Aller au contenu

PAPI84

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    23

  • Inscription

  • Dernière visite

À propos de PAPI84

  • Date de naissance 12/06/1950

Profile Information

  • Sexe
    Male
  • Localisation
    ORANGE

PAPI84's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. PAPI84
    Bonjour à tous Le matin au démarrage de mon ordi j'ai le message suivant: Rundll erreur de chargement de C:windows system32 gzm rt.dll le module spécifié est introuvable Que veut dire ce message Merci pour les réponses. Cordialement Pierre
  2. PAPI84
    Salut Charles J'ai regardé dans C/ et il y ce Combofix - bloc-notes Avant de faire la manip de ton dernier message je le poste "Pierrot" - 2007-06-05 15:00:47 Service Pack 2 NTFS ComboFix 07-06-3 - Running from: "C:\Documents and Settings\Pierrot\Bureau\" ((((((((((((((((((((((((( Files Created from 2007-05-05 to 2007-06-05 ))))))))))))))))))))))))))))))) 2007-06-04 15:24 <REP> d-------- C:\Program Files\SPYWAREfighter 2007-06-04 15:24 <REP> d-------- C:\Program Files\Fichiers communs\Application 2007-06-02 10:16 853 --a------ C:\reboot.cmd 2007-06-02 10:16 68,096 --a------ C:\diff.exe 2007-06-02 10:16 103,424 --a------ C:\grep.exe 2007-06-02 10:03 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-01 16:28 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-06-01 13:13 <REP> d-------- C:\Program Files\Lavasoft 2007-06-01 11:44 <REP> d-------- C:\WINDOWS\CSC 2007-05-31 09:36 5,242,880 --a------ C:\DOCUME~1\Pierrot\ntuser.dat 2007-05-31 09:36 <REP> d-------- C:\DOCUME~1\Pierrot\APPLIC~1\InstallShield Installation Information 2007-05-28 15:11 <REP> dr------- C:\DOCUME~1\LOCALS~1\Favoris 2007-05-28 15:11 <REP> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Google 2007-05-27 08:41 <REP> d-------- C:\Program Files\AxBx 2007-05-10 11:18 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-05-09 15:12 <REP> d-------- C:\Program Files\Spamihilator (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-04 12:36:13 -------- d-----w C:\Program Files\Hijackthis Version Française 2007-06-03 14:35:26 -------- d-----w C:\Program Files\eMule 2007-06-02 07:23:54 -------- d-----w C:\Program Files\Share_Accelerator 2007-06-02 07:23:54 -------- d-----w C:\Program Files\Multi_Media 2007-06-01 18:37:27 -------- d-----w C:\Program Files\Sunbelt Software 2007-05-31 12:21:04 -------- d-----w C:\DOCUME~1\Pierrot\APPLIC~1\Lavasoft 2007-05-31 12:19:53 -------- d-----w C:\Program Files\IncrediMail 2007-05-29 10:02:07 -------- d-----w C:\DOCUME~1\Pierrot\APPLIC~1\Canon 2007-05-29 07:49:11 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll 2007-05-03 12:51:46 -------- d-----w C:\DOCUME~1\Pierrot\APPLIC~1\Skype 2007-05-01 16:11:21 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE 2007-05-01 16:02:25 -------- d-----w C:\Program Files\Fichiers communs\Agnitum Shared 2007-05-01 16:02:23 -------- d-----w C:\Program Files\Agnitum 2007-05-01 09:32:20 505,483 --sh--w C:\WINDOWS\system32\bbadd.ini2 2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-04-28 15:17:18 520,880 --sh--w C:\WINDOWS\system32\bbadd.bak2 2007-04-27 13:41:22 281,348 ----a-w C:\WINDOWS\system32\drivers\ndis.sys 2007-04-26 08:21:34 72,624 ----a-w C:\WINDOWS\system32\drivers\khips.sys 2007-04-26 08:21:30 302,000 ----a-w C:\WINDOWS\system32\drivers\fwdrv.sys 2007-04-23 07:03:44 82,882 ----a-w C:\WINDOWS\system32\perfc00C.dat 2007-04-23 07:03:44 485,902 ----a-w C:\WINDOWS\system32\perfh00C.dat 2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-03-20 10:44:00 96,400 ----a-w C:\DOCUME~1\Pierrot\APPLIC~1\GDIPFONTCACHEV1.DAT 2007-03-17 13:44:47 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll 2007-03-08 15:37:50 578,560 ----a-w C:\WINDOWS\system32\user32.dll 2007-03-08 15:37:50 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll 2007-03-08 15:37:50 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll 2007-03-08 15:33:58 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {02478D38-C3F9-4EFB-9B51-7695ECA05670}=C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 10:28] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar2.dll [2007-01-20 00:56] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-05-30 11:16] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 15:43] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 18:07 C:\WINDOWS\system32\HdAShCut.exe] "RTHDCPL"="RTHDCPL.EXE" [2005-12-09 16:49 C:\WINDOWS\RTHDCPL.exe] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 07:15] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42] "GSICONEXE"="GSICON.EXE" [2007-01-08 11:50 C:\WINDOWS\system32\gsicon.exe] "DSLAGENTEXE"="dslagent.exe" [2007-01-08 11:50 C:\WINDOWS\system32\dslagent.exe] "OmniPage"="C:\Program Files\Caere\OmniPagePro90\opware32.exe" [1998-10-28 13:09] "Cloneur Expert Monitor"="C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" [2007-01-25 16:08] "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2007-01-25 16:08] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-24 23:08] "spywarefighterguard"="C:\Program Files\SPYWAREfighter\spftray.exe" [2006-12-03 14:19] "@"="" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 10:51] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-05-19 20:38] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 15:00] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-30 11:16] "Spamihilator"="C:\Program Files\Spamihilator\spamihilator.exe" [2007-01-24 15:49] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-05-20 14:50] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I] AutoRun\command- I:\autorun.exe ************************************************************************** catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-05 15:03:53 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... ? [1340] scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-05 15:05:30 C:\ComboFix-quarantined-files.txt ... 2007-06-05 15:05 C:\ComboFix2.txt ... 2007-06-02 10:03 --- E O F --- Je ferai faire la dernière manip par mon fils car j'ai peur de tout planter il touche beuacoup plus que moi . Encore merci pour tout le boulot que tu fais pour moi Cordialement Pierre
  3. PAPI84
    Salut Charles excuses moi pour cette réponse tardive (problème perso) j'ai fais les manips de ton dernier message voiçi les réponses: SDFix: Version 1.86 Run by Pierrot - 04/06/2007 - 14:21:14,20 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: ndis.sys Infected! Patched File copied to Backups Folder Attempting to replace ndis.sys with original version... Unable To Replace Patched File! Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Missing Security Center Service Restoring Missing SharedAccess Service Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\CP1041.NLS - Deleted C:\WINDOWS\Downloaded Program Files\UDC6V_0001_D19M0709NetInstaller.exe - Deleted Removing Temp Files... ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Checking if ADS is attached to ntoskrnl.exe C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\WINDOWS\\Explorer.EXE"="C:\\WINDOWS\\Explorer.EXE:*:Enabled:Explorer" "C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"="C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe:*:Disabled:Sunbelt Firewall GUI" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" Remaining Files: --------------- Backups Folder: - C:\SDFix\backups\backups.zip Listing Files with Hidden Attributes: C:\Program Files\Fichiers communs\aolshare\shell\fr\shellext.dll C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP195\A0100640.dll C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP195\A0100642.dll C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP195\A0100645.dll C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP195\A0100650.dll C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp C:\WINDOWS\system32\bbadd.tmp C:\WINDOWS\system32\ywbfdwas.tmp Listing User Accounts: comptes d'utilisateurs de \\121879940317 Administrateur ASPNET HelpAssistant Invit‚ Pierrot SUPPORT_388945a0 La commande s'est termin‚e correctement. Finished Effectué le 06/06/2007 à 9:08:10,35. Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 3824-C69F Répertoire de C:\WINDOWS\system32\drivers 27/04/2007 15:41 281 348 ndis.sys 1 fichier(s) 281 348 octets j'ai eu deux écrans bleu à la lecture problème de pilote 1 le 05/06/07 obligé de refaire un point de restauration à la date du 04/06/07 pour redémarrer et 1 il y a dix minutes redémarrage normal. Effectué le 06/06/2007 à 9:08:10,35. voiçi les nouvelles Par avance merci Pierre
  4. PAPI84
