backup=C:\WINDOWS\pss\PrintKey 2000 Fr.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2007-10-10 19:51 39792 --a--c--- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] 2005-04-06 04:05 339968 --a------ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2007-01-15 16:14 147456 --a------ C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Color] C:\Program Files\DL Software\D-Color\dcolor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlmMgr] C:\Program Files\Fichiers communs\Adobe\ESD\AdobeDownloadManager.exe restart=1 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hkljgybdib] c:\documents and settings\hp_propriétaire\local settings\application data\hkljgybdib.exe hkljgybdib [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-02-16 22:11 49152 --a------ C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe -start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV] C:\Program Files\Its Label\ItsTV\ItsTV.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2007-11-15 13:11 267048 --a------ C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kapere] C:\Program Files\Akretio\Kapere\Kapere.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LOCKS GRAM] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CURBLI~1\web bags.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe boot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] 2005-06-08 14:24 458752 --a------ C:\Program Files\Logitech\Video\ISStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] 2005-06-08 14:14 217088 --a------ C:\Program Files\Logitech\Video\LogiTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] 2004-10-14 21:54 253952 --a------ c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] 2006-07-27 18:34 190024 --a------ C:\Program Files\MessengerPlus! 3\MsgPlus.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MIX LIVE 2 NEW] C:\Documents and Settings\All Users\Application Data\loudintermixlive\For intra.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAHSSStartup] C:\Program Files\OrangeHSS\Launcher\Launcher.exe -appid connectivityapp [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orange Desktop Search] C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe /tray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2007-08-31 15:46 1460560 --a------ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2006-11-10 11:35 90112 --a------ C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2007-07-12 03:00 132496 --a------ C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2007-04-02 19:46 68856 --a------ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystrayORAHSS] 2007-01-04 10:45 90112 --a------ C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ub4TrayApp] C:\Program Files\Astase\UltraBackup\4.0\bin\ubtray.exe /start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Storage Toolbox] 2005-09-14 19:44 65536 --a--c--- C:\Program Files\USB Disk Win98 Driver\Res.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vdszixfnbk] c:\documents and settings\hp_propriétaire\local settings\application data\vdszixfnbk.exe vdszixfnbk [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZangoOE] C:\Program Files\Zango\bin\10.0.341.0\OEAddOn.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZangoSA] C:\Program Files\Zango\bin\10.0.341.0\ZangoSA.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" boot [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "UserFaultCheck"=%systemroot%\system32\dumprep 0 -u "SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0\bin\jusched.exe "AGRSMMSG"=AGRSMMSG.exe "AlcxMonitor"=ALCXMNTR.EXE "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe "HPHUPD06"=c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe "LSBWatcher"=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe R0 avgntmgr;avgntmgr;C:\WINDOWS\system32\DRIVERS\avgntmgr.sys R1 avgntdd;avgntdd;C:\WINDOWS\system32\DRIVERS\avgntdd.sys R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS S3 AdWatchDrv;AW Realtime Driver;\??\C:\WINDOWS\system32\drivers\AWRTPD.sys S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" S4 LicCtrlService;LicCtrl Service;rundll32.exe C:\WINDOWS\mmfs.dll,Service [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 *Newly Created Service* - CATCHME *Newly Created Service* - PROCEXP90 . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-12-10 16:00:43 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-12-14 19:00:01 C:\WINDOWS\Tasks\HPpromotions psc 1600 series.job" - C:\Program Files\HP\Digital Imaging\bin\HP Promotions\AiOMVC\HPpromo.exe . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-15 07:03:49 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-15 7:06:17 . 2007-12-12 05:47:43 --- E O F --- quand au nom des pages je ne m'en rappel pas de tete , car depuis j'évite de surfer sur la toile . mais je noterais çà aujourd'hui , encore merci et a ++++
  7. fifi29
    salut bruce lee et a tous, le scan avec panda ne fonctionne pas , j'ai essayer avec bitdefender et çà bug a la fin . que puis je faire ???? j'ai toujours ces pages indésirées qui s'affiche , j'en ai mare. a++++
  8. fifi29
    salut bruce lee , voici ce que donne kapersky a la fin: http://hiboox.com/lang-fr/image.php?img=i1pf0iw4.gif pas possible d'enregistrer le rapport . je vais en refaire un avec panda , çà marche mieux, a ++++
