Aller au contenu

chris67380

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    69

  • Inscription

  • Dernière visite

Tout ce qui a été posté par chris67380

  1. chris67380
    Voila le rapport AVG : --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 20:45:47 11/04/2007 + Résultat de l'analyse: :mozilla.197:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.28:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise. C:\Documents and Settings\Chris R\Cookies\chris_r@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise. :mozilla.86:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise. C:\Documents and Settings\Chris R\Cookies\chris_r@bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise. :mozilla.113:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise. :mozilla.114:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise. :mozilla.115:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise. C:\Documents and Settings\Chris R\Cookies\chris_r@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Aucune action entreprise. :mozilla.149:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Connextra : Aucune action entreprise. :mozilla.156:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Connextra : Aucune action entreprise. :mozilla.166:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Connextra : Aucune action entreprise. :mozilla.72:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Connextra : Aucune action entreprise. :mozilla.73:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Connextra : Aucune action entreprise. :mozilla.74:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Connextra : Aucune action entreprise. :mozilla.75:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Connextra : Aucune action entreprise. :mozilla.76:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Connextra : Aucune action entreprise. :mozilla.196:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise. :mozilla.199:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise. :mozilla.77:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise. :mozilla.78:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise. :mozilla.79:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise. :mozilla.80:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise. :mozilla.150:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise. :mozilla.151:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise. :mozilla.50:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise. :mozilla.159:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Paypal : Aucune action entreprise. :mozilla.46:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise. :mozilla.47:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise. :mozilla.48:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise. C:\Documents and Settings\Chris R\Cookies\chris_r@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise. :mozilla.208:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Toplist : Aucune action entreprise. :mozilla.174:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise. :mozilla.173:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise. :mozilla.132:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise. C:\Documents and Settings\Chris R\Cookies\chris_r@weborama[2].txt -> TrackingCookie.Weborama : Aucune action entreprise. :mozilla.153:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise. :mozilla.154:C:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise. C:\Documents and Settings\Chris R\Cookies\chris_r@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise. Fin du rapport Par contre maintenant mon ordi rame a fond et mon UC est utilisé a 100% Je n'ai pas pu également supprimé le fichier comme dans le protocole... ! Je continue... @+
  2. chris67380
    Ok je reprendrais la procédure ce soir, mais ce que je veux dire, c'est que je ne vois pas le fichier avant même de lancer AVG AS !! Donc je vais lancer AVG AS en mode sans échec sans avoir supprimé le fichier que je ne toruve nul part dans le dossier system32 même en cochant et décochant les cases comme indiqué dans la procédure ! Je continue la procédure des que je serais rentré ce soir ! Merci et bonne après midi ! Chris
  3. chris67380
    Petit problème : en suivant la procédure, je ne vois pas le fichier hnfbtus.exe ??? Pourtant il apparaît dans le controle des programmes de zonealarm ?? Merci d'avance et bonne nuit !
  4. chris67380
    ok merci pour les réponses ! Je m'occupe de tout ca ce soir ! Bonne journée ! Chris
  5. chris67380
    Merci beaucoup Bruce lee ! Je suis au bureau toute la journée et je ferais la désinfection ce soir en soirée (pas avant 22 - 23h je pense) ! Je te tiendrais au courant à ce moment la ! Juste une question : est-ce bien une infection que j'ai ou alors est-ce quelque chose d'inconnu pour le moment? Quelle analyse as-tu tiré de tous les rapports fournis? En fait c'est uniquement pour ma curiosité perso ! Merci encore et bonne journée ! Chris
  6. chris67380