    Salut Charles Voici le rapport COMBOFIX.EXE "Pierrot" - 2007-06-05 15:00:47 Service Pack 2 NTFS ComboFix 07-06-3 - Running from: "C:\Documents and Settings\Pierrot\Bureau\" ((((((((((((((((((((((((( Files Created from 2007-05-05 to 2007-06-05 ))))))))))))))))))))))))))))))) 2007-06-04 15:24 <REP> d-------- C:\Program Files\SPYWAREfighter 2007-06-04 15:24 <REP> d-------- C:\Program Files\Fichiers communs\Application 2007-06-02 10:16 853 --a------ C:\reboot.cmd 2007-06-02 10:16 68,096 --a------ C:\diff.exe 2007-06-02 10:16 103,424 --a------ C:\grep.exe 2007-06-02 10:03 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-01 16:28 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-06-01 13:13 <REP> d-------- C:\Program Files\Lavasoft 2007-06-01 11:44 <REP> d-------- C:\WINDOWS\CSC 2007-05-31 09:36 5,242,880 --a------ C:\DOCUME~1\Pierrot\ntuser.dat 2007-05-31 09:36 <REP> d-------- C:\DOCUME~1\Pierrot\APPLIC~1\InstallShield Installation Information 2007-05-28 15:11 <REP> dr------- C:\DOCUME~1\LOCALS~1\Favoris 2007-05-28 15:11 <REP> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Google 2007-05-27 08:41 <REP> d-------- C:\Program Files\AxBx 2007-05-10 11:18 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-05-09 15:12 <REP> d-------- C:\Program Files\Spamihilator (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-04 12:36:13 -------- d-----w C:\Program Files\Hijackthis Version Française 2007-06-03 14:35:26 -------- d-----w C:\Program Files\eMule 2007-06-02 07:23:54 -------- d-----w C:\Program Files\Share_Accelerator 2007-06-02 07:23:54 -------- d-----w C:\Program Files\Multi_Media 2007-06-01 18:37:27 -------- d-----w C:\Program Files\Sunbelt Software 2007-05-31 12:21:04 -------- d-----w C:\DOCUME~1\Pierrot\APPLIC~1\Lavasoft 2007-05-31 12:19:53 -------- d-----w C:\Program Files\IncrediMail 2007-05-29 10:02:07 -------- d-----w C:\DOCUME~1\Pierrot\APPLIC~1\Canon 2007-05-29 07:49:11 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll 2007-05-03 12:51:46 -------- d-----w C:\DOCUME~1\Pierrot\APPLIC~1\Skype 2007-05-01 16:11:21 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE 2007-05-01 16:02:25 -------- d-----w C:\Program Files\Fichiers communs\Agnitum Shared 2007-05-01 16:02:23 -------- d-----w C:\Program Files\Agnitum 2007-05-01 09:32:20 505,483 --sh--w C:\WINDOWS\system32\bbadd.ini2 2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-04-28 15:17:18 520,880 --sh--w C:\WINDOWS\system32\bbadd.bak2 2007-04-27 13:41:22 281,348 ----a-w C:\WINDOWS\system32\drivers\ndis.sys 2007-04-26 08:21:34 72,624 ----a-w C:\WINDOWS\system32\drivers\khips.sys 2007-04-26 08:21:30 302,000 ----a-w C:\WINDOWS\system32\drivers\fwdrv.sys 2007-04-23 07:03:44 82,882 ----a-w C:\WINDOWS\system32\perfc00C.dat 2007-04-23 07:03:44 485,902 ----a-w C:\WINDOWS\system32\perfh00C.dat 2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-03-20 10:44:00 96,400 ----a-w C:\DOCUME~1\Pierrot\APPLIC~1\GDIPFONTCACHEV1.DAT 2007-03-17 13:44:47 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll 2007-03-08 15:37:50 578,560 ----a-w C:\WINDOWS\system32\user32.dll 2007-03-08 15:37:50 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll 2007-03-08 15:37:50 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll 2007-03-08 15:33:58 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {02478D38-C3F9-4EFB-9B51-7695ECA05670}=C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 10:28] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar2.dll [2007-01-20 00:56] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-05-30 11:16] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 15:43] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 18:07 C:\WINDOWS\system32\HdAShCut.exe] "RTHDCPL"="RTHDCPL.EXE" [2005-12-09 16:49 C:\WINDOWS\RTHDCPL.exe] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 07:15] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42] "GSICONEXE"="GSICON.EXE" [2007-01-08 11:50 C:\WINDOWS\system32\gsicon.exe] "DSLAGENTEXE"="dslagent.exe" [2007-01-08 11:50 C:\WINDOWS\system32\dslagent.exe] "OmniPage"="C:\Program Files\Caere\OmniPagePro90\opware32.exe" [1998-10-28 13:09] "Cloneur Expert Monitor"="C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" [2007-01-25 16:08] "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2007-01-25 16:08] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-24 23:08] "spywarefighterguard"="C:\Program Files\SPYWAREfighter\spftray.exe" [2006-12-03 14:19] "@"="" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 10:51] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-05-19 20:38] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 15:00] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-30 11:16] "Spamihilator"="C:\Program Files\Spamihilator\spamihilator.exe" [2007-01-24 15:49] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-05-20 14:50] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I] AutoRun\command- I:\autorun.exe ************************************************************************** catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-05 15:03:53 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... ? [1340] scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-05 15:05:30 C:\ComboFix-quarantined-files.txt ... 2007-06-05 15:05 C:\ComboFix2.txt ... 2007-06-02 10:03 --- E O F --- Encore merci Pierre
  5. PAPI84
    Charles j'ai fais la manip avec SDFIX + un scan hijackthis SDFix: Version 1.86 Run by Pierrot - 04/06/2007 - 14:21:14,20 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: ndis.sys Infected! Patched File copied to Backups Folder Attempting to replace ndis.sys with original version... Unable To Replace Patched File! Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Missing Security Center Service Restoring Missing SharedAccess Service Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\CP1041.NLS - Deleted C:\WINDOWS\Downloaded Program Files\UDC6V_0001_D19M0709NetInstaller.exe - Deleted Removing Temp Files... ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Checking if ADS is attached to ntoskrnl.exe C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\WINDOWS\\Explorer.EXE"="C:\\WINDOWS\\Explorer.EXE:*:Enabled:Explorer" "C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"="C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe:*:Disabled:Sunbelt Firewall GUI" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" Remaining Files: --------------- Backups Folder: - C:\SDFix\backups\backups.zip Listing Files with Hidden Attributes: C:\Program Files\Fichiers communs\aolshare\shell\fr\shellext.dll C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP195\A0100640.dll C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP195\A0100642.dll C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP195\A0100645.dll C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP195\A0100650.dll C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp C:\WINDOWS\system32\bbadd.tmp C:\WINDOWS\system32\ywbfdwas.tmp Listing User Accounts: comptes d'utilisateurs de \\121879940317 Administrateur ASPNET HelpAssistant Invit‚ Pierrot SUPPORT_388945a0 La commande s'est termin‚e correctement. Finished Logfile of HijackThis v1.99.1 Scan saved at 14:36:18, on 04/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program Files\Caere\OmniPagePro90\opware32.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Messenger\msmsgs.exe C:\APPS\SMP\SmpSys.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.fr/news?ned=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: reminder-Enregistrement du produit ScanSoft.lnk = C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} (Seagate SeaTools Online French) - file://C:\DRIVERS\snapsys\HDDDiag\bin\npseatools.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1175687746531 O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab O16 - DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} (MCLPhoto_Upload.PhotoUpload) - http://auchan.fujifilmnet.com/MCLPhoto.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{67AC927D-2DC0-48D8-851D-4B54054B8881}: NameServer = 212.151.136.242 212.151.137.166 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: NMSAccess - Unknown owner - C:\Program Files\StudioLine Photo Basic\NMSAccess.exe (file missing) O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe Logfile of HijackThis v1.99.1 Scan saved at 14:36:18, on 04/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program Files\Caere\OmniPagePro90\opware32.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Messenger\msmsgs.exe C:\APPS\SMP\SmpSys.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.fr/news?ned=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: reminder-Enregistrement du produit ScanSoft.lnk = C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} (Seagate SeaTools Online French) - file://C:\DRIVERS\snapsys\HDDDiag\bin\npseatools.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1175687746531 O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab O16 - DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} (MCLPhoto_Upload.PhotoUpload) - http://auchan.fujifilmnet.com/MCLPhoto.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{67AC927D-2DC0-48D8-851D-4B54054B8881}: NameServer = 212.151.136.242 212.151.137.166 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: NMSAccess - Unknown owner - C:\Program Files\StudioLine Photo Basic\NMSAccess.exe (file missing) O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe Voiçi le resultat. Par avance merci pour la réponse Pierre