  9. fifi29
    salut bruce lee, avg n'a rien detecté donc pas de rapport: http://hiboox.com/lang-fr/image.php?img=p3cacedd.gif et le probleme persiste , que puis je faire?? merci et a ++++
  10. fifi29
    salut brucelee, avg ne m'a pas donnez de rapport après, je vais donc recommencer. pour ce qui est de navilog voici le rapport: Clean Navipromo version 3.3.7 commencé le 12/12/2007 à 13:47:51,09 Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 08.12.2007 à 16h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Mode suppression automatique Executé en mode sans échec *** Creation backups fichiers trouvés par Catchme *** Copie vers "C:\Program Files\navilog1\Backupnavi" Copie C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk.dat réalisée avec succès ! Copie C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk.exe réalisée avec succès ! Copie C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk_nav.dat réalisée avec succès ! Copie C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk_navps.dat réalisée avec succès ! *** Suppression des fichiers trouvés avec Catchme *** C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk.dat supprimé ! C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk.exe supprimé ! C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk_nav.dat supprimé ! C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk_navps.dat supprimé ! ** 2ème passage avec résultats Catchme ** * Dans C:\WINDOWS\system32 * C:\WINDOWS\prefetch\vdszixfnbk*.pf trouvé ! Copie C:\WINDOWS\prefetch\vdszixfnbk*.pf réalisée avec succès ! C:\WINDOWS\prefetch\vdszixfnbk*.pf supprimé ! * Dans "C:\Documents and Settings\Administrateur\local settings\application data" * *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans C:\WINDOWS\System32 * * Suppression dans "C:\Documents and Settings\Administrateur\local settings\application data" * *** Suppression dossiers dans C:\WINDOWS *** *** Suppression dossiers dans C:\Program Files *** *** Suppression dossiers dans *** *** Suppression dossiers dans "C:\Documents and Settings\Administrateur\application data" *** *** Suppression dossiers dans *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Administrateur\Local Settings\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche, création sauvegardes et suppression Heuristique : * Dans C:\WINDOWS\system32 * * Dans "C:\Documents and Settings\Administrateur\local settings\application data" * *** Sauvegarde du Registre vers dossier Backupnavi *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup absent ! *** Nettoyage terminé le 12/12/2007 à 13:51:38,68 *** merci et a ++++
  11. fifi29
    ok et merci , je vais faire çà. de plus spybot a trouver ceci: http://hiboox.com/lang-fr/image.php?img=01pgf13f.gif erreur que spybot a corrigé.a ++++
  12. fifi29
    bonsoir bruce lee , et merci a toi de te réoccupé de moi , çà fait longtemps.voici le rapport: Search Navipromo version 3.3.7 commencé le 11/12/2007 à 18:41:22,40 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 08.12.2007 à 16h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 *** *** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\application data" *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Fichier(s) caché(s) : C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk.dat C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk.exe C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk_nav.dat C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\vdszixfnbk_navps.dat *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans C:\WINDOWS\system32 * * Recherche dans "C:\Documents and Settings\HP_Propriétaire\local settings\application data" * Fichiers trouvés : vdszixfnbk.exe trouvé ! *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus : 2)Recherche Heuristique : * Dans C:\WINDOWS\system32 : * Dans "C:\Documents and Settings\HP_Propriétaire\local settings\application data" : vdszixfnbk.dat trouvé ! 3)Recherche Certificats : Certificat Egroup trouvé ! *** Analyse terminée le 11/12/2007 à 18:55:05,50 *** encore merci et a ++++
  13. fifi29
    bonjour a tous , a l'ouverture de firefox , je trouve ceci http://hiboox.com/lang-fr/image.php?img=3nr8emh3.gif puis ceci aprés http://hiboox.com/lang-fr/image.php?img=5djhzjgi.gif alors que je viens de remplacer avast par antivir, mais je ne pense pas que ce sois la cause! ci joint log hijackthis Logfile of HijackThis v1.99.1 Scan saved at 08:01:49, on 11/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\ps2.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\hphmon06.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\FTRTSVC.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Vista Start Menu\VistaStartMenu.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\PopTray\PopTray.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe" O4 - Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1177841914375 O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1178892536171 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.5.0) - O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe dernier logiciel installer : dream chronicles deluxe ???? douteux ou pas, merci et a ++++
  14. fifi29