    Voici le rapport : SmitFraudFix v2.166 Rapport fait à 21:39:19,35, 09/04/2007 Executé à partir de C:\Documents and Settings\Chris R\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Wistron\AVManager\AVManager.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Chris R »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Chris R\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\CHRISR~1\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32 »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Broadcom 440x 10/100 Integrated Controller DNS Server Search Order: 212.27.53.252 DNS Server Search Order: 212.27.54.252 HKLM\SYSTEM\CCS\Services\Tcpip\..\{0A51D73A-7305-4355-A23E-526E721E7C51}: DhcpNameServer=212.27.54.252 213.228.0.95 HKLM\SYSTEM\CCS\Services\Tcpip\..\{38F2AA7E-5EA2-47EC-AC3E-C583DDA8F5C6}: DhcpNameServer=212.27.54.252 213.228.0.94 HKLM\SYSTEM\CCS\Services\Tcpip\..\{922E5E2D-3E55-4FD8-967E-3ACBD904C76F}: DhcpNameServer=212.27.53.252 212.27.54.252 HKLM\SYSTEM\CCS\Services\Tcpip\..\{AD950690-F3C0-4666-96DA-11E0BEAAAA57}: DhcpNameServer=212.27.53.252 212.27.54.252 HKLM\SYSTEM\CS1\Services\Tcpip\..\{0A51D73A-7305-4355-A23E-526E721E7C51}: DhcpNameServer=212.27.54.252 213.228.0.95 HKLM\SYSTEM\CS1\Services\Tcpip\..\{38F2AA7E-5EA2-47EC-AC3E-C583DDA8F5C6}: DhcpNameServer=212.27.54.252 213.228.0.94 HKLM\SYSTEM\CS1\Services\Tcpip\..\{922E5E2D-3E55-4FD8-967E-3ACBD904C76F}: DhcpNameServer=212.27.53.252 212.27.54.252 HKLM\SYSTEM\CS1\Services\Tcpip\..\{AD950690-F3C0-4666-96DA-11E0BEAAAA57}: DhcpNameServer=212.27.53.252 212.27.54.252 HKLM\SYSTEM\CS2\Services\Tcpip\..\{0A51D73A-7305-4355-A23E-526E721E7C51}: DhcpNameServer=212.27.54.252 213.228.0.95 HKLM\SYSTEM\CS2\Services\Tcpip\..\{38F2AA7E-5EA2-47EC-AC3E-C583DDA8F5C6}: DhcpNameServer=212.27.54.252 213.228.0.94 HKLM\SYSTEM\CS2\Services\Tcpip\..\{922E5E2D-3E55-4FD8-967E-3ACBD904C76F}: DhcpNameServer=212.27.53.252 212.27.54.252 HKLM\SYSTEM\CS2\Services\Tcpip\..\{AD950690-F3C0-4666-96DA-11E0BEAAAA57}: DhcpNameServer=212.27.53.252 212.27.54.252 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
  7. chris67380
    Voici le rapport ! : 04/09/07 13:40:49 [info]: BlackLight Engine 1.0.61 initialized 04/09/07 13:40:49 [info]: OS: 5.1 build 2600 (Service Pack 2) 04/09/07 13:40:49 [Note]: 7019 4 04/09/07 13:40:49 [Note]: 7005 0 04/09/07 13:40:52 [Note]: 7006 0 04/09/07 13:40:52 [Note]: 7011 1444 04/09/07 13:40:52 [Note]: 7026 0 04/09/07 13:40:52 [Note]: 7026 0 04/09/07 13:40:55 [Note]: FSRAW library version 1.7.1021 04/09/07 13:45:18 [Note]: 4020 11708 65536 04/09/07 13:45:18 [Note]: 4018 11708 65536 04/09/07 13:45:28 [Note]: 4020 11708 65536 04/09/07 13:45:28 [Note]: 4018 11708 65536 04/09/07 13:45:37 [Note]: 4020 11708 65536 04/09/07 13:45:37 [Note]: 4018 11708 65536 04/09/07 13:45:46 [Note]: 4020 11708 65536 04/09/07 13:45:46 [Note]: 4018 11708 65536 04/09/07 13:45:56 [Note]: 4020 11708 65536 04/09/07 13:45:56 [Note]: 4018 11708 65536 04/09/07 13:46:06 [Note]: 4020 11708 65536 04/09/07 13:46:06 [Note]: 4018 11708 65536 04/09/07 13:46:16 [Note]: 4020 11708 65536 04/09/07 13:46:16 [Note]: 4018 11708 65536 04/09/07 13:46:27 [Note]: 4020 11708 65536 04/09/07 13:46:27 [Note]: 4018 11708 65536 04/09/07 13:46:36 [Note]: 4020 11708 65536 04/09/07 13:46:36 [Note]: 4018 11708 65536 04/09/07 13:46:44 [Note]: 4020 11708 65536 04/09/07 13:46:44 [Note]: 4018 11708 65536 04/09/07 13:46:52 [Note]: 4020 11708 65536 04/09/07 13:46:52 [Note]: 4018 11708 65536 04/09/07 13:47:00 [Note]: 4020 11708 65536 04/09/07 13:47:00 [Note]: 4018 11708 65536 04/09/07 13:47:09 [Note]: 4020 11708 65536 04/09/07 13:47:09 [Note]: 4018 11708 65536 04/09/07 13:47:18 [Note]: 4020 11708 65536 04/09/07 13:47:18 [Note]: 4018 11708 65536 04/09/07 13:47:27 [Note]: 4020 11708 65536 04/09/07 13:47:27 [Note]: 4018 11708 65536 04/09/07 13:47:36 [Note]: 4020 11708 65536 04/09/07 13:47:36 [Note]: 4018 11708 65536 04/09/07 13:47:44 [Note]: 4020 11708 65536 04/09/07 13:47:44 [Note]: 4018 11708 65536 04/09/07 13:47:52 [Note]: 4020 11708 65536 04/09/07 13:47:52 [Note]: 4018 11708 65536 04/09/07 13:48:01 [Note]: 4020 11708 65536 04/09/07 13:48:01 [Note]: 4018 11708 65536 04/09/07 13:48:10 [Note]: 4020 11708 65536 04/09/07 13:48:10 [Note]: 4018 11708 65536 04/09/07 13:48:18 [Note]: 4020 11708 65536 04/09/07 13:48:18 [Note]: 4018 11708 65536 04/09/07 13:48:27 [Note]: 4020 11708 65536 04/09/07 13:48:27 [Note]: 4018 11708 65536 04/09/07 13:48:37 [Note]: 4020 11708 65536 04/09/07 13:48:37 [Note]: 4018 11708 65536 04/09/07 13:48:46 [Note]: 4020 11708 65536 04/09/07 13:48:46 [Note]: 4018 11708 65536 04/09/07 13:48:55 [Note]: 4020 11708 65536 04/09/07 13:48:55 [Note]: 4018 11708 65536 04/09/07 13:49:04 [Note]: 4020 11708 65536 04/09/07 13:49:04 [Note]: 4018 11708 65536 04/09/07 13:49:13 [Note]: 4020 11708 65536 04/09/07 13:49:13 [Note]: 4018 11708 65536 04/09/07 13:49:22 [Note]: 4020 11708 65536 04/09/07 13:49:22 [Note]: 4018 11708 65536 04/09/07 13:49:31 [Note]: 4020 11708 65536 04/09/07 13:49:31 [Note]: 4018 11708 65536 04/09/07 13:49:41 [Note]: 4020 11708 65536 04/09/07 13:49:41 [Note]: 4018 11708 65536 04/09/07 13:49:50 [Note]: 4020 11708 65536 04/09/07 13:49:50 [Note]: 4018 11708 65536 04/09/07 13:49:59 [Note]: 4020 11708 65536 04/09/07 13:49:59 [Note]: 4018 11708 65536 04/09/07 13:50:09 [Note]: 4020 11708 65536 04/09/07 13:50:09 [Note]: 4018 11708 65536 04/09/07 13:50:18 [Note]: 4020 11708 65536 04/09/07 13:50:18 [Note]: 4018 11708 65536 04/09/07 13:50:26 [Note]: 4020 11708 65536 04/09/07 13:50:26 [Note]: 4018 11708 65536 04/09/07 13:50:37 [Note]: 4020 11708 65536 04/09/07 13:50:37 [Note]: 4018 11708 65536 04/09/07 13:50:46 [Note]: 4020 11708 65536 04/09/07 13:50:46 [Note]: 4018 11708 65536 04/09/07 13:50:55 [Note]: 4020 11708 65536 04/09/07 13:50:55 [Note]: 4018 11708 65536 04/09/07 13:51:03 [Note]: 4020 11708 65536 04/09/07 13:51:03 [Note]: 4018 11708 65536 04/09/07 13:51:12 [Note]: 4020 11708 65536 04/09/07 13:51:12 [Note]: 4018 11708 65536 04/09/07 13:51:21 [Note]: 4020 11708 65536 04/09/07 13:51:21 [Note]: 4018 11708 65536 04/09/07 13:51:31 [Note]: 4020 11708 65536 04/09/07 13:51:31 [Note]: 4018 11708 65536 04/09/07 13:51:40 [Note]: 4020 11708 65536 04/09/07 13:51:40 [Note]: 4018 11708 65536 04/09/07 13:51:49 [Note]: 4020 11708 65536 04/09/07 13:51:49 [Note]: 4018 11708 65536 04/09/07 13:51:58 [Note]: 4020 11708 65536 04/09/07 13:51:58 [Note]: 4018 11708 65536 04/09/07 13:52:07 [Note]: 4020 11708 65536 04/09/07 13:52:07 [Note]: 4018 11708 65536 04/09/07 13:52:17 [Note]: 4020 11708 65536 04/09/07 13:52:17 [Note]: 4018 11708 65536 04/09/07 13:52:26 [Note]: 4020 11708 65536 04/09/07 13:52:26 [Note]: 4018 11708 65536 04/09/07 13:52:35 [Note]: 4020 11708 65536 04/09/07 13:52:35 [Note]: 4018 11708 65536 04/09/07 13:52:43 [Note]: 4020 11708 65536 04/09/07 13:52:43 [Note]: 4018 11708 65536 04/09/07 13:52:53 [Note]: 4020 11708 65536 04/09/07 13:52:53 [Note]: 4018 11708 65536 04/09/07 13:53:03 [Note]: 4020 11708 65536 04/09/07 13:53:03 [Note]: 4018 11708 65536 04/09/07 13:53:12 [Note]: 4020 11708 65536 04/09/07 13:53:12 [Note]: 4018 11708 65536 04/09/07 13:53:21 [Note]: 4020 11708 65536 04/09/07 13:53:21 [Note]: 4018 11708 65536 04/09/07 13:53:30 [Note]: 4020 11708 65536 04/09/07 13:53:30 [Note]: 4018 11708 65536 04/09/07 13:53:39 [Note]: 4020 11708 65536 04/09/07 13:53:39 [Note]: 4018 11708 65536 04/09/07 13:53:49 [Note]: 4020 11708 65536 04/09/07 13:53:49 [Note]: 4018 11708 65536 04/09/07 13:53:59 [Note]: 4020 11708 65536 04/09/07 13:53:59 [Note]: 4018 11708 65536 04/09/07 13:54:08 [Note]: 4020 11708 65536 04/09/07 13:54:08 [Note]: 4018 11708 65536 04/09/07 13:54:17 [Note]: 4020 11708 65536 04/09/07 13:54:17 [Note]: 4018 11708 65536 04/09/07 13:54:29 [Note]: 4020 11708 65536 04/09/07 13:54:29 [Note]: 4018 11708 65536 04/09/07 13:54:38 [Note]: 4020 11708 65536 04/09/07 13:54:38 [Note]: 4018 11708 65536 04/09/07 13:54:47 [Note]: 4020 11708 65536 04/09/07 13:54:47 [Note]: 4018 11708 65536 04/09/07 13:54:56 [Note]: 4020 11708 65536 04/09/07 13:54:56 [Note]: 4018 11708 65536 04/09/07 13:55:08 [Note]: 4020 11708 65536 04/09/07 13:55:08 [Note]: 4018 11708 65536 04/09/07 13:55:18 [Note]: 4020 11708 65536 04/09/07 13:55:18 [Note]: 4018 11708 65536 04/09/07 13:55:28 [Note]: 4020 11708 65536 04/09/07 13:55:28 [Note]: 4018 11708 65536 04/09/07 13:55:38 [Note]: 4020 11708 65536 04/09/07 13:55:38 [Note]: 4018 11708 65536 04/09/07 13:55:48 [Note]: 4020 11708 65536 04/09/07 13:55:48 [Note]: 4018 11708 65536 04/09/07 13:55:58 [Note]: 4020 11708 65536 04/09/07 13:55:58 [Note]: 4018 11708 65536 04/09/07 13:56:10 [Note]: 4020 11708 65536 04/09/07 13:56:10 [Note]: 4018 11708 65536 04/09/07 13:56:20 [Note]: 4020 11708 65536 04/09/07 13:56:20 [Note]: 4018 11708 65536 04/09/07 13:56:30 [Note]: 4020 11708 65536 04/09/07 13:56:30 [Note]: 4018 11708 65536 04/09/07 13:56:39 [Note]: 4020 11708 65536 04/09/07 13:56:39 [Note]: 4018 11708 65536 04/09/07 13:56:48 [Note]: 4020 11708 65536 04/09/07 13:56:48 [Note]: 4018 11708 65536 04/09/07 13:56:58 [Note]: 4020 11708 65536 04/09/07 13:56:58 [Note]: 4018 11708 65536 04/09/07 13:57:08 [Note]: 4020 11708 65536 04/09/07 13:57:08 [Note]: 4018 11708 65536 04/09/07 13:57:17 [Note]: 4020 11708 65536 04/09/07 13:57:17 [Note]: 4018 11708 65536 04/09/07 13:57:27 [Note]: 4020 11708 65536 04/09/07 13:57:27 [Note]: 4018 11708 65536 04/09/07 13:57:35 [Note]: 4020 11708 65536 04/09/07 13:57:35 [Note]: 4018 11708 65536 04/09/07 13:57:46 [Note]: 4020 11708 65536 04/09/07 13:57:46 [Note]: 4018 11708 65536 04/09/07 13:57:55 [Note]: 4020 11708 65536 04/09/07 13:57:55 [Note]: 4018 11708 65536 04/09/07 13:58:04 [Note]: 4020 11708 65536 04/09/07 13:58:04 [Note]: 4018 11708 65536 04/09/07 13:58:13 [Note]: 4020 11708 65536 04/09/07 13:58:13 [Note]: 4018 11708 65536 04/09/07 13:58:22 [Note]: 4020 11708 65536 04/09/07 13:58:22 [Note]: 4018 11708 65536 04/09/07 13:58:32 [Note]: 4020 11708 65536 04/09/07 13:58:32 [Note]: 4018 11708 65536 04/09/07 13:58:42 [Note]: 4020 11708 65536 04/09/07 13:58:42 [Note]: 4018 11708 65536 04/09/07 13:58:53 [Note]: 4020 11708 65536 04/09/07 13:58:53 [Note]: 4018 11708 65536 04/09/07 13:59:03 [Note]: 4020 11708 65536 04/09/07 13:59:03 [Note]: 4018 11708 65536 04/09/07 13:59:12 [Note]: 4020 11708 65536 04/09/07 13:59:12 [Note]: 4018 11708 65536 04/09/07 13:59:21 [Note]: 4020 11708 65536 04/09/07 13:59:21 [Note]: 4018 11708 65536 04/09/07 13:59:29 [Note]: 4020 11726 65536 04/09/07 13:59:29 [Note]: 4018 11726 65536 04/09/07 13:59:36 [Note]: 4020 11708 65536 04/09/07 13:59:36 [Note]: 4018 11708 65536 04/09/07 13:59:45 [Note]: 4020 11708 65536 04/09/07 13:59:45 [Note]: 4018 11708 65536 04/09/07 13:59:53 [Note]: 4020 11708 65536 04/09/07 13:59:53 [Note]: 4018 11708 65536 04/09/07 14:00:01 [Note]: 4020 11708 65536 04/09/07 14:00:01 [Note]: 4018 11708 65536 04/09/07 14:00:09 [Note]: 4020 11708 65536 04/09/07 14:00:09 [Note]: 4018 11708 65536 04/09/07 14:00:19 [Note]: 4020 11708 65536 