Aller au contenu

Gildas Ar Breizh

Membres
  • Compteur de contenus

    65
  • Inscription

  • Dernière visite

À propos de Gildas Ar Breizh

  • Date de naissance 08/09/1977

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Sexe
    Male
  • Localisation
    Bretagne (35) BzH
  • Intérêts
    Internet

Autres informations

  • Mes langues
    francais

Visiteurs récents du profil

2 445 visualisations du profil

Gildas Ar Breizh's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. Impeccable MERCI et bonne journée Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:49, on 04/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\VisualTaskTips\VisualTaskTips.exe C:\Program Files\Taskix\Taskix32.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Notebook Hardware Control\nhc.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\HPQ\shared\hpqwmi.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VisualTaskTips] "C:\Program Files\VisualTaskTips\VisualTaskTips.exe" O4 - HKLM\..\Run: [Vistadrv] C:\Program Files\VistaDriveStatus\vsdrv.exe O4 - HKLM\..\Run: [Taskix] C:\Program Files\Taskix\Taskix32.exe start O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 4953 bytes
  2. Bonjour, J'aimerai effacer ceci: O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (eventuellement faisable avec "Starter") et ceci: O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe PROPREMENT svp merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:26, on 04/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\VisualTaskTips\VisualTaskTips.exe C:\Program Files\Taskix\Taskix32.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Notebook Hardware Control\nhc.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\HPQ\shared\hpqwmi.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VisualTaskTips] "C:\Program Files\VisualTaskTips\VisualTaskTips.exe" O4 - HKLM\..\Run: [Vistadrv] C:\Program Files\VistaDriveStatus\vsdrv.exe O4 - HKLM\..\Run: [Taskix] C:\Program Files\Taskix\Taskix32.exe start O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 5203 bytes
  3. Effectivement les logiciels de P2P ralentissent le demarrage, d'autant que souvent ils modifient la taille du cache La messagerie au demarrage est egalement une source de ralentissement (est-elle utile au demarrage, ne vaut-il pas mieu attendre que l'anti-virus soit en route) Consomme beaucoup de ram: D:\PROGRA~1\SPYBOT~1\SDHelper.dll En 512Mo, je me le permet pas (as-tu assez de ram ?) D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe S'il monte un lecteur virtuel au demarrage cela augmente cette procedure La plupart de tes programmes sont sur "D:\" ! Si le ralentissement est soudain: http://www.zebulon.fr/astuces/130-windows-...ement-lent.html
  4. MERCI Mais n'y a-t-il pas des logiciels genre "Zeb-Protect", qui permettrai de les fermés en un clic (surtout afin de ne pas se tromper)
  5. MERCI C'était deja fait HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug Effacé, mais toujours present dans CCleaner "C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Dr Watson\user.dmp 70,03KB" "user.dmp 70,03KB" Effacé avec Shredder ; ok La ligne n'est plus MERCI pour tout
  6. Bonsoir, Petite precition le processeur est de 3Ghz Sinon oui, il m'est vendu avec licence (d'entreprise), plus CD original Ma question etait surtout que faire avant d'allez sur le net prendre les MAJ (bloquer certain port, avec quel logiciel,etc...) Et que faire une fois en ligne
  7. MERCI Effectivement je voulais dire "envahi" Ca marche correctement, Si ce n'est que je suis ralenti, vu que les manipulations effectuées ont fragmenté mon DD, mais cela reviendra J'ai omis de copier le rapport et ai fait "supprimé" directement Il y avait ~7 lignes dont 3 pour HJT 6 mois, quand meme, que je cherche sur la toile qu'elle etait cette entrée sans resultat Je ne serai jamais d'ou elle venait Maintenant quelle est effacé je peux demarrer en (msonfig) mode normal sans etre envahi de pub et d'alertes tentatives d'intrutions Pourquoi ai-je tout le temps cette ligne dans CCleaner ? "C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Dr Watson\user.dmp 70,03KB" Est-ce normal ? Elle est toujours de la meme taille OK pour msn J'ignorai qu'il fallait le faire pour chaque compte en etant connecté Que dois-je faire au sujet de la console de recuperation que j'ai desormais au demarage (je l'ai créer suvant le modele du tuto de "ComboFix" Et encore MERCI
  8. BONJOUR, J'ai commandé un nouveau PC UC Win XP Pro SP2 1Go PC3200 carte video X1950 Pro ecran 17" Hyundai Il a 2 ans c'est une occasion de cybercafé Il me sera livré le 10 mars entierement reformaté J'aurai voulu savoir quel sont les premieres manipulations a effectuer dessus Quel anti-virus et autres me conseilleriez vous en gratuit ou a l'essai
  9. Mon lecteur "C:\" commence a etre envi, que faut il enlever ? http://img504.imageshack.us/my.php?image=2...02181745ts1.jpg
  10. ok l'entrée a disparu CFScript effectuer en mode diagnostique (le fichier txt a disparu de mon bureau lorsque je l'ai glisser sur ComboFix) ComboFix 08-03-01.3 - Jerome 2008-03-02 17:17:48.3 - NTFSx86 Endroit: C:\Documents and Settings\Jerome.JEROME-69F6ED99\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Jerome.JEROME-69F6ED99\Bureau\CFScript.txt FILE :: C:\WINDOWS0001_.tmp . ((((((((((((((((((((((((((((( Fichiers créés 2008-02-02 to 2008-03-02 )))))))))))))))))))))))))))))))))))) . 2008-03-02 16:21 . 2008-03-02 16:21 <REP> d-------- C:\WINDOWS\ERUNT 2008-03-02 16:12 . 2008-03-02 16:50 <REP> d-------- C:\SDFix 2008-03-02 16:05 . 2008-03-02 16:10 <REP> d-------- C:\Lop SD 2008-03-02 14:16 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-03-02 13:44 . 2008-03-02 13:44 9,191,818 --a------ C:\upload_moi_JEROME.tar.gz 2008-03-02 01:27 . 2008-03-02 01:27 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-03-02 01:27 . 2008-03-02 01:27 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab 2008-02-29 16:14 . 2008-02-29 16:14 <REP> d-------- C:\Program Files\Teamspeak2_RC2 2008-02-29 16:09 . 2008-02-29 16:09 <REP> d-------- C:\Program Files\GUILD WARS 2008-02-29 15:51 . 2008-03-01 22:50 <REP> d-------- C:\Program Files\AIDA32 - Personal System Information 2008-02-28 17:18 . 2008-02-28 17:19 <REP> d-------- C:\Program Files\Windows Live Safety Center 2008-02-28 02:20 . 2008-02-28 02:20 161 --a------ C:\WINDOWS\MyDrivers.ini 2008-02-26 01:45 . 2008-02-26 01:45 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\Nero 2008-02-26 01:39 . 2008-02-28 02:22 <REP> d-------- C:\Program Files\Nero 2008-02-26 01:39 . 2008-02-26 01:43 <REP> d-------- C:\Program Files\Fichiers communs\Nero 2008-02-26 01:39 . 2008-02-26 01:39 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero 2008-02-25 23:33 . 2008-02-25 23:33 <REP> d-------- C:\Program Files\ESET 2008-02-25 22:46 . 2008-02-25 23:02 125 --a------ C:\ioSpecial.ini 2008-02-25 22:03 . 2008-02-29 20:16 <REP> d-------- C:\Program Files\ma-config.com 2008-02-25 22:01 . 2008-02-25 22:01 <REP> d--h----- C:\WINDOWS\PIF 2008-02-25 17:18 . 2008-02-25 17:18 51 --a------ C:\WINDOWS\pccillin.ini 2008-02-25 14:38 . 2008-01-07 14:29 352 --ah----- C:\WINDOWS\nod32fixtemdono.reg 2008-02-25 12:04 . 2008-02-25 15:14 81,984 --a------ C:\WINDOWS\system32\bdod.bin 2008-02-25 11:36 . 2008-02-25 17:28 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Trend Micro 2008-02-25 10:54 . 2008-02-25 10:54 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\FastStone 2008-02-25 10:51 . 2008-02-25 10:51 <REP> d-------- C:\Program Files\Virtual CDRom 2008-02-25 10:51 . 2008-02-28 21:47 <REP> d-------- C:\Program Files\IrfanView 2008-02-25 10:51 . 2008-02-25 10:51 <REP> d-------- C:\Program Files\FastStone Capture 2008-02-25 10:51 . 2008-02-25 10:51 39,859 --a------ C:\WINDOWS\system32\UnIfs.exe 2008-02-25 10:41 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\WinRoll 2008-02-25 10:41 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\VisualTaskTips 2008-02-25 10:41 . 2008-02-25 10:48 <REP> d-------- C:\Program Files\VistaDriveStatus 2008-02-25 10:41 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\TransBar 2008-02-25 10:41 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\Taskix 2008-02-25 10:41 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\LClock 2008-02-25 09:47 . 