  6. PAPI84
    Salut Charles Je viens de faire la procédure suivant : Etape 1 ok Etape 2 ok Etape 3 j'ai fais toute cette étape: Dans cette étape il n'y a pas la dll : plelf.dll Il y a: mswsock.dll - winrnr.dll - rsvpsp.dll dans 'keep' Je n'ai rien fais et j'ai redémarré l'ordi en mode normal. Cordialement Pierre
  7. PAPI84
    Charles Quelle patience avec moi Oui deux fois pour ComoboFix Voiçi la suite Logfile of HijackThis v1.99.1 Scan saved at 13:37:58, on 02/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program Files\Caere\OmniPagePro90\opware32.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe C:\Program Files\Messenger\msmsgs.exe C:\APPS\SMP\SmpSys.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.fr/news?ned=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: reminder-Enregistrement du produit ScanSoft.lnk = C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\plelf.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} (Seagate SeaTools Online French) - file://C:\DRIVERS\snapsys\HDDDiag\bin\npseatools.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1175687746531 O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab O16 - DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} (MCLPhoto_Upload.PhotoUpload) - http://auchan.fujifilmnet.com/MCLPhoto.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{67AC927D-2DC0-48D8-851D-4B54054B8881}: NameServer = 212.151.136.242 212.151.137.166 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: NMSAccess - Unknown owner - C:\Program Files\StudioLine Photo Basic\NMSAccess.exe (file missing) O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe DiagHelp version v1.1 - http://www.malekal.com excute le 02/06/2007 à 14:12:08,73 Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\fwdrv.err -->02/06/2007 14:10:22 C:\WINDOWS\System32/drivers\aswmon.sys -->30/04/2007 17:41:55 C:\WINDOWS\System32/drivers\aswmon2.sys -->30/04/2007 17:41:42 C:\WINDOWS\System32/drivers\aswRdr.sys -->30/04/2007 17:39:41 C:\WINDOWS\System32/drivers\aswTdi.sys -->30/04/2007 17:38:51 C:\WINDOWS\System32/drivers\aavmker4.sys -->30/04/2007 17:37:23 C:\WINDOWS\System32/drivers\ndis.sys -->27/04/2007 15:41:22 C:\WINDOWS\System32\wpa.dbl -->02/06/2007 11:02:42 C:\WINDOWS\System32\plelf.dll -->02/06/2007 10:03:52 C:\WINDOWS\System32\CmdLineExt03.dll -->29/05/2007 09:49:11 C:\WINDOWS\System32\FNTCACHE.DAT -->28/05/2007 08:41:08 C:\WINDOWS\System32\mcrh.tmp -->16/05/2007 08:31:48 C:\WINDOWS\System32\jupdate-1.6.0_01-b06.log -->09/05/2007 15:03:50 C:\WINDOWS\System32\enchtjly.ini -->09/05/2007 10:20:09 C:\WINDOWS\System32\CONFIG.NT -->03/05/2007 14:16:39 C:\WINDOWS\System32\bbadd.ini2 -->01/05/2007 11:32:20 C:\WINDOWS\System32\cmpoqbkg.ini -->01/05/2007 11:28:28 C:\WINDOWS\System32\aswBoot.exe -->30/04/2007 17:46:10 C:\WINDOWS\System32\AVASTSS.scr -->30/04/2007 17:35:28 C:\WINDOWS\System32\bbadd.bak2 -->28/04/2007 17:17:18 C:\WINDOWS\System32\MRT.exe -->27/04/2007 22:45:12 C:\WINDOWS\System32\dgxushyj.ini -->27/04/2007 18:59:31 C:\WINDOWS\System32\sqevksgy.ini -->24/04/2007 17:01:56 C:\WINDOWS\System32\eecuhtue.ini -->23/04/2007 09:21:09 C:\WINDOWS\System32\PerfStringBackup.INI -->23/04/2007 09:03:44 C:\WINDOWS\System32\perfh00C.dat -->23/04/2007 09:03:44 C:\WINDOWS\System32\perfh009.dat -->23/04/2007 09:03:44 C:\WINDOWS\System32\perfc00C.dat -->23/04/2007 09:03:44 C:\WINDOWS\System32\perfc009.dat -->23/04/2007 09:03:44 C:\WINDOWS\System32\pvkyispe.ini -->20/04/2007 14:11:19 C:\WINDOWS\System32\thksgscg.ini -->19/04/2007 10:32:03 C:\WINDOWS\System32\msi.dll -->18/04/2007 18:14:18 C:\WINDOWS.log -->02/06/2007 11:01:59 C:\WINDOWS\WindowsUpdate.log -->02/06/2007 11:01:30 C:\WINDOWS\wiadebug.log -->02/06/2007 11:01:23 C:\WINDOWS\wiaservc.log -->02/06/2007 11:01:17 C:\WINDOWS\bootstat.dat -->02/06/2007 11:00:22 C:\WINDOWS\SchedLgU.Txt -->02/06/2007 10:59:25 C:\WINDOWS\setupapi.log -->01/06/2007 16:28:51 C:\WINDOWS\win.ini -->01/06/2007 13:13:12 C:\WINDOWS\system.ini -->01/06/2007 13:13:12 C:\WINDOWS\wwdslcfg.log -->01/06/2007 11:53:43 C:\WINDOWS\MEMORY.DMP -->31/05/2007 14:01:42 C:\WINDOWS\catchme.exe -->28/05/2007 04:23:11 C:\WINDOWS\tsoc.log -->23/05/2007 20:10:09 C:\WINDOWS\tabletoc.log -->23/05/2007 20:10:09 C:\WINDOWS\ocmsn.log -->23/05/2007 20:10:09 Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 3824-C69F Répertoire de C:\WINDOWS\system32 10/08/2004 15:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 196 449 386 496 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 3824-C69F Répertoire de C:\WINDOWS\Downloaded Program Files 01/06/2007 16:28 <REP> . 01/06/2007 16:28 <REP> .. 22/11/2006 22:12 73 216 Account.dll 22/11/2006 22:00 216 Account.inf 23/09/2004 20:09 65 desktop.ini 25/07/2002 18:13 24 576 dwusplay.dll 25/07/2002 18:13 196 608 dwusplay.exe 25/06/2006 13:50 1 793 erma.inf 25/07/2002 18:05 172 032 isusweb.dll 08/08/2006 11:45 576 kavwebscan.inf 11/12/2006 17:44 367 LegitCheckControl.inf 27/06/2006 15:52 2 856 MCLPhoto.INF 27/06/2006 16:04 263 984 MCLPhoto.ocx 26/05/2005 04:19 293 muweb.inf 13/10/2005 17:23 380 928 npSeaTools_FR.dll 01/11/2005 14:06 892 npSeaTools_FR.inf 07/09/2006 13:15 142 848 UDC6V_0001_D19M0709NetInstaller.exe 15 fichier(s) 1 261 250 octets Total des fichiers listés : 15 fichier(s) 1 261 250 octets 2 Rép(s) 196 449 382 400 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\WINDOWS\\Explorer.EXE"="C:\\WINDOWS\\Explorer.EXE:*:Enabled:Explorer" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-02 14:12:51 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... scan completed successfully hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 536 - sqlservr.exe 728 - csrss.exe 764 - winlogon.exe 808 - services.exe 820 - lsass.exe 996 - svchost.exe 1060 - ashDisp.exe 1084 - svchost.exe 1136 - svchost.exe 1180 - CLI.exe 1204 - kpf4ss.exe 1228 - svchost.exe 1292 - svchost.exe 1432 - ashServ.exe 1484 - DetectorApp.exe 1516 - RTHDCPL.exe 1672 - explorer.exe 1856 - spoolsv.exe 2016 - AOLacsd.exe 2040 - gsicon.exe 2120 - ntvdm.exe 2184 - svchost.exe 2252 - svchost.exe 2392 - mcrdsvc.exe 2492 - PMSHost.exe 2544 - ctfmon.exe 2556 - kpf4gui.exe 2604 - GoogleToolbarNo 2692 - cmd.exe 2760 - iexplore.exe 3108 - svchost.exe 3392 - ashMaiSv.exe 3488 - kpf4gui.exe 3540 - ashWebSv.exe 3732 - dllhost.exe 4000 - CLI.exe 4012 - CLI.exe Total number of processes = 37 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E2000 - \WINDOWS\system32\hal.dll F7990000 - \WINDOWS\system32\KDCOM.DLL F78A0000 - \WINDOWS\system32\BOOTVID.dll F72B8000 - sptd.sys F7992000 - \WINDOWS\System32\Drivers\WMILIB.SYS F72A0000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS F7271000 - ACPI.sys F7260000 - pci.sys F7490000 - isapnp.sys F7A58000 - pciide.sys F7710000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F7994000 - aliide.sys F7996000 - cmdide.sys F7998000 - toside.sys F799A000 - viaide.sys F799C000 - intelide.sys F74A0000 - MountMgr.sys F7241000 - ftdisk.sys F799E000 - dmload.sys F721B000 - dmio.sys F7718000 - PartMgr.sys F74B0000 - VolSnap.sys F78A4000 - cpqarray.sys F7203000 - atapi.sys F78A8000 - aha154x.sys F7720000 - sparrow.sys F78AC000 - symc810.sys F74C0000 - aic78xx.sys F78B0000 - dac960nt.sys F74D0000 - ql10wnt.sys F78B4000 - amsint.sys F7728000 - asc.sys F78B8000 - asc3550.sys F7730000 - mraid35x.sys F7738000 - i2omp.sys F78BC000 - ini910u.sys F74E0000 - ql1240.sys F74F0000 - aic78u2.sys F7740000 - symc8xx.sys F7748000 - sym_hi.sys F7750000 - sym_u3.sys F7758000 - ABP480N5.SYS F7760000 - asc3350p.sys F79A0000 - cd20xrnt.sys F7500000 - ultra.sys F71EA000 - adpu160m.sys F7768000 - dpti2o.sys F7510000 - ql1080.sys F7520000 - ql1280.sys F7530000 - ql12160.sys F7770000 - perc2.sys F79A2000 - perc2hib.sys F7778000 - hpn.sys F78C0000 - cbidf2k.sys F71BE000 - dac2w2k.sys F7540000 - disk.sys F7550000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F719E000 - fltMgr.sys F718C000 - sr.sys F7560000 - PxHelp20.sys F7175000 - KSecDD.sys F70E8000 - Ntfs.sys F70B9000 - NDIS.sys F7085000 - timntr.sys F7570000 - viaagp.sys F7070000 - snapman.sys F7580000 - sisagp.sys F7590000 - ohci1394.sys F75A0000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F7055000 - Mup.sys F75B0000 - alim1541.sys F75C0000 - amdagp.sys F75D0000 - agp440.sys F75E0000 - agpCPQ.sys F7610000 - \SystemRoot\system32\DRIVERS\intelppm.sys F6D8F000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys F6D7B000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F7810000 - \SystemRoot\system32\DRIVERS\usbohci.sys F6D58000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F7818000 - \SystemRoot\system32\DRIVERS\usbehci.sys F7620000 - \SystemRoot\system32\DRIVERS\imapi.sys F7820000 - \SystemRoot\System32\Drivers\ASAPIW2K.sys F6F71000 - \SystemRoot\system32\drivers\pfc.sys F7630000 - \SystemRoot\system32\DRIVERS\cdrom.sys F7640000 - \SystemRoot\system32\DRIVERS\redbook.sys F6D35000 - \SystemRoot\system32\DRIVERS\ks.sys