04/09/07 14:00:19 [Note]: 4018 11708 65536 04/09/07 14:00:29 [Note]: 4020 11708 65536 04/09/07 14:00:29 [Note]: 4018 11708 65536 04/09/07 14:00:40 [Note]: 4020 11708 65536 04/09/07 14:00:40 [Note]: 4018 11708 65536 04/09/07 14:00:50 [Note]: 4020 11708 65536 04/09/07 14:00:50 [Note]: 4018 11708 65536 04/09/07 14:00:59 [Note]: 4020 11708 65536 04/09/07 14:00:59 [Note]: 4018 11708 65536 04/09/07 14:01:13 [Note]: 4020 11708 65536 04/09/07 14:01:13 [Note]: 4018 11708 65536 04/09/07 14:01:26 [Note]: 4020 11708 65536 04/09/07 14:01:26 [Note]: 4018 11708 65536 04/09/07 14:01:38 [Note]: 4020 11708 65536 04/09/07 14:01:38 [Note]: 4018 11708 65536 04/09/07 14:01:48 [Note]: 4020 11708 65536 04/09/07 14:01:48 [Note]: 4018 11708 65536 04/09/07 14:02:04 [Note]: 4020 11708 65536 04/09/07 14:02:04 [Note]: 4018 11708 65536 04/09/07 14:02:20 [Note]: 4020 11708 65536 04/09/07 14:02:20 [Note]: 4018 11708 65536 04/09/07 14:02:34 [Note]: 4020 11708 65536 04/09/07 14:02:34 [Note]: 4018 11708 65536 04/09/07 14:02:48 [Note]: 4020 11708 65536 04/09/07 14:02:48 [Note]: 4018 11708 65536 04/09/07 14:03:03 [Note]: 4020 11708 65536 04/09/07 14:03:03 [Note]: 4018 11708 65536 04/09/07 14:03:21 [Note]: 4020 11708 65536 04/09/07 14:03:21 [Note]: 4018 11708 65536 04/09/07 14:03:38 [Note]: 4020 11708 65536 04/09/07 14:03:38 [Note]: 4018 11708 65536 04/09/07 14:03:55 [Note]: 4020 11708 65536 04/09/07 14:03:55 [Note]: 4018 11708 65536 04/09/07 14:04:11 [Note]: 4020 11708 65536 04/09/07 14:04:11 [Note]: 4018 11708 65536 04/09/07 14:04:28 [Note]: 4020 11708 65536 04/09/07 14:04:28 [Note]: 4018 11708 65536 04/09/07 14:04:44 [Note]: 4020 11708 65536 04/09/07 14:04:44 [Note]: 4018 11708 65536 04/09/07 14:05:00 [Note]: 4020 11708 65536 04/09/07 14:05:00 [Note]: 4018 11708 65536 04/09/07 14:05:12 [Note]: 4020 11708 65536 04/09/07 14:05:12 [Note]: 4018 11708 65536 04/09/07 14:05:22 [Note]: 4020 11708 65536 04/09/07 14:05:22 [Note]: 4018 11708 65536 04/09/07 14:05:40 [Note]: 4020 11708 65536 04/09/07 14:05:40 [Note]: 4018 11708 65536 04/09/07 14:05:49 [Note]: 4020 11708 65536 04/09/07 14:05:49 [Note]: 4018 11708 65536 04/09/07 14:06:02 [Note]: 4020 11708 65536 04/09/07 14:06:02 [Note]: 4018 11708 65536 04/09/07 14:06:14 [Note]: 4020 11708 65536 04/09/07 14:06:14 [Note]: 4018 11708 65536 04/09/07 14:06:25 [Note]: 4020 11708 65536 04/09/07 14:06:25 [Note]: 4018 11708 65536 04/09/07 14:06:41 [Note]: 4020 11708 65536 04/09/07 14:06:41 [Note]: 4018 11708 65536 04/09/07 14:06:57 [Note]: 4020 11708 65536 04/09/07 14:06:57 [Note]: 4018 11708 65536 04/09/07 14:07:13 [Note]: 4020 11708 65536 04/09/07 14:07:13 [Note]: 4018 11708 65536 04/09/07 14:07:29 [Note]: 4020 11708 65536 04/09/07 14:07:29 [Note]: 4018 11708 65536 04/09/07 14:07:46 [Note]: 4020 11708 65536 04/09/07 14:07:46 [Note]: 4018 11708 65536 04/09/07 14:08:03 [Note]: 4020 11708 65536 04/09/07 14:08:03 [Note]: 4018 11708 65536 04/09/07 14:08:11 [Note]: 4020 11708 65536 04/09/07 14:08:11 [Note]: 4018 11708 65536 04/09/07 14:08:19 [Note]: 4020 11708 65536 04/09/07 14:08:19 [Note]: 4018 11708 65536 04/09/07 14:09:23 [Note]: 7007 0
  8. chris67380
    Sur zonealarm, ce fichier se situe sur c:\WINDOWS\system32\hnfbtus.exe mais je ne le vois pas physiquement dans ce dossier... merci
  9. chris67380
    voici la totalité du rapport (scan ultra rapide...) "Silent Runners.vbs", revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "NBJ" = ""C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"" ["Ahead Software AG"] "ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS] "WMPNSCFG" = "C:\Program Files\Windows Media Player\WMPNSCFG.exe" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "BluetoothAuthenticationAgent" = "rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" [MS] "ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."] "SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."] "LaunchAp" = "C:\Program Files\Launch Manager\LaunchAp.exe" [empty string] "HotkeyApp" = "C:\Program Files\Launch Manager\HotkeyApp.exe" ["Wistron"] "LMgrOSD" = "C:\Program Files\Launch Manager\OSD.exe" ["Wistron"] "Wbutton" = ""C:\Program Files\Launch Manager\Wbutton.exe"" [empty string] "CtrlVol" = "C:\Program Files\Launch Manager\CtrlVol.exe" ["Wistron"] "SynTPLpr" = "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" ["Synaptics, Inc."] "SynTPEnh" = "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" ["Synaptics, Inc."] "AGRSMMSG" = "AGRSMMSG.exe" ["Agere Systems"] "AVManager" = ""C:\Program Files\Wistron\AVManager\AVManager.exe"" ["Wistron Corporation"] "AOLSAV" = "C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe" ["TechCity Solutions France"] "SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"" ["Sun Microsystems, Inc."] "RemoteControl" = ""C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe"" ["Cyberlink Corp."] "PCMService" = ""C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"" ["CyberLink Corp."] "NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"] "QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."] "mmtask" = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" ["Musicmatch Inc."] "avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [null data] "TkBellExe" = ""C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."] "iTunesHelper" = ""C:\Program Files\iTunes\iTunesHelper.exe"" ["Apple