2008-02-25 09:47 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\ESET 2008-02-25 09:39 . 2008-02-25 09:39 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET 2008-02-25 07:57 . 2008-02-25 07:57 <REP> d-------- C:\Program Files\PowerQuest 2008-02-24 09:02 . 2008-02-24 09:02 36 --a------ C:\WINDOWS\DaemonPlugin.INI 2008-02-24 08:46 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\WTInstaller 2008-02-24 06:24 . 2008-02-24 06:24 <REP> d-------- C:\Program Files\DAEMON Tools 2008-02-24 06:20 . 2008-02-24 09:02 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\DAEMON Tools 2008-02-24 06:14 . 2008-02-24 06:14 <REP> d-------- C:\WINDOWS\system32\dumps 2008-02-24 03:52 . 2008-02-24 03:52 3,934 --a------ C:\WINDOWS\Ascd_tmp.ini 2008-02-24 03:51 . 2000-03-29 15:17 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS 2008-02-23 17:24 . 2008-02-24 02:55 249,856 --------- C:\WINDOWS\Setup1.exe 2008-02-23 17:24 . 2008-02-24 02:55 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2008-02-23 09:26 . 2008-02-25 22:45 <REP> d-------- C:\Downloads 2008-02-23 08:55 . 2008-02-23 08:55 32 --a------ C:\WINDOWS\go 2008-02-23 07:00 . 2008-02-23 07:00 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\DAEMON Tools Pro 2008-02-23 07:00 . 2008-02-23 07:00 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\DAEMON Tools Pro 2008-02-23 05:50 . 2008-02-23 05:51 <REP> d--h----- C:\WINDOWS\msdownld.tmp 2008-02-23 05:50 . 2008-02-25 11:05 <REP> d-------- C:\Program Files\Google 2008-02-22 12:55 . 2008-02-22 12:55 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-02-22 12:54 . 2008-02-22 12:54 <REP> d-------- C:\Program Files\Windows Live 2008-02-22 12:53 . 2008-02-22 12:53 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller 2008-02-21 02:15 . 2008-02-21 02:15 <REP> d-------- C:\Program Files\Microsoft Works 2008-02-21 02:12 . 2008-02-21 02:12 <REP> d-------- C:\Program Files\Microsoft.NET 2008-02-21 02:09 . 2008-02-21 02:09 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8 2008-02-21 02:07 . 2008-02-21 02:14 <REP> d-------- C:\WINDOWS\SHELLNEW 2008-02-21 02:04 . 2008-03-02 00:16 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help 2008-02-21 02:03 . 2008-02-21 02:03 <REP> dr-h----- C:\MSOCache 2008-02-20 08:14 . 2008-02-20 08:14 <REP> d-------- C:\WINDOWS\ServicePackFiles 2008-02-20 08:10 . 2004-07-17 11:40 19,528 --a------ C:\WINDOWS\000001_.tmp 2008-02-20 06:41 . 2008-02-25 13:59 <REP> d-------- C:\WINDOWS\SxsCaPendDel 2008-02-20 03:52 . 2008-02-20 03:52 268 --ah----- C:\sqmdata08.sqm 2008-02-20 03:52 . 2008-02-20 03:52 244 --ah----- C:\sqmnoopt08.sqm 2008-02-20 02:54 . 2008-02-20 02:54 268 --ah----- C:\sqmdata07.sqm 2008-02-20 02:54 . 2008-02-20 02:54 244 --ah----- C:\sqmnoopt07.sqm 2008-02-19 23:16 . 2008-02-19 23:16 268 --ah----- C:\sqmdata06.sqm 2008-02-19 23:16 . 2008-02-19 23:16 244 --ah----- C:\sqmnoopt06.sqm 2008-02-19 21:39 . 2008-02-25 10:21 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg8 2008-02-18 13:25 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-02-18 13:25 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-02-18 08:08 . 2008-02-18 08:08 44 --a------ C:\WINDOWS\SMWizard.INI 2008-02-18 07:36 . 2008-02-18 19:03 <REP> d-------- C:\Program Files\Free Download Manager 2008-02-18 07:36 . 2008-02-25 23:23 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\Free Download Manager 2008-02-18 07:36 . 2008-02-18 07:36 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\FreeDownloadManager.ORG 2008-02-17 11:11 . 2008-02-17 11:11 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\SmartFTP 2008-02-16 14:04 . 2008-02-16 14:04 754 --a------ C:\WINDOWS\WORDPAD.INI 2008-02-16 09:16 . 2008-02-25 15:41 121 --a------ C:\WINDOWS\bdagent.INI 2008-02-16 08:14 . 2008-02-16 08:14 <REP> d-------- C:\Documents and Settings\LocalService.AUTORITE NT\Menu Démarrer 2008-02-16 06:56 . 2008-02-16 06:56 <REP> d--hs---- C:\Diskeeper 2008-02-16 06:01 . 2008-03-01 18:51 <REP> d-------- C:\WINDOWS\BDOSCAN8 2008-02-16 01:29 . 2008-02-19 21:23 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira 2008-02-15 16:52 . 2008-02-15 16:52 <REP> d-------- C:\Program Files\Diskeeper Corporation 2008-02-15 16:52 . 2008-02-15 16:52 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Diskeeper Corporation 2008-02-14 20:37 . 2008-02-25 16:55 <REP> d-------- C:\Program Files\Trend Micro 2008-02-14 02:28 . 2008-02-14 02:31 679 --a------ C:\WINDOWS\wininit.ini 2008-02-13 20:40 . 2008-02-16 08:46 <REP> d-------- C:\MFT 2503 2008-02-13 07:50 . 2008-02-13 07:50 <REP> d-------- C:\Documents and Settings\Administrateur.JEROME\Application Data\TuneUp Software 2008-02-13 05:31 . 2008-02-13 05:31 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe 2008-02-13 05:31 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll 2008-02-13 05:30 . 2008-02-15 15:44 <REP> d-------- C:\Program Files\TuneUp Utilities 2008 2008-02-13 03:10 . 2008-02-13 03:10 <REP> d-------- C:\WINDOWS\IconsInUse 2008-02-13 02:38 . 2008-02-13 02:42 <REP> d-------- C:\Program Files\HDGraph 2008-02-08 17:14 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-02-08 17:14 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-02-05 18:54 . 2008-02-05 18:56 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft 2008-02-05 18:25 . 2008-02-25 11:12 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-02 15:56 22,528 -c--a-w C:\WINDOWS\system32\drivers\nhcDriver.sys 2008-03-02 13:16 --------- d-----w C:\Program Files\Java 2008-03-02 12:20 --------- d-----w C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\utorrent 2008-02-25 21:04 --------- d-----w C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\ma-config.com 2008-02-25 20:59 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-25 19:03 --------- d-----w C:\Program Files\WinamaxPoker 2008-02-25 17:06 --------- d-----w C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\Microgaming 2008-02-25 09:48 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-02-25 04:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer 2008-02-25 00:22 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP 2008-02-25 00:22 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2008-02-24 05:12 716,272 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-02-23 02:51 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-02-21 01:14 --------- d-----w C:\Program Files\MSBuild 2008-02-18 12:32 --------- d-----w C:\Program Files\MSECache 2008-02-16 03:02 --------- d-----w C:\Program Files\MSN Messenger 2008-02-13 04:31 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software 2008-02-01 08:50 245,760 ----a-w C:\WINDOWS\system32\JkDefragScreenSaver.exe 2008-02-01 08:50 110,592 ----a-w C:\WINDOWS\system32\JkDefragScreenSaver.scr 2008-01-30 11:38 71,176 ----a-w C:\WINDOWS\system32\drivers\epfw.sys 2008-01-30 11:38 54,280 ----a-w C:\WINDOWS\system32\drivers\epfwtdi.sys 2008-01-30 11:38 30,728 ----a-w C:\WINDOWS\system32\drivers\epfwndis.sys 2008-01-30 11:35 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys 2008-01-30 11:35 29,704 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys 2008-01-15 19:47 --------- d-----w C:\Documents and Settings\Administrateur.JEROME\Application Data\Lavasoft 2008-01-10 17:29 --------- d-----w C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\Samsung 2008-01-07 03:00 --------- d-----w C:\Program Files\UltraStar 2008-01-07 00:13 --------- d-----w C:\Program Files\Winamp 2007-12-13 18:09 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe 2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-06 13:05 108,144 -c--a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-12-05 01:53 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE 2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll 2007-12-04 08:59 972,072 ----a-w C:\WINDOWS\UNRecode.exe 2007-12-03 17:04 95,600 ----a-w C:\WINDOWS\system32\NeroCo.dll 2006-12-02 14:25 853 -c--a-w C:\Documents and Settings\Jerome.JEROME-69F6ED99\reboot.cmd 2007-11-25 00:00 80 -csh--r C:\WINDOWS\system32\F29DB264E0.