F6D10000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys F6CFC000 - \SystemRoot\system32\DRIVERS\Rtnicxp.sys F6CB2000 - \SystemRoot\System32\Drivers\a8qmx8ee.SYS F7650000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F7890000 - \SystemRoot\system32\DRIVERS\mouclass.sys F7788000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F7AE0000 - \SystemRoot\system32\DRIVERS\audstub.sys F7670000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F6F41000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F6BD9000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F7680000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F7690000 - \SystemRoot\system32\DRIVERS\raspptp.sys F77D8000 - \SystemRoot\system32\DRIVERS\TDI.SYS F6BC8000 - \SystemRoot\system32\DRIVERS\psched.sys F76A0000 - \SystemRoot\system32\DRIVERS\msgpc.sys F77E8000 - \SystemRoot\system32\DRIVERS\ptilink.sys F77F8000 - \SystemRoot\system32\DRIVERS\raspti.sys F7800000 - \SystemRoot\system32\DRIVERS\wanatw4.sys F6B97000 - \SystemRoot\system32\DRIVERS\rdpdr.sys F76B0000 - \SystemRoot\system32\DRIVERS\termdd.sys F79B4000 - \SystemRoot\system32\DRIVERS\swenum.sys F6B3B000 - \SystemRoot\system32\DRIVERS\update.sys F6F1D000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F6B0D000 - \SystemRoot\system32\DRIVERS\MarvinBus.sys F7828000 - \SystemRoot\system32\DRIVERS\NkVBus.sys F76C0000 - \SystemRoot\System32\Drivers\NDProxy.SYS F76F0000 - \SystemRoot\system32\DRIVERS\usbhub.sys F79BA000 - \SystemRoot\system32\DRIVERS\USBD.SYS AABF3000 - \SystemRoot\system32\drivers\RtkHDAud.sys AABD1000 - \SystemRoot\system32\drivers\portcls.sys F7700000 - \SystemRoot\system32\drivers\drmk.sys F79C0000 - \SystemRoot\System32\Drivers\i2omgmt.SYS F79C4000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7B4D000 - \SystemRoot\System32\Drivers\Null.SYS F79C8000 - \SystemRoot\System32\Drivers\Beep.SYS F7868000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS F7870000 - \SystemRoot\System32\drivers\vga.sys F79CE000 - \SystemRoot\System32\Drivers\mnmdd.SYS F79D2000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys AAB40000 - \SystemRoot\system32\drivers\fwdrv.sys F7880000 - \SystemRoot\System32\Drivers\Msfs.SYS F7898000 - \SystemRoot\System32\Drivers\Npfs.SYS F6F4D000 - \SystemRoot\system32\DRIVERS\rasacd.sys AAB2D000 - \SystemRoot\system32\DRIVERS\ipsec.sys AAAD5000 - \SystemRoot\system32\DRIVERS\tcpip.sys AAAB4000 - \SystemRoot\system32\DRIVERS\ipnat.sys F7045000 - \SystemRoot\System32\Drivers\aswTdi.SYS F7035000 - \SystemRoot\system32\DRIVERS\wanarp.sys AA9EC000 - \SystemRoot\system32\DRIVERS\netbt.sys F6B83000 - \SystemRoot\System32\drivers\ws2ifsl.sys AA9CA000 - \SystemRoot\System32\drivers\afd.sys F7025000 - \SystemRoot\system32\DRIVERS\netbios.sys AA99F000 - \SystemRoot\system32\DRIVERS\rdbss.sys F6B7B000 - \??\C:\WINDOWS\system32\drivers\pclepci.sys AA930000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys AA91F000 - \SystemRoot\system32\drivers\khips.sys F77F0000 - \SystemRoot\system32\DRIVERS\usbprint.sys F7005000 - \SystemRoot\System32\Drivers\Fips.SYS F6AE5000 - \SystemRoot\System32\Drivers\Aavmker4.SYS F6AD5000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS F6AAD000 - \SystemRoot\system32\DRIVERS\usbscan.sys F6FE5000 - \SystemRoot\System32\Drivers\Cdfs.SYS AA867000 - \SystemRoot\System32\Drivers\dump_atapi.sys F79DE000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F6F59000 - \SystemRoot\System32\drivers\Dxapi.sys F7830000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys F7AA5000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\ati2dvag.dll BFA17000 - \SystemRoot\System32\ati2cqag.dll BFA51000 - \SystemRoot\System32\atikvmag.dll BFA87000 - \SystemRoot\System32\ati3duag.dll BFCEE000 - \SystemRoot\System32\ativvaxx.dll AA8A7000 - \SystemRoot\system32\DRIVERS\tifsfilt.sys A8672000 - \SystemRoot\system32\DRIVERS\ndisuio.sys A84EC000 - \SystemRoot\System32\Drivers\aswMon2.SYS A81C7000 - \SystemRoot\system32\DRIVERS\mrxdav.sys A818A000 - \SystemRoot\system32\drivers\wdmaud.sys A8334000 - \SystemRoot\system32\drivers\sysaudio.sys F79A6000 - \SystemRoot\System32\Drivers\ASCTRM.SYS A7F19000 - \SystemRoot\System32\Drivers\HTTP.sys A7E9F000 - \SystemRoot\system32\DRIVERS\srv.sys A7490000 - \SystemRoot\System32\Drivers\aswRdr.SYS A713A000 - \SystemRoot\system32\DRIVERS\gwausb.sys F7B64000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys A6F04000 - \SystemRoot\system32\drivers\kmixer.sys Total number of drivers = 174 Liste des programmes installes Ad-Aware SE Personal Ad-Aware SE Personal Adobe Bridge 1.0 Adobe Common File Installer Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Photoshop CS2 Adobe Photoshop CS2 Adobe Reader 7.0.9 - Français Adobe Shockwave Player Adobe Shockwave Player Adobe Stock Photos 1.0 AIDA32 v3.93 AIDA32 v3.93 Archiveur WinRAR ArcSoft Panorama Maker 3 ArcSoft PhotoBase ArcSoft PhotoBase ArcSoft PhotoStudio 2000 ArcSoft PhotoStudio 2000 ATI Catalyst Control Center AutoUpdate avast! Antivirus avast! Antivirus Canon iP1600 Canon iP1600 Canon ScanGear Toolbox 3.1 Canon ScanGear Toolbox 3.1 Canon Utilities Easy-PhotoPrint Canon Utilities Easy-PhotoPrint Capturino 1.4 Capturino 1.4 CCleaner (remove only) CCleaner (remove only) Cloneur Expert Cloneur Expert Codeur Windows Media Série 9 Codeur Windows Media Série 9 Coloriage Coloriage Correctif n° 2 pour Windows XP Édition Media Center 2005 Correctif n° 2 pour Windows XP Édition Media Center 2005 Correctif pour Windows XP (KB888795) Correctif pour Windows XP (KB888795) Correctif pour Windows XP (KB891593) Correctif pour Windows XP (KB891593) Correctif pour Windows XP (KB896256) Correctif pour Windows XP (KB896256) Correctif pour Windows XP (KB899337) Correctif pour Windows XP (KB899337) Correctif pour Windows XP (KB899510) Correctif pour Windows XP (KB899510) Correctif pour Windows XP (KB902841) Correctif pour Windows XP (KB902841) Correctif pour Windows XP (KB910728) Correctif pour Windows XP (KB912024) Correctif pour Windows XP (KB914440) Correctif pour Windows XP (KB935448) Correctif Windows XP - KB873339 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Correctif Windows XP - KB891781 Correctif Windows XP - KB895961 Correctif Windows XP - KB895961 D-Link DSL-200 ADSL Modem DiscAPI (Studio 10) DivX Codec DivX Content Uploader DivX Content Uploader DivX Converter DivX Player DivX Web Player Dora l'exploratrice : Les animaux de la jungle Dora La Cité Perdue Dora Sakado Démo de Dora au pays des contes de fées eMule eMule EVEREST Home Edition v2.20 EVEREST Home Edition v2.20 Google Toolbar for Internet Explorer High Definition Audio Driver Package - KB888111 High Definition Audio Driver Package - KB888111 HijackThis 1.99.1 HijackThis 1.99.1 Hijackthis Version Française Hijackthis Version Française Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 J2SE Runtime Environment 5.0 Update 4 Java SE Runtime Environment 6 Update 1 jv16 PowerTools 1.3 jv16 PowerTools 1.3 Kaspersky Online Scanner Kaspersky Online Scanner Language pack for Ad-Aware SE Lecteur Windows Media 11 LightScribe 1.4.44.1 LimeWire 4.12.11 Macromedia Flash Player 8 Macromedia Shockwave Player Micro Application - 1, 2, 3 Photo 2006 Microsoft .NET Framework 1.0 Hotfix (KB887998) Microsoft .NET Framework 1.0 Hotfix (KB887998) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office PowerPoint Viewer 2003 Microsoft Office XP Professional avec FrontPage Microsoft SQL Server Desktop Engine (PINNACLESYS) Microsoft User-Mode Driver Framework Feature Pack 1.0 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925454) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928090) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour pour Lecteur Windows Media 10 (KB910393) Mise à jour pour Lecteur Windows Media 10 (KB913800) Mise à jour pour Lecteur Windows Media 10 (KB926251) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB931836) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 Parser and SDK Multi Media Toolbar Multi Virus Cleaner 2007 Nero Suite OmniPage Pro 9.0 PhotoFiltre Pinnacle Instant DVD Recorder Pinnacle MediaServer Pinnacle Studio LINX Plus de 15 000 Cliparts Volume 1 PowerDVD QuickTime QuickTime QuickTime RAPID (Studio 10) REALTEK GbE & FE Ethernet PCI NIC Driver Realtek High Definition Audio Driver Scan Manager 5.2 Seagate SeaTools Online French Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 2.0 (KB917283) Security Update pour Microsoft .NET Framework 2.0 (KB922770) Share Accelerator Toolbar SmartSound Quicktracks Plugin SmartSound Quicktracks Plugin SmartSound Quicktracks Plugin Sonic Encoders Sonic Express Labeler Sonic MyDVD LE Sonic RecordNow Audio Sonic RecordNow Copy Sonic RecordNow Data Spamihilator Studio 10 Studio 8 Sunbelt Personal Firewall Ulead DVD DiskRecorder 2.1.1 Ulead PhotoImpact 10 SE Ulead VideoStudio 9.0 SE DVD WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool Windows Installer 3.1 (KB893803) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Internet Explorer 7 Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows XP Media Center Edition 2005 KB908246 Windows XP Media Center Edition 2005 KB925766 Yahoo! Toolbar Yahoo! Toolbar avec bloqueur de fenêtres pop-up Yoodoo Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 3824-C69F Répertoire de C:\Program Files 31/05/2007 14:21 <REP> . 