Inc."] "ZoneAlarm Client" = ""C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"" ["Zone Labs, LLC"] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll" ["Sun Microsystems, Inc."] {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM...CLSID} = "Google Toolbar Helper" \InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."] {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\(Default) = (no title provided) -> {HKLM...CLSID} = "Windows Live Toolbar Helper" \InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration" -> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."] "{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll" ["Synaptics, Inc."] "{6af09ec9-b429-11d4-a1fb-0090960218cb}" = "My Bluetooth Places" -> {HKLM...CLSID} = "Favoris Bluetooth" \InProcServer32\(Default) = "C:\WINDOWS\system32\btneighborhood.dll" ["Broadcom Corporation."] "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player" -> {HKLM...CLSID} = "RealOne Player Context Menu Class" \InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS] "{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "Périphériques Plug and Play universels" -> {HKLM...CLSID} = "Périphériques Plug and Play universels" \InProcServer32\(Default) = "C:\WINDOWS\system32\upnpui.dll" [MS] "{472083B0-C522-11CF-8763-00608CC02F24}" = "avast" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] "{A155339D-CCCD-4714-85EB-3754B804C9DF}" = "a-squared Free Context Menu Shell Extension" -> {HKLM...CLSID} = "a-squared Free Context Menu" \InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2FREE~1.DLL" ["Emsi Software GmbH"] "{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders" -> {HKLM...CLSID} = "Mes dossiers de partage" \InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll" [MS] "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes" -> {HKLM...CLSID} = "iTunes" \InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Inc."] "{D9872D13-7651-4471-9EEE-F0A00218BEBB}" = "Multiscan" -> {HKLM...CLSID} = "ZLAVShExt Class" \InProcServer32\(Default) = "C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"] HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ "WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" -> {HKLM...CLSID} = "WPDShServiceObj Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ <<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."] HKLM\Software\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] ZLAVShExt\(Default) = "{D9872D13-7651-4471-9EEE-F0A00218BEBB}" -> {HKLM...CLSID} = "ZLAVShExt Class" \InProcServer32\(Default) = "C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ a2FreeContMenu\(Default) = "{A155339D-CCCD-4714-85EB-3754B804C9DF}" -> {HKLM...CLSID} = "a-squared Free Context Menu" \InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2FREE~1.DLL" ["Emsi Software GmbH"] avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] ZLAVShExt\(Default) = "{D9872D13-7651-4471-9EEE-F0A00218BEBB}" -> {HKLM...CLSID} = "ZLAVShExt Class" \InProcServer32\(Default) = "C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"] HKLM\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ a2FreeContMenu\(Default) = "{A155339D-CCCD-4714-85EB-3754B804C9DF}" -> {HKLM...CLSID} = "a-squared Free Context Menu" \InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2FREE~1.DLL" ["Emsi Software GmbH"] Group Policies {policy setting}: -------------------------------- Note: detected settings may not have any effect. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ "Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Documents and Settings\Chris R\Local Settings\Application Data\Microsoft\Wallpaper1.bmp" Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ "SCRNSAVE.EXE" = "C:\WINDOWS\system32\ssmypics.scr" [MS] Startup items in "Chris R" & "All Users" startup folders: --------------------------------------------------------- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage "Adobe Gamma Loader.exe" -> shortcut to: "C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."] "BTTray" -> shortcut to: "C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe" ["Broadcom Corporation."] "Lancement rapide d'Adobe Reader" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"] Enabled Scheduled Tasks: ------------------------ "AppleSoftwareUpdate" -> launches: "C:\Program Files\Apple Software Update\SoftwareUpdate.exe -Task" ["Apple Computer, Inc."] "Vérifier les mises à jour de Windows Live Toolbar" -> launches: "C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE" [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000004\LibraryPath = "%SystemRoot%\system32\wshbth.dll" [MS] 000000000005\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 05, 08 - 44 %SystemRoot%\system32\rsvpsp.dll [MS], 06 - 07 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" -> {HKLM...CLSID} = "&Google" \InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."] "{4982D40A-C53B-4615-B15B-B5B5E98D167C}" -> {HKLM...CLSID} = "AOL Toolbar" \InProcServer32\(Default) = "C:\Program Files\AOL Toolbar\toolbar.dll" ["IE Toolbar"] "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" -> {HKLM...CLSID} = "Windows Live Toolbar" \InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ "{4982D40A-C53B-4615-B15B-B5B5E98D167C}" = (no title