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSConfig"="C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.exe" [2004-08-19 16:10 160768] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 0 (0x0) "NoResolveSearch"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSimpleStartMenu"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] --a--c--- 2005-02-08 17:38 159744 C:\Program Files\Apoint2K\Apoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2004-08-19 16:09 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui] --a------ 2008-01-30 12:37 1443072 C:\Program Files\ESET\ESET Smart Security\egui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant] --a------ 2005-04-11 15:21 794624 C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NotebookHardwareControl] --a------ 2007-05-04 01:33 2629632 C:\Program Files\Notebook Hardware Control\nhc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] --a--c--- 2004-10-14 08:11 1388544 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Taskix] --a------ 2007-01-25 21:33 65536 C:\Program Files\Taskix\Taskix32.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransBar] --a------ 2005-06-01 20:41 65536 C:\Program Files\TransBar\TransBar.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vistadrv] --a------ 2006-07-30 02:37 121089 C:\Program Files\VistaDriveStatus\vsdrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTaskTips] --a------ 2007-09-05 18:20 36352 C:\Program Files\VisualTaskTips\VisualTaskTips.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "avast! Web Scanner"=3 (0x3) "avast! Mail Scanner"=3 (0x3) "avast! Antivirus"=2 (0x2) "aswUpdSv"=2 (0x2) "xmlprov"=3 (0x3) "WZCSVC"=2 (0x2) "WudfSvc"=2 (0x2) "wuauserv"=2 (0x2) "wscsvc"=2 (0x2) "WMPNetworkSvc"=3 (0x3) "WmiApSrv"=3 (0x3) "WmdmPmSN"=3 (0x3) "WLSetupSvc"=3 (0x3) "winmgmt"=2 (0x2) "WebClient"=2 (0x2) "W32Time"=2 (0x2) "VSS"=3 (0x3) "UxTuneUp"=2 (0x2) "usnjsvc"=3 (0x3) "UPS"=3 (0x3) "TuneUp.Defrag"=3 (0x3) "TrkWks"=2 (0x2) "Themes"=2 (0x2) "TapiSrv"=3 (0x3) "SysmonLog"=3 (0x3) "SwPrv"=3 (0x3) "srservice"=2 (0x2) "SoundMAX Agent Service (default)"=2 (0x2) "ShellHWDetection"=2 (0x2) "SharedAccess"=2 (0x2) "Schedule"=2 (0x2) "SCardSvr"=3 (0x3) "SamSs"=2 (0x2) "RSVP"=3 (0x3) "RDSessMgr"=3 (0x3) "RasMan"=3 (0x3) "RasAuto"=3 (0x3) "ProtectedStorage"=2 (0x2) "PolicyAgent"=2 (0x2) "PlugPlay"=2 (0x2) "ose"=3 (0x3) "odserv"=3 (0x3) "NtmsSvc"=3 (0x3) "NtLmSsp"=3 (0x3) "Nla"=3 (0x3) "Netman"=3 (0x3) "Netlogon"=3 (0x3) "Nero BackItUp Scheduler 3"=2 (0x2) "MSIServer"=3 (0x3) "MSDTC"=3 (0x3) "mnmsrvc"=3 (0x3) "lanmanworkstation"=2 (0x2) "lanmanserver"=2 (0x2) "iPod Service"=3 (0x3) "ImapiService"=3 (0x3) "idsvc"=3 (0x3) "HTTPFilter"=3 (0x3) "hpqwmi"=3 (0x3) "helpsvc"=2 (0x2) "gusvc"=3 (0x3) "FontCache3.0.0.0"=3 (0x3) "Eventlog"=2 (0x2) "ERSvc"=2 (0x2) "ekrn"=2 (0x2) "EhttpSrv"=3 (0x3) "Dnscache"=2 (0x2) "dmserver"=3 (0x3) "dmadmin"=3 (0x3) "Diskeeper"=2 (0x2) "Dhcp"=2 (0x2) "CryptSvc"=3 (0x3) "clr_optimization_v2.0.50727_32"=2 (0x2) "ClipSrv"=3 (0x3) "CiSvc"=3 (0x3) "Browser"=3 (0x3) "BITS"=2 (0x2) "AudioSrv"=2 (0x2) "aspnet_state"=3 (0x3) "AppMgmt"=3 (0x3) "ALG"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{efe338e7-7653-11dc-a2d1-000ae4d4acb8}] \Shell\AutoRun\command - E:\TOTALCMD\TOTALCMD.EXE \Shell\read\command - notepad.exe autorun.inf \Shell\start\command - E:\TOTALCMD\TOTALCMD.EXE \Shell\start1\command - siw\siw.exe \Shell\start2\command - PowerMenu_150_FR\PowerMenu.exe \Shell\start3\command - E:\_Divers\procexp.exe \Shell\start4\command - hijackthis\HijackThis.exe \Shell\start5\command - CCTASK\CCTASK.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-02 17:20:07 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-03-02 17:21:25 ComboFix-quarantined-files.txt 2008-03-02 16:21:08 ComboFix2.txt 2008-03-02 15:02:09 ComboFix3.txt 2008-03-02 14:29:52 . 2008-03-01 23:18:17 --- E O F ---
  11. Pas sur qu'il est fonctionné car planté 2 fois a cause de la chauffe Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-02 16:47:25 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:41,84,3f,a3,d9,93,21,81,9d,ca,66,72,d5,ac,f0,54,c6,80,9a,7b,3c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001] "a0"=hex:20,01,00,00,cf,17,f3,42,b4,89,30,9c,23,c5,a3,fa,31,45,d8,89,11,.. "khjeh"=hex:ce,12,28,34,24,1e,3a,50,5f,44,61,cf,e9,cd,97,e9,30,5a,22,cd,ab,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001Jf40] "khjeh"=hex:07,1b,cc,37,a0,ea,ea,89,98,3c,c5,a5,66,cc,56,b4,5a,51,f2,b2,9b,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001Jf41] "khjeh"=hex:6c,55,dc,40,34,f2,f3,80,83,c2,21,b2,98,4d,e6,17,85,6d,f0,22,16,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC] "p0"="C:\Program Files\DAEMON Tools Pro\" "h0"=dword:00000001 "hdf12"=hex:9e,5c,87,85,62,f7,8b,a6,11,84,2a,5a,80,99,43,e9,9a,5f,e6,8e,13,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC000001] "a0"=hex:20,01,00,00,90,f4,6d,32,6e,75,af,16,08,e8,a6,34,44,d1,1f,75,c6,.. "hdf12"=hex:8c,5b,a4,ca,b6,22,1b,9a,53,d3,ab,bb,36,97,20,4c,b9,0c,e9,bd,23,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC000001\gdq0] "hdf12"=hex:9a,1d,54,b7,56,90,59,2b,02,02,30,a6,41,05,cd,03,68,f7,8f,fe,15,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:39,4d,40,db,c4,d8,25,fa,f8,68,a4,79,e0,05,1f,89,90,43,dd,df,44,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001] "khjeh"=hex:a6,94,ea,0f,ec,c5,a5,cf,2f,8e,1c,cf,09,3d,80,d8,b4,e9,b8,d7,1a,.. "a0"=hex:20,01,00,00,8c,d9,67,3d,3d,fa,2b,38,ac,45,53,d5,90,cf,da,3c,82,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001Jf40] "khjeh"=hex:03,1a,b1,99,1c,51,36,85,9f,77,b2,5a,2a,53,44,59,30,98,27,75,f2,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001Jf41] "khjeh"=hex:6c,55,dc,40,34,f2,f3,80,83,c2,21,b2,98,4d,e6,17,85,6d,f0,22,16,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC] "p0"="C:\Program Files\DAEMON Tools Pro\" "h0"=dword:00000001 "hdf12"=hex:9e,5c,87,85,62,f7,8b,a6,11,84,2a,5a,80,99,43,e9,9a,5f,e6,8e,13,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC000001] "a0"=hex:20,01,00,00,90,f4,6d,32,6e,75,af,16,08,e8,a6,34,44,d1,1f,75,c6,.. "hdf12"=hex:8c,5b,a4,ca,b6,22,1b,9a,53,d3,ab,bb,36,97,20,4c,b9,0c,e9,bd,23,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC000001\gdq0] "hdf12"=hex:9a,1d,54,b7,56,90,59,2b,02,02,30,a6,41,05,cd,03,68,f7,8f,fe,15,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:39,4d,40,db,c4,d8,25,fa,f8,68,a4,79,e0,05,1f,89,90,43,dd,df,44,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001] "khjeh"=hex:a6,94,ea,0f,ec,c5,a5,cf,2f,8e,1c,cf,09,3d,80,d8,b4,e9,b8,d7,1a,.. "a0"=hex:20,01,00,00,8c,d9,67,3d,3d,fa,2b,38,ac,45,53,d5,90,cf,da,3c,82,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001Jf40] "khjeh"=hex:03,1a,b1,99,1c,51,36,85,9f,77,b2,5a,2a,53,44,59,30,98,27,75,f2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001Jf41] "khjeh"=hex:6c,55,dc,40,34,f2,f3,80,83,c2,21,b2,98,4d,e6,17,85,6d,f0,22,16,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:f7,8d,3d,56,c7,37,f4,47,be,34,54,37,d9,4f,6c,a9,1a,fa,fe,76,a6,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001] "a0"=hex:20,01,00,00,cf,17,f3,42,b4,89,30,9c,23,c5,a3,fa,31,45,d8,89,11,.. "khjeh"=hex:80,b5,65,1f,e2,03,d0,4d,9c,9e,60,a2,7f,1a,41,3a,9b,8a,ae,ba,18,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001Jf40] "khjeh"=hex:4e,c1,4c,f4,34,74,0d,49,b6,c0,b8,b7,6b,de,c1,d1,7e,72,33,6e,8c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4000001Jf41] "khjeh"=hex:6c,55,dc,40,34,f2,f3,80,83,c2,21,b2,98,4d,e6,17,85,6d,f0,22,16,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files : Files with Hidden Attributes : Mon 7 Jan 2008 352 A..H. --- "C:\WINDOWS\nod32fixtemdono.reg" Thu 19 Aug 2004 60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe" Thu 19 Aug 2004 4,639 A.SH. --- "C:\Program Files\Windows Media Player\mplayer2.exe" Fri 3 Nov 2006 64,000 A.SH. --- "C:\Program Files\Windows Media Player\wmplayer.exe" Mon 24 Dec 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users.WINDOWS\DRM\DRMv1.bak" Fri 5 Oct 2007 348,160 A.SH. --- "C:\Documents and Settings\Jerome.JEROME-69F6ED99\Bureau\clef usb\msvcr71.dll" Mon 18 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4633c51c90c17af214c8eeab40b9fcf4\BITA.tmp" Wed 20 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f8ec741c57b58a534cd55e8f0ca69e79\BIT1.tmp" Finished!