31/05/2007 14:21 <REP> .. 08/02/2007 13:25 <REP> 3B Software 27/02/2007 11:07 <REP> Adobe 01/05/2007 18:02 <REP> Agnitum 10/01/2007 13:52 <REP> Ahead 12/01/2007 22:07 <REP> AIDA32 - Enterprise System Information 25/01/2007 15:23 <REP> Alcohol Soft 05/01/2007 17:11 <REP> Alwil Software 22/11/2006 02:51 <REP> AOL Compagnon 04/02/2007 19:37 <REP> ArcSoft 01/03/2007 15:35 <REP> Atari 22/11/2006 02:50 <REP> ATI Technologies 09/02/2007 15:44 <REP> AudioTest 27/05/2007 08:41 <REP> AxBx 27/01/2007 17:33 <REP> BitTorrent 09/01/2007 14:43 <REP> Caere 05/02/2007 10:26 <REP> Canon 04/02/2007 19:13 <REP> Capturino 1.4 06/01/2007 14:17 <REP> CCleaner 22/11/2006 02:50 <REP> ComPlus Applications 22/11/2006 02:50 <REP> CyberLink 25/02/2007 13:03 <REP> denouvel 11/02/2007 19:13 <REP> DivX 08/01/2007 11:55 <REP> D-Link 28/05/2007 19:30 <REP> eMule 01/03/2007 21:44 <REP> eoRezo 03/05/2007 12:13 <REP> Fichiers communs 07/02/2007 14:58 <REP> Google 02/06/2007 13:37 <REP> Hijackthis Version Française 31/05/2007 14:19 <REP> IncrediMail 10/05/2007 12:34 <REP> Internet Explorer 09/05/2007 15:03 <REP> Java 06/01/2007 14:44 <REP> jv16 PowerTools 12/01/2007 20:05 <REP> Lavalys 01/06/2007 13:13 <REP> Lavasoft 22/11/2006 02:50 <REP> Learn2.com 27/02/2007 11:27 <REP> LimeWire 22/11/2006 02:53 <REP> Messenger 20/03/2007 12:04 <REP> Micro Application 10/05/2007 11:18 <REP> Microsoft CAPICOM 2.1.0.2 22/11/2006 02:50 <REP> microsoft frontpage 07/02/2007 19:01 <REP> Microsoft Office 24/02/2007 23:32 <REP> Microsoft SQL Server 14/02/2007 17:51 <REP> Midori 22/11/2006 02:53 <REP> Movie Maker 06/01/2007 00:06 <REP> MSN 22/11/2006 02:50 <REP> MSN Gaming Zone 04/02/2007 19:39 <REP> MSXML 4.0 02/06/2007 09:23 <REP> Multi_Media 27/01/2007 16:41 <REP> MyAlbum 22/11/2006 02:53 <REP> NetMeeting 04/02/2007 22:33 <REP> Nikon 22/11/2006 02:53 <REP> Online Services 05/01/2007 23:08 <REP> Outlook Express 21/01/2007 15:33 <REP> PhotoFiltre 24/02/2007 23:34 <REP> Pinnacle 24/02/2007 23:09 <REP> QuickTime 22/11/2006 02:50 <REP> Real 22/11/2006 02:50 <REP> Realtek 06/01/2007 18:25 <REP> Seagate 22/11/2006 02:53 <REP> Services en ligne 02/06/2007 09:23 <REP> Share_Accelerator 22/11/2006 02:50 <REP> SmartSound Software 28/01/2007 12:54 <REP> SoftChris 22/11/2006 02:50 <REP> Sonic 01/06/2007 13:13 <REP> Spamihilator 01/06/2007 20:37 <REP> Sunbelt Software 05/01/2007 16:56 <REP> Symantec 23/02/2007 17:10 <REP> Ulead Systems 22/11/2006 02:50 <REP> Viewpoint 22/11/2006 02:50 <REP> Windows Media Components 25/01/2007 17:06 <REP> Windows Media Connect 2 25/01/2007 17:06 <REP> Windows Media Player 22/11/2006 02:54 <REP> Windows NT 22/11/2006 02:50 <REP> Windows Plus 18/02/2007 18:50 <REP> WinRAR 22/11/2006 02:50 <REP> xerox 06/01/2007 14:17 <REP> Yahoo! 27/01/2007 11:09 <REP> Zapu 0 fichier(s) 0 octets 80 Rép(s) 196 449 382 400 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 3824-C69F Répertoire de C:\Program Files\fichiers communs 03/05/2007 12:13 <REP> . 03/05/2007 12:13 <REP> .. 25/01/2007 16:08 <REP> Acronis 27/02/2007 17:20 <REP> Adobe 27/02/2007 11:05 <REP> Adobe Systems Shared 01/05/2007 18:02 <REP> Agnitum Shared 10/01/2007 13:49 <REP> Ahead 22/11/2006 02:53 <REP> AOL 22/11/2006 02:53 <REP> aolshare 09/01/2007 14:43 <REP> Caere 05/01/2007 17:25 <REP> Designer 02/03/2007 12:03 <REP> DriveCleaner Free 22/11/2006 02:50 <REP> InstallShield 22/11/2006 02:50 <REP> Java 10/01/2007 13:52 <REP> LightScribe 05/04/2007 20:44 <REP> Microsoft Shared 22/11/2006 02:50 <REP> MSSoap 10/01/2007 13:51 <REP> Nero 04/02/2007 22:32 <REP> Nikon 22/11/2006 02:50 <REP> Nullsoft 22/11/2006 02:50 <REP> ODBC 22/11/2006 02:50 <REP> Real 22/11/2006 02:53 <REP> Services 22/11/2006 02:53 <REP> Sonic Shared 22/11/2006 02:50 <REP> SpeechEngines 22/11/2006 02:53 <REP> SureThing Shared 05/01/2007 16:56 <REP> Symantec Shared 05/01/2007 23:08 <REP> System 22/11/2006 02:50 <REP> TiVo Shared 22/11/2006 02:53 <REP> Ulead Systems 19/02/2007 18:28 <REP> Vbox 0 fichier(s) 0 octets 31 Rép(s) 196 449 382 400 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 3824-C69F Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 04/04/2007 20:42 <REP> . 04/04/2007 20:42 <REP> .. 05/01/2007 17:25 <REP> 1033 04/04/2007 20:42 <REP> 1036 29/01/2004 16:08 1 277 952 MSONSEXT.DLL 13/02/2001 09:23 58 784 MSOSV.DLL 03/06/1999 13:09 122 937 MSOWS409.DLL 07/03/2001 08:00 127 033 MSOWS40c.DLL 06/08/2000 10:04 401 462 MSVCP60.DLL 29/01/2004 16:08 69 632 PKMAXCTL.DLL 29/01/2004 16:08 868 352 PKMCDO.DLL 29/01/2004 16:08 53 248 PKMCORE.DLL 29/01/2004 16:08 102 400 PKMFORMS.DLL 29/01/2004 16:38 634 880 PKMRES.DLL 29/01/2004 16:08 28 672 PKMSSTLB.DLL 22/01/2001 04:25 40 960 PKMTEMPL.DLL 29/01/2004 16:08 24 576 PKMTRACE.DLL 29/01/2004 16:08 86 016 PKMWS.DLL 29/01/2004 16:08 237 568 PROMDEMO.DLL 29/01/2004 16:08 184 320 SECMGR.DLL 29/01/2004 16:08 315 392 VAIDDMGR.DLL 29/01/2004 16:08 32 768 VAIMEM.DLL 18 fichier(s) 4 666 952 octets 4 Rép(s) 196 449 378 304 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 3824-C69F Répertoire de C:\ 12/05/2007 18:22 68 096 diff.exe 12/05/2007 18:22 103 424 grep.exe 31/10/2005 17:56 700 416 StubInstaller.exe 3 fichier(s) 871 936 octets 0 Rép(s) 196 449 378 304 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 3824-C69F Répertoire de C:\ 02/06/2007 11:03 91 648 cp1041.nls 1 fichier(s) 91 648 octets 0 Rép(s) 196 449 378 304 octets libres c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}\ARPPRODUCTICON.exe c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Inst2\Cnmvsa.exe c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Inst2\helpkicker.exe c:\Documents and Settings\Default User\Application Data\Microsoft\Installer\{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}\ARPPRODUCTICON.exe c:\Documents and Settings\Pierrot\.limewire\.NetworkShare\LimeWireWin4.12.6-fixed.exe c:\Documents and Settings\Pierrot\.limewire\.NetworkShare\LimeWireWinInstaller.exe c:\Documents and Settings\Pierrot\Application Data\ezpinst.exe c:\Documents and Settings\Pierrot\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe c:\Documents and Settings\Pierrot\Application Data\Microsoft\Installer\{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}\ARPPRODUCTICON.exe c:\Documents and Settings\Pierrot\Application Data\Microsoft\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\ARPPRODUCTICON.exe c:\Documents and Settings\Pierrot\Application Data\Microsoft\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut1_E659E0EE10E649B7869660F38D0EB174.exe c:\Documents and Settings\Pierrot\Application Data\Microsoft\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe c:\Documents and Settings\Pierrot\Bureau\ccsetup140.exe c:\Documents and Settings\Pierrot\Bureau\CloneMaster Setup.exe c:\Documents and Settings\Pierrot\Bureau\ComboFix.exe c:\Documents and Settings\Pierrot\Bureau\kerio-personal-firewall_4.2.3.912.exe c:\Documents and Settings\Pierrot\Bureau\siw_siw_1.66_build_624_anglais_14288.exe c:\Documents and Settings\Pierrot\Bureau\spamihilator_0_9_9_10.exe c:\Documents and Settings\Pierrot\Bureau\wrar362fr.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\find2.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Pierrot\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Pierrot\Mes documents\aawsepersonal.exe c:\Documents and Settings\Pierrot\Mes documents\Audiotest.exe c:\Documents and Settings\Pierrot\Mes documents\Demo_Dora_Contes_fees.exe c:\Documents and Settings\Pierrot\Mes documents\DivXInstaller.exe c:\Documents and Settings\Pierrot\Mes documents\HijackThisFR.exe c:\Documents and Settings\Pierrot\Mes documents\LimeWireWin.exe c:\Documents and Settings\Pierrot\Mes documents\PPVIEWER.EXE c:\Documents and Settings\Pierrot\Mes documents\registryrepair_rrfr002.exe c:\Documents and Settings\Pierrot\Mes documents\rminstall.exe c:\Documents and Settings\Pierrot\Mes documents\Start.exe c:\Documents and Settings\Pierrot\Mes documents\Downloads\La Solution Pour Faire Marcher Le Jeu ' Jeux Dora L'exploratrice - Les Animaux De La Jungle - Alcohol.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\delaySpawn.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\dslagent.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\gsicon.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\Q307271_WxP_SP1_x86_enu_MID57834.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\Q307271_WxP_SP1_x86_ENU_MID58293.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\setup.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\usb\ATM Driver\dsldrv\dslagent.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\usb\ATM Driver\dsldrv\gsicon.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\usb\LAN Driver\dsldrv\dslagent.