    antivir

    fifi29 a répondu à un(e) sujet de fifi29 dans Analyses et éradication malwares

    salut zonk , voici ce que met antivir pour les rootkits http://hiboox.com/lang-fr/image.php?img=yc4n7gt4.gif , ils sont bien cochés pour le C et leD. et j'ai activer scan master boot sector. je vais refaire un scan pour voir la différence , a ++++
  15. fifi29

    antivir

    fifi29 a répondu à un(e) sujet de fifi29 dans Analyses et éradication malwares

    ok zonk et a ++++
  16. fifi29
    bonjour a tous , comme beaucoup j'ai virer avast pour antivir, dont voici le rapport AntiVir PersonalEdition Classic Report file date: dimanche 9 décembre 2007 23:35 Scanning for 963523 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: SYSTEM Computer name: Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 22:22:51 ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 22:22:51 ANTIVIR2.VDF : 7.0.1.30 1575424 Bytes 30/11/2007 22:22:51 ANTIVIR3.VDF : 7.0.1.60 112128 Bytes 07/12/2007 22:22:51 AVEWIN32.DLL : 7.6.0.40 3064320 Bytes 09/12/2007 22:22:52 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: D:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: dimanche 9 décembre 2007 23:35 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'firefox.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned Scan process 'searchindexer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned Scan process 'PopTray.exe' - '1' Module(s) have been scanned Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned Scan process 'vdszixfnbk.exe' - '1' Module(s) have been scanned Scan process 'guard.exe' - '1' Module(s) have been scanned Scan process 'msmsgs.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'VistaStartMenu.exe' - '1' Module(s) have been scanned Scan process 'a2service.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned Scan process 'soundman.exe' - '1' Module(s) have been scanned Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned Scan process 'ashDisp.exe' - '1' Module(s) have been scanned Scan process 'hphmon06.exe' - '1' Module(s) have been scanned Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned Scan process 'ps2.EXE' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'ashServ.exe' - '1' Module(s) have been scanned Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 47 processes with 47 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '27' files ). Starting the file scan: Begin scan in 'C:\' <HP_PAVILION> C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Zango3.zip [DETECTION] Contains suspicious code GEN/PwdZIP [iNFO] The file was moved to '47ca6f4a.qua'! Begin scan in 'D:\' <HP_RECOVERY> End of the scan: lundi 10 décembre 2007 01:33 Used time: 1:58:21 min The scan has been done completely. 14449 Scanning directories 705035 Files were scanned 0 viruses and/or unwanted programs were found 1 Files were classified as suspicious: 0 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 705035 Files not concerned 19803 Archives were scanned 2 Warnings 126 Notes pourriez vous me donnez votre avis sur ce rapport. de plus un bon point positif a antivir , j'ai un démarrage plus rapide de mon pc. comme quoi avast devait etre vraiment lourd.merci et a ++++
  17. fifi29
    salut zazazozou, un lien sur lequel tu trouveras peut etre ton bonheur: http://www.arobase.org/oe/ Impossible d'ouvrir une pièce jointe dans Outlook Express : L'erreur suivante apparaîtra : "Outlook Express a supprimé l'accès aux pièces jointes suivantes de votre message électronique jugées non fiables : Famille ZIP." Cliquez sur Outils/Options, puis sur l'onglet Sécurité. Décochez la case Ne pas autoriser l'ouverture ou l'enregistrement de pièces jointes susceptibles de contenir un virus.si çà peut aider, a ++++
  18. fifi29

    configuration

    fifi29 a répondu à un(e) sujet de dom0609 dans Internet & Réseaux

    salut dom0609 , voici un tuto pour thunderbird : http://www.tutopat.com/viewtopic.php?t=630 et pour outlook: http://www.tutopat.com/viewtopic.php?t=3095 a++++
  19. fifi29
    re , voila c'est refait , mais ceux -ci non pas été pris: regsvr32.exe acelpdec.ax regsvr32.exe psisrndr.ax regsvr32.exe iac25_32.ax regsvr32.exe ir50_32.dll regsvr32.exe ivfsrc.ax regsvr32.exe l3codecx.ax regsvr32.exe wmmfilt.dll regsvr32.exe msadds.ax loadlibrary("acelpdex.ax") a échoué- le module spécifié est introuvable pourquoi je ne sais pas a ++
  20. fifi29
    bonjour ogu , hélas non ,j'ai laisser le /s , car je l'ai fait en copier /coller . je vais donc recommencer , et encore merci , a ++++
  21. fifi29
    salut ogu , c'est fait mais je n'ai eu aucune fenetre qui c'est ouverte , mais je pense que çà a du fonctionner.a ++++
  22. fifi29
    bonsoir a tous , sans oublier une maj (mise a jour) régulière pour éviter certain soucis, http://www.malekal.com/scan_vulnerabilite.php et pour secuser.com: http://www.secuser.com/ et pour la sécu il y a : http://ipl001.gm.free.fr/Espace_Securite.html a ++++
  23. fifi29
    bonsoir ogu , ok et merci , mais je verrais cela demain ( car beaucoup a faire manuellement ) et je te tiens au courant ,bonne soirée et a ++++
  24. fifi29
    salut ogu , je n'ai pas de fenetre noire d'invite de commande qui apparait , comment faire et encore merci. a ++++
  25. fifi29
    bonjour a tous , le .bat me donne ceci : regsvr32.exe /s quartz.dll regsvr32.exe /s wmpasf.dll regsvr32.exe /s acelpdec.ax regsvr32.exe /s qcap.dll regsvr32.exe /s psisrndr.ax regsvr32.exe /s qdv.dll regsvr32.exe /s qdvd.dll regsvr32.exe /s g711codc.ax regsvr32.exe /s iac25_32.ax regsvr32.exe /s ir50_32.dll regsvr32.exe /s ivfsrc.ax regsvr32.exe /s msscds32.ax regsvr32.exe /s l3codecx.ax regsvr32.exe /s mpg2splt.ax regsvr32.exe /s mpeg2data.ax regsvr32.exe /s sbe.dll regsvr32.exe /s qedit.dll regsvr32.exe /s wmmfilt.dll regsvr32.exe /s vbisurf.ax regsvr32.exe /s wiasf.ax regsvr32.exe /s msadds.ax regsvr32.exe /s wmv8ds32.ax regsvr32.exe /s wmvds32.ax regsvr32.exe /s qasf.dll regsvr32.exe /s wstdecod.dll mais que faire de ce fichier, l'enregistrer ou ? merci et a ++++
×
×
  • Créer...