  12. scan en mode diagnostic option 2: -----------------------------[ Lop S&D 4.0.2 ]--------------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : Jerome ] [ "C:\Lop SD" ] [ 02/03/2008 | 16:09:20,96 ] [ PC : JEROME ] [ MAJ : 30-02-2008 | 00:12 ] //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ -------------[ Listing des dossiers dans Application Data ]------------ [08/12/2007|17:36] C:\DOCUME~1\Administrateur\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\Administrateur\APPLIC~1\.. [07/10/2007|19:49] C:\DOCUME~1\Administrateur\APPLIC~1\desktop.ini [07/10/2007|17:55] C:\DOCUME~1\Administrateur\APPLIC~1\Microsoft [08/12/2007|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.. [07/10/2007|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [07/10/2007|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [02/03/2008|01:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\. [02/03/2008|01:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.. [16/02/2008|05:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\addr_file.html [20/02/2008|22:48] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe [11/10/2007|16:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple [25/02/2008|05:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer [25/02/2008|10:21] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\avg8 [19/02/2008|21:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira [23/02/2008|07:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DAEMON Tools Pro [09/10/2007|13:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini [15/02/2008|16:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Diskeeper Corporation [25/02/2008|09:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ESET [18/02/2008|07:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\FreeDownloadManager.ORG [23/02/2008|05:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google [09/10/2007|12:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\hpqwmi [09/10/2007|12:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\InstallShield [02/03/2008|01:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab [22/01/2008|18:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\LauncherAccess.dt [05/02/2008|18:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft [17/02/2008|17:44] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft [02/03/2008|00:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help [26/02/2008|01:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nero [11/10/2007|16:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\751 QTSBandwidthCache [09/10/2007|12:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime [25/02/2008|01:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy [25/02/2008|01:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP [25/02/2008|17:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Trend Micro [13/02/2008|05:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software [09/10/2007|20:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage [22/02/2008|12:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller [08/12/2007|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.. [07/10/2007|16:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [07/10/2007|16:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [08/12/2007|17:36] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.. [09/10/2007|13:16] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini [09/10/2007|11:32] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft [08/12/2007|17:36] C:\DOCUME~1\Jerome\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\Jerome\APPLIC~1\.. [07/10/2007|19:49] C:\DOCUME~1\Jerome\APPLIC~1\desktop.ini [07/10/2007|17:55] C:\DOCUME~1\Jerome\APPLIC~1\Microsoft [25/02/2008|14:57] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\. [25/02/2008|14:57] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\.. [20/02/2008|16:27] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Adobe [09/10/2007|12:03] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Apple Computer [18/11/2007|00:15] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Azureus [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\BitTorrent [24/02/2008|09:02] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\DAEMON Tools [23/02/2008|07:00] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\DAEMON Tools Pro [09/10/2007|13:16] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\desktop.ini [25/11/2007|00:59] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\DivX [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\dvdcss [25/02/2008|09:47] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\ESET [25/02/2008|10:54] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\FastStone [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\FileZilla [25/02/2008|23:23] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Free Download Manager [11/10/2007|19:22] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Google [12/10/2007|14:27] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Help [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Identities [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\InterVideo [01/12/2007|01:23] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Lavasoft [06/12/2007|16:30] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Leadertech [08/12/2007|17:36] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\ma-config(2).com [25/02/2008|22:04] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\ma-config.com [09/10/2007|20:09] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Macromedia [10/11/2007|16:48] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Media Player Classic [25/02/2008|18:06] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Microgaming [21/02/2008|03:25] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Microsoft [26/02/2008|01:45] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Nero [11/10/2007|19:35] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\OpenArena [25/11/2007|05:27] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\PC Tools [10/01/2008|18:29] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Samsung [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Shareaza [17/02/2008|11:11] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\SmartFTP [06/12/2007|16:31] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Sonic [10/11/2007|13:07] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Sun [09/10/2007|19:43] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\TaoUSign [25/12/2007|21:39] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\teamspeak2 [09/10/2007|19:43] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\temp [09/10/2007|19:43] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Thunderbird [17/11/2007|23:50] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\TuneUp Software [24/11/2007|19:23] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Uniblue [02/03/2008|13:20] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\utorrent [11/10/2007|16:07] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\vlc [11/10/2007|18:10] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Winamp [11/10/2007|16:44] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\WinRAR [08/12/2007|17:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\.. [07/10/2007|17:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [19/02/2008|21:41] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\. [19/02/2008|21:41] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\.. [25/02/2008|10:17] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft [08/12/2007|17:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\.. [07/10/2007|17:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [08/12/2007|17:36] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\.. [25/02/2008|10:17] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]--------------- [02/03/2008 15:55][--ah-c---] C:\WINDOWS\tasks\SA.DAT [05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini ---------------[ Listing des dossiers dans C:\Program Files ]-------------- [29/02/2008|16:14] C:\Program Files\. [29/02/2008|16:14] C:\Program Files\.. [07/10/2007|18:25] C:\Program Files\Adobe [01/03/2008|22:50] C:\Program Files\AIDA32 - Personal System Information [07/10/2007|18:35] C:\Program Files\Analog Devices [09/10/2007|21:27] C:\Program Files\Apoint2K [01/12/2007|17:35] C:\Program Files\CCleaner [23/11/2007|19:52] C:\Program Files\CodeStuff [07/10/2007|14:40] C:\Program Files\ComPlus Applications [24/02/2008|06:24] C:\Program Files\DAEMON Tools [15/02/2008|16:52] C:\Program Files\Diskeeper Corporation [07/12/2007|19:40] C:\Program Files\EA SPORTS [25/02/2008|23:33] C:\Program Files\ESET [25/02/2008|10:51] C:\Program Files\FastStone Capture [26/02/2008|01:39] C:\Program