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\usb\LAN Driver\dsldrv\gsicon.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\usb\WAN Driver\dsldrv\dslagent.exe c:\Documents and Settings\Pierrot\Mes documents\Driver modem\Pilote_ADSL_USB_-Pack_Wanadoo-_1.12.0019_98Me2000XP\usb\WAN Driver\dsldrv\gsicon.exe c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules404\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules404\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules404\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules405\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules405\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules405\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules406\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules406\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules406\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules407\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules407\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules407\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules408\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules408\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules408\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules409\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules409\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules409\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules40B\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules40B\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules40B\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules40C\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules40C\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules40C\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules40E\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules40E\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules40E\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules410\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules410\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules410\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules411\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules411\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules411\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules412\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules412\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules412\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules413\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules413\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules413\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules414\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules414\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules414\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules415\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules415\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules415\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules419\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules419\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules419\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules41D\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules41D\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules41D\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules41E\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules41E\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules41E\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules41F\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules41F\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules41F\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules804\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules804\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules804\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules816\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules816\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModules816\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModulesC0A\CNMlr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModulesC0A\CNMsr75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600\LanguageModulesC0A\CNMur75.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNM_0257.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMBR256.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMDRV.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMDUMP5.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMFUS.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMINST.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLMON2.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRCN.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRCZ.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRDE.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRDK.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRES.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRFI.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRFR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRGR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRHU.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRIT.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRJ.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRKR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRNL.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRNO.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRPL.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRPT.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRRU.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRSE.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRTH.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRTR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMLRTW.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMMR256.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMOP74.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMP_257.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMPCOMM.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMPD.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMPP.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMPV.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMQUEUE.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSMSD.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRCN.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRCZ.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRDE.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRDK.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRES.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRFI.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRFR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRGR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRHU.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRIT.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRJ.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRKR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRNL.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRNO.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRPL.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRPT.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRRU.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRSE.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRTH.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRTR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSRTW.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMSTMN.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMUI.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMUR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURCN.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURCZ.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURDE.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURDK.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURES.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURFI.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURFR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURGR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURHU.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURIT.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURJ.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURKR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURNL.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURNO.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURPL.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURPT.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURRU.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURSE.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURTH.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURTR.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMURTW.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMVS.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Driver2\CNMW3.DLL c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Inst2\cnmi040c.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Inst2\cnminst2.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Inst2\cnmis.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Inst2\cnmis4.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Inst2\cnmis5.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Inst2\devid.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll ****** Fin du rapport DiagHelp En espérant avoir fait la bonne manip???? Encore Merci Pierre