provided) -> {HKLM...CLSID} = "AOL Toolbar" \InProcServer32\(Default) = "C:\Program Files\AOL Toolbar\toolbar.dll" ["IE Toolbar"] "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided) -> {HKLM...CLSID} = "&Google" \InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."] "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" = (no title provided) -> {HKLM...CLSID} = "Windows Live Toolbar" \InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS] Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Rechercher" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL" [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ "MenuText" = "Console Java (Sun)" "CLSIDExtension" = "{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}" -> {HKCU...CLSID} = "Java Plug-in 1.5.0_11" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll" ["Sun Microsystems, Inc."] -> {HKLM...CLSID} = "Java Plug-in 1.5.0_11" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll" ["Sun Microsystems, Inc."] {4982D40A-C53B-4615-B15B-B5B5E98D167C}\ "ButtonText" = "AOL Toolbar" "MenuText" = "AOL Toolbar" {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ "ButtonText" = "Recherche" {B205A35E-1FC4-4CE3-818B-899DBBB3388C}\ {CCA281CA-C863-46EF-9331-5C8D4460577F}\ "ButtonText" = "@btrez.dll,-4015" "MenuText" = "@btrez.dll,-4017" "Script" = "C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm" [null data] {E2E2DD38-D088-4134-82B7-F2BA38496583}\ "MenuText" = "@xpsp3res.dll,-20001" "Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS] {FB5F1910-F110-11D2-BB9E-00C04F795683}\ "ButtonText" = "Messenger" "MenuText" = "Windows Messenger" "Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ AOL Connectivity Service, AOL ACS, "C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe" ["America Online, Inc."] Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."] avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast4\ashServ.exe"" [null data] avast! iAVS4 Control Service, aswUpdSv, ""C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" [null data] avast! Mail Scanner, avast! Mail Scanner, ""C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service" ["ALWIL Software"] avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"] Bluetooth Service, btwdins, "C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe" ["Broadcom Corporation."] Bluetooth Support Service, BthServ, "C:\WINDOWS\system32\svchost.exe -k bthsvcs" {"C:\WINDOWS\System32\bthserv.dll" [MS]} CyberLink Background Capture Service (CBCS), CLCapSvc, ""C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe"" [empty string] CyberLink Media Library Service, CyberLink Media Library Service, ""C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe"" ["Cyberlink"] CyberLink Task Scheduler (CTS), CLSched, ""C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe"" [empty string] Machine Debug Manager, MDM, ""C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe"" [MS] Service de l'iPod, iPod Service, ""C:\Program Files\iPod\bin\iPodService.exe"" ["Apple Inc."] Service Partage réseau du Lecteur Windows Media, WMPNetworkSvc, ""C:\Program Files\Windows Media Player\WMPNetwk.exe"" [MS] TrueVector Internet Monitor, vsmon, "C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service" ["Zone Labs, LLC"] X10 Device Network Service, x10nets, "C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe" ["X10"] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS] Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS] PDFCreator\Driver = "pdfcmnnt.dll" [null data] Port imprimante Bluetooth\Driver = "bthcrp.dll" ["Broadcom Corporation."] ---------- <<!>>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer "No" at the first message box and "Yes" at the second message box. ---------- (total run time: 44 seconds, including 18 seconds for message boxes)
  10. chris67380
    Merci Bruce lee ! Voici le rapport demandé : Search Navipromo version 1.1.3 commencé le 09/04/2007 à 11:40:34,95 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis C:\Documents and Settings\Chris R\Bureau Mise a jour le 31.03.2007 a 08h00 by IL-MAFIOSO Executé en mode normal *** Recherche Programmes installes *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\Chris R\Application Data *** *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR ====================================== Copyright 2005-2006 F-Secure Corporation. All rights reserved. This is a beta version. It will expire on 1st of April, 2007. Version information: 2.2.1061. [+] Started on 04/09/07 at 11:40:36. [+] Initializing ... [+] Starting scan, press Ctrl-C to abort. [+] Scanning for hidden items ............................................................................................................................................................................................................................. [+] Scan complete. [+] Summary: 0 hidden item(s) found, 0 scheduled for renaming. [+] Exited on 04/09/07 at 12:07:35 (return code = 0). *** Recherche fichiers *** *** Recherche cles registre *** Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] Recherche Clé Magic Control *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : * ** *** **** ***** ****** ******* ******** *** Analyse Terminé le 09/04/2007 à 12:07:53,51 *** Bon lundi de Pâques !