Files\Fichiers communs [18/02/2008|19:03] C:\Program Files\Free Download Manager [25/02/2008|11:05] C:\Program Files\Google [29/02/2008|16:09] C:\Program Files\GUILD WARS [13/02/2008|02:42] C:\Program Files\HDGraph [09/10/2007|12:00] C:\Program Files\Hewlett-Packard [09/10/2007|12:00] C:\Program Files\Hp [09/10/2007|12:11] C:\Program Files\HPQ [24/11/2007|20:09] C:\Program Files\inKline Global [25/02/2008|21:59] C:\Program Files\InstallShield Installation Information [08/12/2007|17:28] C:\Program Files\Intel [23/02/2008|18:03] C:\Program Files\Internet Explorer [09/10/2007|12:00] C:\Program Files\InterVideo [24/12/2007|15:43] C:\Program Files\iPod [28/02/2008|21:47] C:\Program Files\IrfanView [24/12/2007|15:43] C:\Program Files\iTunes [30/12/2007|18:18] C:\Program Files\IZArc [02/03/2008|14:16] C:\Program Files\Java [11/10/2007|18:00] C:\Program Files\K-Lite Codec Pack [08/12/2007|14:47] C:\Program Files\Lavalys [25/02/2008|10:41] C:\Program Files\LClock [29/02/2008|20:16] C:\Program Files\ma-config.com [20/02/2008|09:06] C:\Program Files\messenger [23/11/2007|21:48] C:\Program Files\microsoft frontpage [21/02/2008|02:14] C:\Program Files\Microsoft Office [21/02/2008|02:14] C:\Program Files\Microsoft Visual Studio [21/02/2008|02:09] C:\Program Files\Microsoft Visual Studio 8 [21/02/2008|02:15] C:\Program Files\Microsoft Works [21/02/2008|02:12] C:\Program Files\Microsoft.NET [20/02/2008|08:20] C:\Program Files\Movie Maker [21/02/2008|02:14] C:\Program Files\MSBuild [18/02/2008|13:32] C:\Program Files\MSECache [09/10/2007|11:28] C:\Program Files\MSN Gaming Zone [16/02/2008|04:02] C:\Program Files\MSN Messenger [07/12/2007|20:26] C:\Program Files\MSXML 4.0 [10/11/2007|12:21] C:\Program Files\MSXML 6.0 [28/02/2008|02:22] C:\Program Files\Nero [20/02/2008|08:14] C:\Program Files\NetMeeting [24/11/2007|00:06] C:\Program Files\Notebook Hardware Control [20/02/2008|08:14] C:\Program Files\Outlook Express [25/02/2008|07:57] C:\Program Files\PowerQuest [24/12/2007|15:40] C:\Program Files\QuickTime [09/10/2007|21:38] C:\Program Files\Reference Assemblies [09/10/2007|11:30] C:\Program Files\Services en ligne [09/10/2007|12:09] C:\Program Files\Sonic [10/12/2007|19:39] C:\Program Files\SystemRequirementsLab [25/02/2008|10:41] C:\Program Files\Taskix [29/02/2008|16:14] C:\Program Files\Teamspeak2_RC2 [25/02/2008|10:41] C:\Program Files\TransBar [25/02/2008|16:55] C:\Program Files\Trend Micro [15/02/2008|15:44] C:\Program Files\TuneUp Utilities 2008 [07/01/2008|04:00] C:\Program Files\UltraStar [09/10/2007|11:39] C:\Program Files\Uninstall Information [11/10/2007|18:11] C:\Program Files\uTorrent [08/12/2007|19:14] C:\Program Files\VIA [11/10/2007|16:06] C:\Program Files\VideoLAN [25/02/2008|10:51] C:\Program Files\Virtual CDRom [21/11/2007|17:52] C:\Program Files\Virtualis [25/02/2008|10:48] C:\Program Files\VistaDriveStatus [25/02/2008|10:41] C:\Program Files\VisualTaskTips [07/10/2007|18:38] C:\Program Files\WIDCOMM [25/02/2008|20:03] C:\Program Files\WinamaxPoker [07/01/2008|01:13] C:\Program Files\Winamp [22/02/2008|12:54] C:\Program Files\Windows Live [28/02/2008|17:19] C:\Program Files\Windows Live Safety Center [25/02/2008|10:48] C:\Program Files\Windows Media Connect 2 [28/02/2008|02:54] C:\Program Files\Windows Media Player [20/02/2008|08:14] C:\Program Files\Windows NT [09/10/2007|11:30] C:\Program Files\WindowsUpdate [25/02/2008|10:41] C:\Program Files\WinRoll [25/02/2008|10:41] C:\Program Files\WTInstaller [09/10/2007|11:33] C:\Program Files\xerox ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------ [26/02/2008|01:39] C:\Program Files\Fichiers communs\. [26/02/2008|01:39] C:\Program Files\Fichiers communs\.. [12/10/2007|14:20] C:\Program Files\Fichiers communs\Adobe [21/02/2008|02:14] C:\Program Files\Fichiers communs\DESIGNER [09/10/2007|12:09] C:\Program Files\Fichiers communs\InstallShield [07/10/2007|18:45] C:\Program Files\Fichiers communs\Java [02/03/2008|00:10] C:\Program Files\Fichiers communs\Microsoft Shared [07/10/2007|16:42] C:\Program Files\Fichiers communs\MSSoap [26/02/2008|01:43] C:\Program Files\Fichiers communs\Nero [01/12/2007|05:23] C:\Program Files\Fichiers communs\NSV [07/10/2007|16:14] C:\Program Files\Fichiers communs\ODBC [09/10/2007|11:30] C:\Program Files\Fichiers communs\Services [09/10/2007|12:06] C:\Program Files\Fichiers communs\Sonic Shared [07/10/2007|16:14] C:\Program Files\Fichiers communs\SpeechEngines [09/10/2007|12:09] C:\Program Files\Fichiers communs\SureThing Shared [23/02/2008|03:51] C:\Program Files\Fichiers communs\Symantec Shared [21/02/2008|02:08] C:\Program Files\Fichiers communs\System [09/10/2007|12:07] C:\Program Files\Fichiers communs\TiVo Shared [22/02/2008|12:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller [25/02/2008|11:12] C:\Program Files\Fichiers communs\Wise Installation Wizard ----------------------[ Recherche avec S_Lop ]--------------------- Aucun fichier / dossier Lop trouvé ! -----------------[ Recherche de Fichiers / Dossiers Lop ]----------------- Aucun fichier / dossier Lop trouvé ! ----------------------[ Verification du Registre ]---------------------- ..... OK ! --------------------[ Verification du fichier Hosts ]--------------------- Fichier Hosts PROPRE ----------------[ Recherche de fichiers avec Catchme ]----------------- catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-02 16:09:51 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... scan completed successfully hidden files: 0 --------------------[ Recherche d'autres infections ]--------------------- Aucune autre infection trouvée ! /!\ [Fich:8][Doss:0] C:\DOCUME~1\JEROME~1.JER\Cookies /!\ [Fich:86][Doss:4] C:\DOCUME~1\JEROME~1.JER\LOCALS~1\TEMPOR~1\content.IE5 --------------------[ Fin du rapport a 16:10:06,10 ]----------------------
  13. scan en mode diagnostic: ComboFix 08-03-01.3 - Jerome 2008-03-02 15:58:50.2 - NTFSx86 Endroit: C:\Documents and Settings\Jerome.JEROME-69F6ED99\Bureau\ComboFix.exe . ((((((((((((((((((((((((((((( Fichiers créés 2008-02-02 to 2008-03-02 )))))))))))))))))))))))))))))))))))) . 2008-03-02 14:16 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-03-02 13:44 . 2008-03-02 13:44 9,191,818 --a------ C:\upload_moi_JEROME.tar.gz 2008-03-02 01:27 . 2008-03-02 01:27 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-03-02 01:27 . 2008-03-02 01:27 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab 2008-02-29 16:14 . 2008-02-29 16:14 <REP> d-------- C:\Program Files\Teamspeak2_RC2 2008-02-29 16:09 . 2008-02-29 16:09 <REP> d-------- C:\Program Files\GUILD WARS 2008-02-29 15:51 . 2008-03-01 22:50 <REP> d-------- C:\Program Files\AIDA32 - Personal System Information 2008-02-28 17:18 . 2008-02-28 17:19 <REP> d-------- C:\Program Files\Windows Live Safety Center 2008-02-28 02:20 . 2008-02-28 02:20 161 --a------ C:\WINDOWS\MyDrivers.ini 2008-02-26 01:45 . 2008-02-26 01:45 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\Nero 2008-02-26 01:39 . 2008-02-28 02:22 <REP> d-------- C:\Program Files\Nero 2008-02-26 01:39 . 2008-02-26 01:43 <REP> d-------- C:\Program Files\Fichiers communs\Nero 2008-02-26 01:39 . 2008-02-26 01:39 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero 2008-02-25 23:33 . 2008-02-25 23:33 <REP> d-------- C:\Program Files\ESET 2008-02-25 22:46 . 2008-02-25 23:02 125 --a------ C:\ioSpecial.ini 2008-02-25 22:03 . 2008-02-29 20:16 <REP> d-------- C:\Program Files\ma-config.com 2008-02-25 22:01 . 2008-02-25 22:01 <REP> d--h----- C:\WINDOWS\PIF 2008-02-25 17:18 . 2008-02-25 17:18 51 --a------ C:\WINDOWS\pccillin.ini 2008-02-25 14:38 . 2008-01-07 14:29 352 --ah----- C:\WINDOWS\nod32fixtemdono.reg 2008-02-25 12:04 . 2008-02-25 15:14 81,984 --a------ C:\WINDOWS\system32\bdod.bin 2008-02-25 11:36 . 2008-02-25 17:28 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Trend Micro 2008-02-25 10:54 . 2008-02-25 10:54 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\FastStone 2008-02-25 10:51 . 2008-02-25 10:51 <REP> d-------- C:\Program Files\Virtual CDRom 2008-02-25 10:51 . 2008-02-28 21:47 <REP> d-------- C:\Program Files\IrfanView 2008-02-25 10:51 . 2008-02-25 10:51 <REP> d-------- C:\Program Files\FastStone Capture 2008-02-25 10:51 . 2008-02-25 10:51 39,859 --a------ C:\WINDOWS\system32\UnIfs.exe 2008-02-25 10:41 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\WinRoll 2008-02-25 10:41 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\VisualTaskTips 2008-02-25 10:41 . 2008-02-25 10:48 <REP> d-------- C:\Program Files\VistaDriveStatus 2008-02-25 10:41 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\TransBar 2008-02-25 10:41 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\Taskix 2008-02-25 10:41 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\LClock 2008-02-25 09:47 . 2008-02-25 09:47 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\ESET 2008-02-25 09:39 . 