  8. PAPI84
    * HijackThis v1.99.1 * Written by Merijn - [email protected] http://www.merijn.org/files/hijackthis.zip http://www.merijn.org/index.html Traduction française réalisée . Par:PC-HELP-BORDEAUX http://pchelpbordeaux.free.fr . Retrouvez le tutorial complet sur le site de PC-HELP Poster vos LOG sur le forum d'Assistance Informatique en Live http://belver.free.fr ' '. R - Registry, StartPage/SearchPage changes R0 - Changed registry value R1 - Created registry value R2 - Created registry key R3 - Created extra registry value where only one should be F - IniFiles, autoloading entries F0 - Changed inifile value F1 - Created inifile value F2 - Changed inifile value, mapped to Registry F3 - Created inifile value, mapped to Registry N - Netscape/Mozilla StartPage/SearchPage changes N1 - Change in prefs.js of Netscape 4.x N2 - Change in prefs.js of Netscape 6 N3 - Change in prefs.js of Netscape 7 N4 - Change in prefs.js of Mozilla O - Other, several sections which represent: O1 - Hijack of auto.search.msn.com with Hosts file O2 - Enumeration of existing MSIE BHO's O3 - Enumeration of existing MSIE toolbars O4 - Enumeration of suspicious autoloading Registry entries O5 - Blocking of loading Internet Options in Control Panel O6 - Disabling of 'Internet Options' Main tab with Policies O7 - Disabling of Regedit with Policies O8 - Extra MSIE context menu items O9 - Extra 'Tools' menuitems and buttons O10 - Breaking of Internet access by New.Net or WebHancer O11 - Extra options in MSIE 'Advanced' settings tab O12 - MSIE plugins for file extensions or MIME types O13 - Hijack of default URL prefixes O14 - Changing of IERESET.INF O15 - Trusted Zone Autoadd O16 - Download Program Files item O17 - Domain hijack O18 - Enumeration of existing protocols and filters O19 - User stylesheet hijack O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys O21 - ShellServiceObjectDelayLoad (SSODL) autorun Registry key O22 - SharedTaskScheduler autorun Registry key O23 - Enumeration of NT Services Command-line parameters: * /autolog - Automatically scan the system, save a logfile and open it * /ihatewhitelists - ignore all internal whitelists * /uninstall - remove all HijackThis Registry entries, backups and quit * Version history * [v1.99.1] * Added Winlogon Notify keys to O20 listing * Fixed crashing bug on certain Win2000 and WinXP systems at O23 listing * Fixed lots and lots of 'unexpected error' bugs * Fixed lots of inproper functioning bugs (i.e. stuff that didn't work) * Added 'Delete NT Service' function in Misc Tools section * Added ProtocolDefaults to O15 listing * Fixed MD5 hashing not working * Fixed 'ISTSVC' autorun entries with garbage data not being fixed * Fixed HijackThis uninstall entry not being updated/created on new versions * Added Uninstall Manager in Misc Tools to manage 'Add/Remove Software' list * Added option to scan the system at startup, then show results or quit if nothing found [v1.99] * Added O23 (NT Services) in light of newer trojans * Integrated ADS Spy into Misc Tools section * Added 'Action taken' to info in 'More info on this item' [v1.98] * Definitive support for Japanese/Chinese/Korean systems * Added O20 (AppInit_DLLs) in light of newer trojans * Added O21 (ShellServiceObjectDelayLoad, SSODL) in light of newer trojans * Added O22 (SharedTaskScheduler) in light of newer trojans * Backups of fixed items are now saved in separate folder * HijackThis now checks if it was started from a temp folder * Added a small process manager (Misc Tools section) [v1.96] * Lots of bugfixes and small enhancements! Among others: * Fix for Japanese IE toolbars * Fix for searchwww.com fake CLSID trick in IE toolbars and BHO's * Attributes on Hosts file will now be restored when scanning/fixing/restoring it. * Added several files to the LSP whitelist * Fixed some issues with incorrectly re-encrypting data, making R0/R1 go undetected until a restart * All sites in the Trusted Zone are now shown, with the exception of those on the nonstandard but safe domain list [v1.95] * Added a new regval to check for from Whazit hijack (Start Page_bak). * Excluded IE logo change tweak from toolbar detection (BrandBitmap and SmBrandBitmap). * New in logfile: Running processes at time of scan. * Checkmarks for running StartupList with /full and /complete in HijackThis UI. * New O19 method to check for Datanotary hijack of user stylesheet. * Google.com IP added to whitelist for Hosts file check. [v1.94] * Fixed a bug in the Check for Updates function that could cause corrupt downloads on certain systems. * Fixed a bug in enumeration of toolbars (Lop toolbars are now listed!). * Added imon.dll, drwhook.dll and wspirda.dll to LSP safelist. * Fixed a bug where DPF could not be deleted. * Fixed a stupid bug in enumeration of autostarting shortcuts. * Fixed info on Netscape 6/7 and Mozilla saying '%shitbrowser%' (oops). * Fixed bug where logfile would not auto-open on systems that don't have .log filetype registered. * Added support for backing up F0 and F1 items (d'oh!). [v1.93] * Added mclsp.dll (McAfee), WPS.DLL (Sygate Firewall), zklspr.dll (Zero Knowledge) and mxavlsp.dll (OnTrack) to LSP safelist. * Fixed a bug in LSP routine for Win95. * Made taborder nicer. * Fixed a bug in backup/restore of IE plugins. * Added UltimateSearch hijack in O17 method (I think). * Fixed a bug with detecting/removing BHO's disabled by BHODemon. * Also fixed a bug in StartupList (now version 1.52.1). [v1.92] * Fixed two stupid bugs in backup restore function. * Added DiamondCS file to LSP files safelist. * Added a few more items to the protocol safelist. * Log is now opened immediately after saving. * Removed rd.yahoo.com from NSBSD list (spammers are starting to use this, no doubt spyware authors will follow). * Updated integrated StartupList to v1.52. * In light of SpywareNuker/BPS Spyware Remover, any strings relevant to reverse-engineers are now encrypted. * Rudimentary proxy support for the Check for Updates function. [v1.91] * Added rd.yahoo.com to the Nonstandard But Safe Domains list. * Added 8 new protocols to the protocol check safelist, as well as showing the file that handles the protocol in the log (O18). * Added listing of programs/links in Startup folders (O4). * Fixed 'Check for Update' not detecting new versions. [v1.9] * Added check for Lop.com 'Domain' hijack (O17). * Bugfix in URLSearchHook (R3) fix. * Improved O1 (Hosts file) check. * Rewrote code to delete BHO's, fixing a really nasty bug with orphaned BHO keys. * Added AutoConfigURL and proxyserver checks (R1). * IE Extensions (Button/Tools menuitem) in HKEY_CURRENT_USER are now also detected. * Added check for extra protocols (O18). [v1.81] * Added 'ignore non-standard but safe domains' option. * Improved Winsock LSP hijackers detection. * Integrated StartupList updated to v1.4. [v1.8] * Fixed a few bugs. * Adds detecting of free.aol.com in Trusted Zone. * Adds checking of URLSearchHooks key, which should have only one value. * Adds listing/deleting of Download Program Files. * Integrated StartupList into the new 'Misc Tools' section of the Config screen! [v1.71] * Improves detecting of O6. * Some internal changes/improvements. [v1.7] * Adds backup function! Yay! * Added check for default URL prefix * Added check for changing of IERESET.INF * Added check for changing of Netscape/Mozilla homepage and default search engine. [v1.61] * Fixes Runtime Error when Hosts file is empty. [v1.6] * Added enumerating of MSIE plugins * Added check for extra options in 'Advanced' tab of 'Internet Options'. [v1.5] * Adds 'Uninstall & Exit' and 'Check for update online' functions. * Expands enumeration of autoloading Registry entries (now also scans for .vbs, .js, .dll, rundll32 and service) [v1.4] * Adds repairing of broken Internet access (aka Winsock or LSP fix) by New.Net/WebHancer * A few bugfixes/enhancements [v1.3] * Adds detecting of extra MSIE context menu items * Added detecting of extra 'Tools' menu items and extra buttons * Added 'Confirm deleting/ignoring items' checkbox [v1.2] * Adds 'Ignorelist' and 'Info' functions [v1.1] * Supports BHO's, some default URL changes [v1.0] * Original release A good thing to do after version updates is clear your Ignore list and re-add them, as the format of detected items sometimes changes.