  11. chris67380
    J'ai détecté un fichier douteux nommé hnfbtus.exe sur zonealarm et je n'ai rien trouvé sur google ! Ca ressemble a ce que j'ai déjà eu malheureusement et je joins a ce post un rapport HijackThis ! D'avance merci si une nouvelle fois vous pouvez m'aider.. Chris. Logfile of HijackThis v1.99.1 Scan saved at 00:34:33, on 09/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Wistron\AVManager\AVManager.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\HijackThis\scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AVManager] "C:\Program Files\Wistron\AVManager\AVManager.exe" O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1106233521554 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37880.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
  12. chris67380
    OK merci beacuoup, je vais signaler mon infection sur le forum ! Merci en tout cas, vous m'avez enlevé une belle épine du pied ! Bonne nuit ! Chris
  13. chris67380
    J'ai fait DiagHelp mais un message s'affiche en disant "le système ne peut trouver le fichier tmp3.txt" puis le rapport resultat.txt s'affiche ! En voici le contenu : C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 18:26:08 C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 18:25:24 C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 00:56:13 C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 00:56:00 C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 00:51:58 C:\WINDOWS\System32/drivers\wpdusb.sys -->18/10/2006 20:00:00 C:\WINDOWS\System32/drivers\WudfRd.sys -->28/09/2006 19:00:34 C:\WINDOWS\WindowsUpdate.log -->08/03/2007 22:49:52 C:\WINDOWS\ModemLog_Creatix 2.0 AC'97 Modem.txt -->08/03/2007 22:47:02 C:\WINDOWS\wiadebug.log -->08/03/2007 22:47:00 C:\WINDOWS\wiaservc.log -->08/03/2007 22:46:57 C:\WINDOWS.log -->08/03/2007 22:46:29 C:\WINDOWS\bootstat.dat -->08/03/2007 22:46:26 C:\WINDOWS\SchedLgU.Txt -->08/03/2007 02:17:47 C:\WINDOWS\setupapi.log -->08/03/2007 02:01:37 C:\WINDOWS\NeroDigital.ini -->06/03/2007 21:36:31 C:\WINDOWS\QTFont.qfn -->03/03/2007 23:27:01 C:\WINDOWS\QTFont.for -->02/03/2007 15:07:45 C:\WINDOWS\win.ini -->25/02/2007 14:55:20 C:\WINDOWS\system.ini -->25/02/2007 14:55:20 C:\WINDOWS\WMSysPr9.prx -->06/01/2007 23:55:23 C:\WINDOWS\UD.SCR -->07/12/2006 23:43:38 C:\WINDOWS\agrsmdel.exe |12/01/2005 14:11:50 C:\WINDOWS\AGRSMMSG.exe |12/01/2005 14:11:50 C:\WINDOWS\alcrmv.exe |20/01/2005 15:21:32 C:\WINDOWS\alcupd.exe |20/01/2005 15:21:32 C:\WINDOWS\IsUn040c.exe |19/01/2005 21:57:02 C:\WINDOWS\ISUN16.EXE |10/03/2006 10:03:01 C:\WINDOWS\IsUninst.exe |14/06/2006 20:58:05 C:\WINDOWS\SOUNDMAN.EXE |20/01/2005 15:21:35 C:\WINDOWS\twunk_16.exe |20/01/2005 05:26:05 C:\WINDOWS\twunk_32.exe |20/01/2005 05:26:05 C:\WINDOWS\UN160407.EXE |27/03/2005 20:05:21 C:\WINDOWS\unin0407.exe |27/03/2005 20:07:31 C:\WINDOWS\unin040c.exe |08/09/2005 18:58:00 C:\WINDOWS\UninstallFirefox.exe |15/11/2005 01:45:03 C:\WINDOWS\UNNeroVision.exe |20/01/2005 18:42:49 C:\WINDOWS\unvise32qt.exe |21/01/2005 08:00:59 C:\WINDOWS\Unwise.exe |20/01/2005 16:01:15 C:\WINDOWS\ade.dll |08/09/2005 18:59:24 C:\WINDOWS\SlantAdj.dll |08/09/2005 18:59:24 C:\WINDOWS\twain.dll |20/01/2005 05:26:05 C:\WINDOWS\twain_32.dll |20/01/2005 05:26:05 C:\WINDOWS\system32\append.exe |20/01/2005 05:25:41 C:\WINDOWS\system32\aswBoot.exe |22/02/2006 09:00:45 C:\WINDOWS\system32\ati2evxx.exe |12/01/2005 14:11:33 C:\WINDOWS\system32\Ati2mdxx.exe |12/01/2005 14:11:33 C:\WINDOWS\system32\ChCfg.exe |20/01/2005 15:21:35 C:\WINDOWS\system32\debug.exe |20/01/2005 05:25:43 C:\WINDOWS\system32\dosx.exe |20/01/2005 05:25:44 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 18:47:34 C:\WINDOWS\system32\edlin.exe |20/01/2005 05:25:49 C:\WINDOWS\system32\exe2bin.exe |20/01/2005 05:25:49 C:\WINDOWS\system32\fastopen.exe |20/01/2005 05:25:49 C:\WINDOWS\system32\HPZinw12.exe |14/06/2006 20:58:06 C:\WINDOWS\system32\HPZipm12.exe |14/06/2006 20:58:06 C:\WINDOWS\system32\java.exe |07/12/2005 20:31:46 C:\WINDOWS\system32\javaw.exe |07/12/2005 20:31:46 C:\WINDOWS\system32\javaws.exe |07/12/2005 20:31:46 C:\WINDOWS\system32\mem.exe |20/01/2005 05:25:53 C:\WINDOWS\system32\mscdexnt.exe |20/01/2005 05:25:53 C:\WINDOWS\system32\NeroCheck.exe |20/01/2005 18:39:43 C:\WINDOWS\system32\nlsfunc.exe |20/01/2005 05:25:55 C:\WINDOWS\system32\redir.exe |20/01/2005 05:26:00 C:\WINDOWS\system32\RTLCPL.EXE |20/01/2005 15:21:33 C:\WINDOWS\system32\setver.exe |20/01/2005 05:26:00 C:\WINDOWS\system32\share.exe |20/01/2005 05:26:00 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\34CoInstaller.dll |12/01/2005 14:11:48 C:\WINDOWS\system32\amstream.dll |20/01/2005 05:25:41 C:\WINDOWS\system32\AOLDial.dll |21/01/2005 08:00:10 C:\WINDOWS\system32\ati2cqag.dll |12/01/2005 14:11:32 C:\WINDOWS\system32\ati2dvag.