2008-02-25 09:39 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET 2008-02-25 07:57 . 2008-02-25 07:57 <REP> d-------- C:\Program Files\PowerQuest 2008-02-24 09:02 . 2008-02-24 09:02 36 --a------ C:\WINDOWS\DaemonPlugin.INI 2008-02-24 08:46 . 2008-02-25 10:41 <REP> d-------- C:\Program Files\WTInstaller 2008-02-24 06:24 . 2008-02-24 06:24 <REP> d-------- C:\Program Files\DAEMON Tools 2008-02-24 06:20 . 2008-02-24 09:02 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\DAEMON Tools 2008-02-24 06:14 . 2008-02-24 06:14 <REP> d-------- C:\WINDOWS\system32\dumps 2008-02-24 03:52 . 2008-02-24 03:52 3,934 --a------ C:\WINDOWS\Ascd_tmp.ini 2008-02-24 03:51 . 2000-03-29 15:17 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS 2008-02-23 17:24 . 2008-02-24 02:55 249,856 --------- C:\WINDOWS\Setup1.exe 2008-02-23 17:24 . 2008-02-24 02:55 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2008-02-23 09:26 . 2008-02-25 22:45 <REP> d-------- C:\Downloads 2008-02-23 08:55 . 2008-02-23 08:55 32 --a------ C:\WINDOWS\go 2008-02-23 07:00 . 2008-02-23 07:00 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\DAEMON Tools Pro 2008-02-23 07:00 . 2008-02-23 07:00 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\DAEMON Tools Pro 2008-02-23 05:50 . 2008-02-23 05:51 <REP> d--h----- C:\WINDOWS\msdownld.tmp 2008-02-23 05:50 . 2008-02-25 11:05 <REP> d-------- C:\Program Files\Google 2008-02-22 12:55 . 2008-02-22 12:55 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-02-22 12:54 . 2008-02-22 12:54 <REP> d-------- C:\Program Files\Windows Live 2008-02-22 12:53 . 2008-02-22 12:53 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller 2008-02-21 02:15 . 2008-02-21 02:15 <REP> d-------- C:\Program Files\Microsoft Works 2008-02-21 02:12 . 2008-02-21 02:12 <REP> d-------- C:\Program Files\Microsoft.NET 2008-02-21 02:09 . 2008-02-21 02:09 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8 2008-02-21 02:07 . 2008-02-21 02:14 <REP> d-------- C:\WINDOWS\SHELLNEW 2008-02-21 02:04 . 2008-03-02 00:16 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help 2008-02-21 02:03 . 2008-02-21 02:03 <REP> dr-h----- C:\MSOCache 2008-02-20 08:14 . 2008-02-20 08:14 <REP> d-------- C:\WINDOWS\ServicePackFiles 2008-02-20 08:10 . 2004-07-17 11:40 19,528 --a------ C:\WINDOWS\000001_.tmp 2008-02-20 06:41 . 2008-02-25 13:59 <REP> d-------- C:\WINDOWS\SxsCaPendDel 2008-02-20 03:52 . 2008-02-20 03:52 268 --ah----- C:\sqmdata08.sqm 2008-02-20 03:52 . 2008-02-20 03:52 244 --ah----- C:\sqmnoopt08.sqm 2008-02-20 02:54 . 2008-02-20 02:54 268 --ah----- C:\sqmdata07.sqm 2008-02-20 02:54 . 2008-02-20 02:54 244 --ah----- C:\sqmnoopt07.sqm 2008-02-19 23:16 . 2008-02-19 23:16 268 --ah----- C:\sqmdata06.sqm 2008-02-19 23:16 . 2008-02-19 23:16 244 --ah----- C:\sqmnoopt06.sqm 2008-02-19 21:39 . 2008-02-25 10:21 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg8 2008-02-18 13:25 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-02-18 13:25 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-02-18 08:08 . 2008-02-18 08:08 44 --a------ C:\WINDOWS\SMWizard.INI 2008-02-18 07:36 . 2008-02-18 19:03 <REP> d-------- C:\Program Files\Free Download Manager 2008-02-18 07:36 . 2008-02-25 23:23 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\Free Download Manager 2008-02-18 07:36 . 2008-02-18 07:36 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\FreeDownloadManager.ORG 2008-02-17 11:11 . 2008-02-17 11:11 <REP> d-------- C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\SmartFTP 2008-02-16 14:04 . 2008-02-16 14:04 754 --a------ C:\WINDOWS\WORDPAD.INI 2008-02-16 09:16 . 2008-02-25 15:41 121 --a------ C:\WINDOWS\bdagent.INI 2008-02-16 08:14 . 2008-02-16 08:14 <REP> d-------- C:\Documents and Settings\LocalService.AUTORITE NT\Menu Démarrer 2008-02-16 06:56 . 2008-02-16 06:56 <REP> d--hs---- C:\Diskeeper 2008-02-16 06:01 . 2008-03-01 18:51 <REP> d-------- C:\WINDOWS\BDOSCAN8 2008-02-16 01:29 . 2008-02-19 21:23 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira 2008-02-15 16:52 . 2008-02-15 16:52 <REP> d-------- C:\Program Files\Diskeeper Corporation 2008-02-15 16:52 . 2008-02-15 16:52 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Diskeeper Corporation 2008-02-14 20:37 . 2008-02-25 16:55 <REP> d-------- C:\Program Files\Trend Micro 2008-02-14 02:28 . 2008-02-14 02:31 679 --a------ C:\WINDOWS\wininit.ini 2008-02-13 20:40 . 2008-02-16 08:46 <REP> d-------- C:\MFT 2503 2008-02-13 07:50 . 2008-02-13 07:50 <REP> d-------- C:\Documents and Settings\Administrateur.JEROME\Application Data\TuneUp Software 2008-02-13 05:31 . 2008-02-13 05:31 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe 2008-02-13 05:31 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll 2008-02-13 05:30 . 2008-02-15 15:44 <REP> d-------- C:\Program Files\TuneUp Utilities 2008 2008-02-13 03:10 . 2008-02-13 03:10 <REP> d-------- C:\WINDOWS\IconsInUse 2008-02-13 02:38 . 2008-02-13 02:42 <REP> d-------- C:\Program Files\HDGraph 2008-02-08 17:14 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-02-08 17:14 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-02-05 18:54 . 2008-02-05 18:56 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft 2008-02-05 18:25 . 2008-02-25 11:12 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-02 14:34 22,528 -c--a-w C:\WINDOWS\system32\drivers\nhcDriver.sys 2008-03-02 13:16 --------- d-----w C:\Program Files\Java 2008-03-02 12:20 --------- d-----w C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\utorrent 2008-02-25 21:04 --------- d-----w C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\ma-config.com 2008-02-25 20:59 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-25 19:03 --------- d-----w C:\Program Files\WinamaxPoker 2008-02-25 17:06 --------- d-----w C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\Microgaming 2008-02-25 09:48 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-02-25 04:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer 2008-02-25 00:22 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP 2008-02-25 00:22 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2008-02-24 05:12 716,272 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-02-23 02:51 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-02-21 01:14 --------- d-----w C:\Program Files\MSBuild 2008-02-18 12:32 --------- d-----w C:\Program Files\MSECache 2008-02-16 03:02 --------- d-----w C:\Program Files\MSN Messenger 2008-02-13 04:31 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software 2008-02-01 08:50 245,760 ----a-w C:\WINDOWS\system32\JkDefragScreenSaver.exe 2008-02-01 08:50 110,592 ----a-w C:\WINDOWS\system32\JkDefragScreenSaver.scr 2008-01-30 11:38 71,176 ----a-w C:\WINDOWS\system32\drivers\epfw.sys 2008-01-30 11:38 54,280 ----a-w C:\WINDOWS\system32\drivers\epfwtdi.sys 2008-01-30 11:38 30,728 ----a-w C:\WINDOWS\system32\drivers\epfwndis.sys 2008-01-30 11:35 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys 2008-01-30 11:35 29,704 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys 2008-01-15 19:47 --------- d-----w C:\Documents and Settings\Administrateur.JEROME\Application Data\Lavasoft 2008-01-10 17:29 --------- d-----w C:\Documents and Settings\Jerome.JEROME-69F6ED99\Application Data\Samsung 2008-01-07 03:00 --------- d-----w C:\Program Files\UltraStar 2008-01-07 00:13 --------- d-----w C:\Program Files\Winamp 2007-12-13 18:09 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe 2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-06 13:05 108,144 -c--a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-12-05 01:53 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE 2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll 2007-12-04 08:59 972,072 ----a-w C:\WINDOWS\UNRecode.exe 2007-12-03 17:04 95,600 ----a-w C:\WINDOWS\system32\NeroCo.dll 2006-12-02 14:25 853 -c--a-w C:\Documents and Settings\Jerome.JEROME-69F6ED99\reboot.cmd 2007-11-25 00:00 80 -csh--r C:\WINDOWS\system32\F29DB264E0.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 0 (0x0) "NoResolveSearch"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSimpleStartMenu"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] --a--c--- 2005-02-08 17:38 159744 C:\Program Files\Apoint2K\Apoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2004-08-19 16:09 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui] --a------ 2008-01-30 12:37 1443072 C:\Program Files\ESET\ESET Smart Security\egui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant] --a------ 2005-04-11 15:21 794624 C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kspkdcbfa] c:\documents and settings\jerome.jerome-69f6ed99\local settings\application data\kspkdcbfa.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NotebookHardwareControl] --a------ 2007-05-04 01:33 2629632 C:\Program Files\Notebook Hardware Control\nhc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] --a--c--- 2004-10-14 08:11 1388544 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Taskix] --a------ 2007-01-25 21:33 65536 C:\Program Files\Taskix\Taskix32.