  9. PAPI84
    Voici le scan par combofix.exe "Pierrot" - 2007-06-02 10:00:05 Service Pack 2 ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\Pierrot\Bureau\" ((((((((((((((((((((((((((((((( Files Created from 2007-05-02 to 2007-06-02 )))))))))))))))))))))))))))))))))) 2007-06-01 16:28 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-06-01 13:13 <REP> d-------- C:\Program Files\Lavasoft 2007-06-01 11:44 <REP> d-------- C:\WINDOWS\CSC 2007-05-31 09:36 5,242,880 --a------ C:\Documents and Settings\Pierrot\ntuser.dat 2007-05-31 09:36 5,242,880 --a------ C:\DOCUME~1\Pierrot\ntuser.dat 2007-05-31 09:36 <REP> d-------- C:\DOCUME~1\Pierrot\APPLIC~1\InstallShield Installation Information 2007-05-28 15:11 <REP> dr------- C:\DOCUME~1\LOCALS~1\Favoris 2007-05-28 15:11 <REP> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Google 2007-05-27 08:41 <REP> d-------- C:\Program Files\AxBx 2007-05-10 11:18 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-05-09 15:12 <REP> d-------- C:\Program Files\Spamihilator 2007-05-03 14:51 <REP> d-------- C:\Program Files\Sunbelt Software 2007-05-03 14:16 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-02 07:23:54 -------- d-----w C:\Program Files\Share_Accelerator 2007-06-02 07:23:54 -------- d-----w C:\Program Files\Multi_Media 2007-06-02 07:23:34 -------- d-----w C:\Program Files\Hijackthis Version Française 2007-05-31 12:21:04 -------- d-----w C:\DOCUME~1\Pierrot\APPLIC~1\Lavasoft 2007-05-31 12:19:53 -------- d-----w C:\Program Files\IncrediMail 2007-05-29 10:02:07 -------- d-----w C:\DOCUME~1\Pierrot\APPLIC~1\Canon 2007-05-29 07:49:11 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll 2007-05-28 17:30:49 -------- d-----w C:\Program Files\eMule 2007-05-03 12:51:46 -------- d-----w C:\DOCUME~1\Pierrot\APPLIC~1\Skype 2007-05-01 16:11:21 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE 2007-05-01 16:02:25 -------- d-----w C:\Program Files\Fichiers communs\Agnitum Shared 2007-05-01 16:02:23 -------- d-----w C:\Program Files\Agnitum 2007-05-01 09:32:20 505,483 --sh--w C:\WINDOWS\system32\bbadd.ini2 2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-04-28 15:17:18 520,880 --sh--w C:\WINDOWS\system32\bbadd.bak2 2007-04-27 13:41:22 281,348 ----a-w C:\WINDOWS\system32\drivers\ndis.sys 2007-04-26 08:21:34 72,624 ----a-w C:\WINDOWS\system32\drivers\khips.sys 2007-04-26 08:21:30 302,000 ----a-w C:\WINDOWS\system32\drivers\fwdrv.sys 2007-04-23 07:03:44 82,882 ----a-w C:\WINDOWS\system32\perfc00C.dat 2007-04-23 07:03:44 485,902 ----a-w C:\WINDOWS\system32\perfh00C.dat 2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-03-20 10:44:00 96,400 ----a-w C:\DOCUME~1\Pierrot\APPLIC~1\GDIPFONTCACHEV1.DAT 2007-03-17 13:44:47 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll 2007-03-08 15:37:50 578,560 ----a-w C:\WINDOWS\system32\user32.dll 2007-03-08 15:37:50 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll 2007-03-08 15:37:50 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll 2007-03-08 15:33:58 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {02478D38-C3F9-4EFB-9B51-7695ECA05670}=C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 10:28] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar2.dll [2007-01-20 00:56] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-05-30 11:16] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 15:43] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 18:07 C:\WINDOWS\system32\HdAShCut.exe] "RTHDCPL"="RTHDCPL.EXE" [] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 07:15] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42] "GSICONEXE"="GSICON.EXE" [2007-01-08 11:50 C:\WINDOWS\system32\gsicon.exe] "DSLAGENTEXE"="dslagent.exe" [2007-01-08 11:50 C:\WINDOWS\system32\dslagent.exe] "OmniPage"="C:\Program Files\Caere\OmniPagePro90\opware32.exe" [1998-10-28 13:09] "Cloneur Expert Monitor"="C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" [2007-01-25 16:08] "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2007-01-25 16:08] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-24 23:08] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 10:51] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-05-19 20:38] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 15:00] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-30 11:16] "Spamihilator"="C:\Program Files\Spamihilator\spamihilator.exe" [2007-01-24 15:49] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-05-20 14:50] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* ******************************************************************** catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-02 10:02:01 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ******************************************************************** Completion time: 2007-06-02 10:03:18 C:\ComboFix-quarantined-files.txt ... 2007-06-02 10:03 --- E O F ---
  10. PAPI84
    Bonjour Charles Petite question concernant la manip : Ferme tous les programmes(internet explorer) et clique sue "Fixer les objets" Est ce que je dois déconnecter internet ? Merci Cordialement Pierre PS: je n'ai pas fait la manip hier Car problème de santé et quand je prends mon traitement je dois m'allonger.
  11. PAPI84
    Charles Je vais détailler les opérations au maximum PAPI84, si tu as le moindre problème, n'hésite pas à demander. Ne te laisse pas rebuter par la procédure: c'est très simple en fait, il suffit de prendre ton temps et de faire les choses dans l'ordre, comme indiqué J'aimerai stp que tu expédies un fichier pour analyse > C:\windows\system32\imprbtalljw.dll *Rend toi sur cette page > http://secubox.gateweb.org/mad.php Clique sur le bouton Parcourir > une fenêtre va s'ouvrir te permettant de naviguer dans les répertoires de ton disque dur. Clique sur l'icône du Poste de Travail à gauche > double clique sur le disque C > double clique sur le dossier Windows > System 32 > sélectionne le fichier nommé imprbtalljw.dll > clique sur le bouton Ouvrir. Dans la case dessous (Veuillez indiquer ci-dessous le message destiné à notre équipe:) copie/colle ce message > CITATION dll inconnue dans Winsock > http://forum.zebulon.fr/index.php?showtopic=123130 Clique enfin sur le bouton Envoyer Je viens de faire cette manip . J'ai trouvé C:\windows\system32\imprbtalljw.dll envoyé je pense avoir fais la bonne manips pour envoyer le message Merci A++++ Pierre
  12. PAPI84
    Bonjour à tous Hier j'ai eu deux fois l'ecran bleu.Winxp a rencontré un problème serieux J'ai redémaré deux fois et maintenant cela va. Mais comme je suis un novice en informatique , je ne comprends pas grand chose et je ne sais pas faire les manips pour réparer. 57 balais. Qui peut m'aider suite à la lecture du scan HijackThis ?? Faut il supprimer des choses?? Si possible avec des solutions simples. je poste ici de la part de pear Godlike Member Par avance Merci Cordialement Papi84 Logfile of HijackThis v1.99.1 Scan saved at 13:38:38, on 01/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program Files\Caere\OmniPagePro90\opware32.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe C:\Program Files\Messenger\msmsgs.exe C:\APPS\SMP\SmpSys.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE C:\PROGRA~1\INCRED~1\bin\ImApp.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.fr/news?ned=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll R3 - URLSearchHook: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha0.dll R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0C10445A-6E66-4698-90EB-24D270A51BFC} - (no file) O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - (no file) O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\WINDOWS\system32\qtghpeir.dll O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7F6F9815-58A4-40A9-8191-4138F051807A} - C:\WINDOWS\system32\awvvv.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll O2 - BHO: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha0.dll O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha0.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [sDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe" O4 - HKLM\..\Run: [WindowsUpdate] rundll32.exe "C:\WINDOWS\system32\hnnobvuk.dll",realset O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: reminder-Enregistrement du produit ScanSoft.lnk = C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} (Seagate SeaTools Online French) - file://C:\DRIVERS\snapsys\HDDDiag\bin\npseatools.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1175687746531 O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab O16 - DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} (MCLPhoto_Upload.PhotoUpload) - http://auchan.fujifilmnet.com/MCLPhoto.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{67AC927D-2DC0-48D8-851D-4B54054B8881}: NameServer = 212.151.136.242 212.151.137.166 O20 - Winlogon Notify: awvvv - C:\WINDOWS\system32\awvvv.dll (file missing) O20 - Winlogon Notify: ddabb - C:\WINDOWS\system32\ddabb.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: xxyvwts - xxyvwts.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: NMSAccess - Unknown owner - C:\Program Files\StudioLine Photo Basic\NMSAccess.exe (file missing) O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
  13. PAPI84
    Ok merci pour toutes vos infos je vais poster mon rapport Hijackthis sur Sécurité->Analyse.... Encore merci pour votre travail A+++++++++++ Cordialement Pierre
  14. PAPI84
    Bonjour j'ai décoché tout il n'y avais rien sur la sécurité puis redémarage Voici un nouveau scan Logfile of HijackThis v1.99.1 Scan saved at 10:16:29, on 01/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.fr/news?ned=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll R3 - URLSearchHook: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha0.dll R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0C10445A-6E66-4698-90EB-24D270A51BFC} - (no file) O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - (no file) O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\WINDOWS\system32\qtghpeir.dll O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7F6F9815-58A4-40A9-8191-4138F051807A} - C:\WINDOWS\system32\awvvv.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll O2 - BHO: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha0.dll O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha0.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\imprbtalljw.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} (Seagate SeaTools Online French) - file://C:\DRIVERS\snapsys\HDDDiag\bin\npseatools.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1175687746531 O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab O16 - DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} (MCLPhoto_Upload.PhotoUpload) - http://auchan.fujifilmnet.com/MCLPhoto.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{67AC927D-2DC0-48D8-851D-4B54054B8881}: NameServer = 212.151.137.170 212.151.136.246 O20 - Winlogon Notify: awvvv - C:\WINDOWS\system32\awvvv.dll (file missing) O20 - Winlogon Notify: ddabb - C:\WINDOWS\system32\ddabb.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: xxyvwts - xxyvwts.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: NMSAccess - Unknown owner - C:\Program Files\StudioLine Photo Basic\NMSAccess.exe (file missing) O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
  15. PAPI84
×
×
  • Créer...