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransBar] --a------ 2005-06-01 20:41 65536 C:\Program Files\TransBar\TransBar.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vistadrv] --a------ 2006-07-30 02:37 121089 C:\Program Files\VistaDriveStatus\vsdrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTaskTips] --a------ 2007-09-05 18:20 36352 C:\Program Files\VisualTaskTips\VisualTaskTips.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "avast! Web Scanner"=3 (0x3) "avast! Mail Scanner"=3 (0x3) "avast! Antivirus"=2 (0x2) "aswUpdSv"=2 (0x2) "xmlprov"=3 (0x3) "WZCSVC"=2 (0x2) "WudfSvc"=2 (0x2) "wuauserv"=2 (0x2) "wscsvc"=2 (0x2) "WMPNetworkSvc"=3 (0x3) "WmiApSrv"=3 (0x3) "WmdmPmSN"=3 (0x3) "WLSetupSvc"=3 (0x3) "winmgmt"=2 (0x2) "WebClient"=2 (0x2) "W32Time"=2 (0x2) "VSS"=3 (0x3) "UxTuneUp"=2 (0x2) "usnjsvc"=3 (0x3) "UPS"=3 (0x3) "TuneUp.Defrag"=3 (0x3) "TrkWks"=2 (0x2) "Themes"=2 (0x2) "TapiSrv"=3 (0x3) "SysmonLog"=3 (0x3) "SwPrv"=3 (0x3) "srservice"=2 (0x2) "SoundMAX Agent Service (default)"=2 (0x2) "ShellHWDetection"=2 (0x2) "SharedAccess"=2 (0x2) "Schedule"=2 (0x2) "SCardSvr"=3 (0x3) "SamSs"=2 (0x2) "RSVP"=3 (0x3) "RDSessMgr"=3 (0x3) "RasMan"=3 (0x3) "RasAuto"=3 (0x3) "ProtectedStorage"=2 (0x2) "PolicyAgent"=2 (0x2) "PlugPlay"=2 (0x2) "ose"=3 (0x3) "odserv"=3 (0x3) "NtmsSvc"=3 (0x3) "NtLmSsp"=3 (0x3) "Nla"=3 (0x3) "Netman"=3 (0x3) "Netlogon"=3 (0x3) "Nero BackItUp Scheduler 3"=2 (0x2) "MSIServer"=3 (0x3) "MSDTC"=3 (0x3) "mnmsrvc"=3 (0x3) "lanmanworkstation"=2 (0x2) "lanmanserver"=2 (0x2) "iPod Service"=3 (0x3) "ImapiService"=3 (0x3) "idsvc"=3 (0x3) "HTTPFilter"=3 (0x3) "hpqwmi"=3 (0x3) "helpsvc"=2 (0x2) "gusvc"=3 (0x3) "FontCache3.0.0.0"=3 (0x3) "Eventlog"=2 (0x2) "ERSvc"=2 (0x2) "ekrn"=2 (0x2) "EhttpSrv"=3 (0x3) "Dnscache"=2 (0x2) "dmserver"=3 (0x3) "dmadmin"=3 (0x3) "Diskeeper"=2 (0x2) "Dhcp"=2 (0x2) "CryptSvc"=3 (0x3) "clr_optimization_v2.0.50727_32"=2 (0x2) "ClipSrv"=3 (0x3) "CiSvc"=3 (0x3) "Browser"=3 (0x3) "BITS"=2 (0x2) "AudioSrv"=2 (0x2) "aspnet_state"=3 (0x3) "AppMgmt"=3 (0x3) "ALG"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{efe338e7-7653-11dc-a2d1-000ae4d4acb8}] \Shell\AutoRun\command - E:\TOTALCMD\TOTALCMD.EXE \Shell\read\command - notepad.exe autorun.inf \Shell\start\command - E:\TOTALCMD\TOTALCMD.EXE \Shell\start1\command - siw\siw.exe \Shell\start2\command - PowerMenu_150_FR\PowerMenu.exe \Shell\start3\command - E:\_Divers\procexp.exe \Shell\start4\command - hijackthis\HijackThis.exe \Shell\start5\command - CCTASK\CCTASK.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-02 16:01:04 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-03-02 16:02:08 ComboFix-quarantined-files.txt 2008-03-02 15:01:59 ComboFix2.txt 2008-03-02 14:29:52 . 2008-03-01 23:18:17 --- E O F --- option 1 en mode diagnostic: -----------------------------[ Lop S&D 4.0.2 ]--------------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : Jerome ] [ "C:\Lop SD" ] [ 02/03/2008 | 16:06:50,39 ] [ PC : JEROME ] [ MAJ : 30-02-2008 | 00:12 ] -------------[ Listing des dossiers dans Application Data ]------------ [08/12/2007|17:36] C:\DOCUME~1\Administrateur\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\Administrateur\APPLIC~1\.. [07/10/2007|19:49] C:\DOCUME~1\Administrateur\APPLIC~1\desktop.ini [07/10/2007|17:55] C:\DOCUME~1\Administrateur\APPLIC~1\Microsoft [08/12/2007|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.. [07/10/2007|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [07/10/2007|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [02/03/2008|01:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\. [02/03/2008|01:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.. [16/02/2008|05:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\addr_file.html [20/02/2008|22:48] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe [11/10/2007|16:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple [25/02/2008|05:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer [25/02/2008|10:21] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\avg8 [19/02/2008|21:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira [23/02/2008|07:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DAEMON Tools Pro [09/10/2007|13:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini [15/02/2008|16:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Diskeeper Corporation [25/02/2008|09:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ESET [18/02/2008|07:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\FreeDownloadManager.ORG [23/02/2008|05:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google [09/10/2007|12:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\hpqwmi [09/10/2007|12:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\InstallShield [02/03/2008|01:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab [22/01/2008|18:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\LauncherAccess.dt [05/02/2008|18:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft [17/02/2008|17:44] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft [02/03/2008|00:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help [26/02/2008|01:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nero [11/10/2007|16:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\751 QTSBandwidthCache [09/10/2007|12:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime [25/02/2008|01:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy [25/02/2008|01:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP [25/02/2008|17:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Trend Micro [13/02/2008|05:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software [09/10/2007|20:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage [22/02/2008|12:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller [08/12/2007|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.. [07/10/2007|16:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [07/10/2007|16:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [08/12/2007|17:36] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.. [09/10/2007|13:16] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini [09/10/2007|11:32] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft [08/12/2007|17:36] C:\DOCUME~1\Jerome\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\Jerome\APPLIC~1\.. [07/10/2007|19:49] C:\DOCUME~1\Jerome\APPLIC~1\desktop.ini [07/10/2007|17:55] C:\DOCUME~1\Jerome\APPLIC~1\Microsoft [25/02/2008|14:57] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\. [25/02/2008|14:57] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\.. [20/02/2008|16:27] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Adobe [09/10/2007|12:03] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Apple Computer [18/11/2007|00:15] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Azureus [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\BitTorrent [24/02/2008|09:02] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\DAEMON Tools [23/02/2008|07:00] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\DAEMON Tools Pro [09/10/2007|13:16] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\desktop.ini [25/11/2007|00:59] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\DivX [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\dvdcss [25/02/2008|09:47] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\ESET [25/02/2008|10:54] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\FastStone [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\FileZilla [25/02/2008|23:23] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Free Download Manager [11/10/2007|19:22] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Google [12/10/2007|14:27] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Help [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Identities [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\InterVideo [01/12/2007|01:23] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Lavasoft [06/12/2007|16:30] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Leadertech [08/12/2007|17:36] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\ma-config(2).com [25/02/2008|22:04] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\ma-config.com [09/10/2007|20:09] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Macromedia [10/11/2007|16:48] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Media Player Classic [25/02/2008|18:06] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Microgaming [21/02/2008|03:25] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Microsoft [26/02/2008|01:45] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Nero [11/10/2007|19:35] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\OpenArena [25/11/2007|05:27] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\PC Tools [10/01/2008|18:29] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Samsung [09/10/2007|19:41] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Shareaza [17/02/2008|11:11] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\SmartFTP [06/12/2007|16:31] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Sonic [10/11/2007|13:07] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Sun [09/10/2007|19:43] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\TaoUSign [25/12/2007|21:39] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\teamspeak2 [09/10/2007|19:43] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\temp [09/10/2007|19:43] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Thunderbird [17/11/2007|23:50] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\TuneUp Software [24/11/2007|19:23] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Uniblue [02/03/2008|13:20] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\utorrent [11/10/2007|16:07] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\vlc [11/10/2007|18:10] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\Winamp [11/10/2007|16:44] C:\DOCUME~1\JEROME~1.JER\APPLIC~1\WinRAR [08/12/2007|17:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\.. [07/10/2007|17:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [19/02/2008|21:41] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\. [19/02/2008|21:41] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\.. [25/02/2008|10:17] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft [08/12/2007|17:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\.. [07/10/2007|17:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [08/12/2007|17:36] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\. [08/12/2007|17:36] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\.. [25/02/2008|10:17] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]--------------- [02/03/2008 15:55][--ah-c---] C:\WINDOWS\tasks\SA.DAT [05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini ---------------[ Listing des dossiers dans C:\Program Files ]-------------- [29/02/2008|16:14] C:\Program Files\. [29/02/2008|16:14] C:\Program Files\.. [07/10/2007|18:25] C:\Program Files\Adobe [01/03/2008|22:50] C:\Program Files\AIDA32 - Personal System Information [07/10/2007|18:35] C:\Program Files\Analog Devices [09/10/2007|21:27] C:\Program Files\Apoint2K [01/12/2007|17:35] C:\Program Files\CCleaner [23/11/2007|19:52] C:\Program Files\CodeStuff [07/10/2007|14:40] C:\Program Files\ComPlus Applications [24/02/2008|06:24] C:\Program Files\DAEMON Tools [15/02/2008|16:52] C:\Program Files\Diskeeper Corporation [07/12/2007|19:40] C:\Program Files\EA SPORTS [25/02/2008|23:33] C:\Program Files\ESET [25/02/2008|10:51] C:\Program Files\FastStone Capture [26/02/2008|01:39] C:\Program Files\Fichiers communs [18/02/2008|19:03] C:\Program Files\Free Download Manager [25/02/2008|11:05] C:\Program Files\Google [29/02/2008|16:09] C:\Program Files\GUILD WARS [13/02/2008|02:42] C:\Program Files\HDGraph [09/10/2007|12:00] C:\Program Files\Hewlett-Packard [09/10/2007|12:00] C:\Program Files\Hp [09/10/2007|12:11] C:\Program Files\HPQ [24/11/2007|20:09] C:\Program Files\inKline Global [25/02/2008|21:59] C:\Program Files\InstallShield Installation Information [08/12/2007|17:28] C:\Program Files\Intel [23/02/2008|18:03] C:\Program Files\Internet Explorer [09/10/2007|12:00] C:\Program Files\InterVideo [24/12/2007|15:43] C:\Program Files\iPod [28/02/2008|21:47] C:\Program Files\IrfanView [24/12/2007|15:43] C:\Program Files\iTunes [30/12/2007|18:18] C:\Program Files\IZArc [02/03/2008|14:16] C:\Program Files\Java [11/10/2007|18:00] C:\Program Files\K-Lite Codec Pack [08/12/2007|14:47] C:\Program Files\Lavalys [25/02/2008|10:41] C:\Program Files\LClock [29/02/2008|20:16] C:\Program Files\ma-config.com [20/02/2008|09:06] C:\Program Files\messenger [23/11/2007|21:48] C:\Program Files\microsoft frontpage [21/02/2008|02:14] C:\Program Files\Microsoft Office [21/02/2008|02:14] C:\Program Files\Microsoft Visual Studio [21/02/2008|02:09] C:\Program Files\Microsoft Visual Studio 8 [21/02/2008|02:15] C:\Program Files\Microsoft Works [21/02/2008|02:12] C:\Program Files\Microsoft.NET [20/02/2008|08:20] C:\Program Files\Movie Maker [21/02/2008|02:14] C:\Program Files\MSBuild [18/02/2008|13:32] C:\Program Files\MSECache [09/10/2007|11:28] C:\Program Files\MSN Gaming Zone [16/02/2008|04:02] C:\Program Files\MSN Messenger [07/12/2007|20:26] C:\Program Files\MSXML 4.0 [10/11/2007|12:21] C:\Program Files\MSXML 6.0 [28/02/2008|02:22] C:\Program Files\Nero [20/02/2008|08:14] C:\Program Files\NetMeeting [24/11/2007|00:06] C:\Program Files\Notebook Hardware Control [20/02/2008|08:14] C:\Program Files\Outlook Express [25/02/2008|07:57] C:\Program Files\PowerQuest [24/12/2007|15:40] C:\Program Files\QuickTime [09/10/2007|21:38] C:\Program Files\Reference Assemblies [09/10/2007|11:30] C:\Program Files\Services en ligne [09/10/2007|12:09] C:\Program Files\Sonic [10/12/2007|19:39] C:\Program Files\SystemRequirementsLab [25/02/2008|10:41] C:\Program Files\Taskix [29/02/2008|16:14] C:\Program Files\Teamspeak2_RC2 [25/02/2008|10:41] C:\Program Files\TransBar [25/02/2008|16:55] C:\Program Files\Trend Micro [15/02/2008|15:44] C:\Program Files\TuneUp Utilities 2008 [07/01/2008|04:00] C:\Program Files\UltraStar [09/10/2007|11:39] C:\Program Files\Uninstall Information [11/10/2007|18:11] C:\Program Files\uTorrent [08/12/2007|19:14] C:\Program Files\VIA [11/10/2007|16:06] C:\Program Files\VideoLAN [25/02/2008|10:51] C:\Program Files\Virtual CDRom [21/11/2007|17:52] C:\Program Files\Virtualis [25/02/2008|10:48] C:\Program Files\VistaDriveStatus [25/02/2008|10:41] C:\Program Files\VisualTaskTips [07/10/2007|18:38] C:\Program Files\WIDCOMM [25/02/2008|20:03] C:\Program Files\WinamaxPoker [07/01/2008|01:13] C:\Program Files\Winamp [22/02/2008|12:54] C:\Program Files\Windows Live [28/02/2008|17:19] C:\Program Files\Windows Live Safety Center [25/02/2008|10:48] C:\Program Files\Windows Media Connect 2 [28/02/2008|02:54] C:\Program Files\Windows Media Player [20/02/2008|08:14] C:\Program Files\Windows NT [09/10/2007|11:30] C:\Program Files\WindowsUpdate [25/02/2008|10:41] C:\Program Files\WinRoll [25/02/2008|10:41] C:\Program Files\WTInstaller [09/10/2007|11:33] C:\Program Files\xerox ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------ [26/02/2008|01:39] C:\Program Files\Fichiers communs\. [26/02/2008|01:39] C:\Program Files\Fichiers communs\.. [12/10/2007|14:20] C:\Program Files\Fichiers communs\Adobe [21/02/2008|02:14] C:\Program Files\Fichiers communs\DESIGNER [09/10/2007|12:09] C:\Program Files\Fichiers communs\InstallShield [07/10/2007|18:45] C:\Program Files\Fichiers communs\Java [02/03/2008|00:10] C:\Program Files\Fichiers communs\Microsoft Shared [07/10/2007|16:42] C:\Program Files\Fichiers communs\MSSoap [26/02/2008|01:43] C:\Program Files\Fichiers communs\Nero [01/12/2007|05:23] C:\Program Files\Fichiers communs\NSV [07/10/2007|16:14] C:\Program Files\Fichiers communs\ODBC [09/10/2007|11:30] C:\Program Files\Fichiers communs\Services [09/10/2007|12:06] C:\Program Files\Fichiers communs\Sonic Shared [07/10/2007|16:14] C:\Program Files\Fichiers communs\SpeechEngines [09/10/2007|12:09] C:\Program Files\Fichiers communs\SureThing Shared [23/02/2008|03:51] C:\Program Files\Fichiers communs\Symantec Shared [21/02/2008|02:08] C:\Program Files\Fichiers communs\System [09/10/2007|12:07] C:\Program Files\Fichiers communs\TiVo Shared [22/02/2008|12:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller [25/02/2008|11:12] C:\Program Files\Fichiers communs\Wise Installation Wizard ----------------------[ Recherche avec S_Lop ]--------------------- Aucun fichier / dossier Lop trouvé ! -----------------[ Recherche de Fichiers / Dossiers Lop ]----------------- Aucun fichier / dossier Lop trouvé ! ----------------------[ Verification du Registre ]---------------------- ..... OK ! --------------------[ Verification du fichier Hosts ]--------------------- Fichier Hosts PROPRE ----------------[ Recherche de fichiers avec Catchme ]----------------- catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-02 16:07:21 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... scan completed successfully hidden files: 0 --------------------[ Recherche d'autres infections ]--------------------- Aucune autre infection trouvée ! /!\ [Fich:1][Doss:1] C:\DOCUME~1\JEROME~1.JER\LOCALS~1\Temp /!\ [Fich:8][Doss:0] C:\DOCUME~1\JEROME~1.JER\Cookies /!\ [Fich:156][Doss:4] C:\DOCUME~1\JEROME~1.JER\LOCALS~1\TEMPOR~1\content.IE5 --------------------[ Fin du rapport a 16:07:35,51 ]----------------------
  14. je refait le scan en mode diagnostique car nod32 c'est lancé au demarrage et j'ai peur qu'il est faussé l'analyse
×
×
  • Créer...