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\ati2edxx.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\ati2evxx.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\ati3duag.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\ATIDDC.DLL |12/01/2005 14:11:33 C:\WINDOWS\system32\ATIDEMGR.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\atiiiexx.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\atioglxx.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\atipdlxx.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\atitvo32.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\ativcoxx.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\ativvaxx.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\atmfd.dll |20/01/2005 05:25:41 C:\WINDOWS\system32\atmlib.dll |20/01/2005 05:25:41 C:\WINDOWS\system32\bt2k_ins.dll |29/11/2004 19:32:56 C:\WINDOWS\system32\BtAudioHelper.dll |29/11/2004 19:38:04 C:\WINDOWS\system32\btbigbmp.dll |29/11/2004 19:37:46 C:\WINDOWS\system32\btbip.dll |29/11/2004 19:56:42 C:\WINDOWS\system32\btcss.dll |29/11/2004 19:50:26 C:\WINDOWS\system32\btdev.dll |29/11/2004 19:33:06 C:\WINDOWS\system32\bthcrp.dll |29/11/2004 19:42:36 C:\WINDOWS\system32\bthcrpui.dll |29/11/2004 19:43:24 C:\WINDOWS\system32\btins.dll |29/11/2004 19:32:46 C:\WINDOWS\system32\BTNCopy.dll |29/11/2004 19:31:26 C:\WINDOWS\system32\BTNeighborhood.dll |29/11/2004 19:52:38 C:\WINDOWS\system32\btosif.dll |29/11/2004 19:41:58 C:\WINDOWS\system32\btosif_notes.dll |29/11/2004 19:42:40 C:\WINDOWS\system32\btosif_ol.dll |29/11/2004 19:42:56 C:\WINDOWS\system32\btosif_olx.dll |29/11/2004 19:45:16 C:\WINDOWS\system32\btprn2k.dll |29/11/2004 19:44:04 C:\WINDOWS\system32\btrez.dll |29/11/2004 19:33:48 C:\WINDOWS\system32\btrezxp.dll |29/11/2004 19:31:24 C:\WINDOWS\system32\btsec.dll |29/11/2004 19:50:32 C:\WINDOWS\system32\btsendto.dll |29/11/2004 19:45:06 C:\WINDOWS\system32\btsendto_ie.dll |29/11/2004 19:49:20 C:\WINDOWS\system32\btsendto_notes.dll |29/11/2004 19:45:50 C:\WINDOWS\system32\btsendto_office.dll |29/11/2004 19:48:02 C:\WINDOWS\system32\btsendto_wab.dll |29/11/2004 19:48:14 C:\WINDOWS\system32\btwhidcs.dll |29/11/2004 19:54:38 C:\WINDOWS\system32\BtWiaExt.dll |29/11/2004 19:58:34 C:\WINDOWS\system32\BtWizard.dll |29/11/2004 19:53:28 C:\WINDOWS\system32\btwpimif.dll |29/11/2004 19:43:08 C:\WINDOWS\system32\btw_ci.dll |29/11/2004 19:46:00 C:\WINDOWS\system32\BTXPPanel.dll |29/11/2004 19:37:54 C:\WINDOWS\system32\BtXpShell.dll |29/11/2004 19:37:58 C:\WINDOWS\system32\CmdLineExt03.dll |12/03/2005 16:46:57 C:\WINDOWS\system32\compatUI.dll |20/01/2005 05:25:41 C:\WINDOWS\system32\CSH.DLL |17/09/2004 12:55:20 C:\WINDOWS\system32\dgrpsetu.dll |19/01/2005 22:32:48 C:\WINDOWS\system32\dgsetup.dll |19/01/2005 22:32:48 C:\WINDOWS\system32\DivX.dll |01/10/2004 19:23:08 C:\WINDOWS\system32\divxdec_0407.dll |28/09/2004 22:53:54 C:\WINDOWS\system32\divxdec_040c.dll |28/09/2004 22:53:54 C:\WINDOWS\system32\divxdec_0411.dll |01/10/2004 19:23:04 C:\WINDOWS\system32\divx_xx07.dll |28/09/2004 22:53:53 C:\WINDOWS\system32\divx_xx0c.dll |28/09/2004 22:53:53 C:\WINDOWS\system32\divx_xx11.dll |01/10/2004 19:23:04 C:\WINDOWS\system32\dpu10.dll |28/09/2004 22:54:28 C:\WINDOWS\system32\dpuGUI10.dll |28/09/2004 22:54:28 C:\WINDOWS\system32\dpus10.dll |28/09/2004 22:54:28 C:\WINDOWS\system32\dpv10.dll |28/09/2004 22:54:29 C:\WINDOWS\system32\encdec.dll |20/01/2005 05:25:49 C:\WINDOWS\system32\Epcomdd.dll |08/09/2005 18:34:48 C:\WINDOWS\system32\Epfb5cpl.dll |08/09/2005 18:34:49 C:\WINDOWS\system32\EqnClass.Dll |19/01/2005 22:32:48 C:\WINDOWS\system32\ESDTR.dll |08/09/2005 18:34:48 C:\WINDOWS\system32\ESICM.dll |08/09/2005 18:34:48 C:\WINDOWS\system32\Esintpl.dll |08/09/2005 18:34:48 C:\WINDOWS\system32\essisc1.dll |08/09/2005 18:34:49 C:\WINDOWS\system32\essiscsi.dll |08/09/2005 18:34:49 C:\WINDOWS\system32\hpgwiamd.dll |21/06/2004 12:50:28 C:\WINDOWS\system32\HPZc3212.dll |14/06/2006 20:53:44 C:\WINDOWS\system32\hpzcoi10.dll |21/06/2004 12:50:16 C:\WINDOWS\system32\hpzcon10.dll |21/06/2004 12:50:12 C:\WINDOWS\system32\HPZidr12.dll |14/06/2006 20:58:06 C:\WINDOWS\system32\HPZipr12.dll |14/06/2006 20:58:06 C:\WINDOWS\system32\HPZipt12.dll |14/06/2006 20:58:06 C:\WINDOWS\system32\HPZisn12.dll |14/06/2006 20:58:06 C:\WINDOWS\system32\hticons.dll |19/01/2005 21:36:22 C:\WINDOWS\system32\hypertrm.dll |19/01/2005 21:36:16 C:\WINDOWS\system32\iccvid.dll |20/01/2005 05:25:51 C:\WINDOWS\system32\ImagX7.dll |20/01/2005 18:39:43 C:\WINDOWS\system32\ImagXpr7.dll |20/01/2005 18:39:43 C:\WINDOWS\system32\ImagXR7.dll |20/01/2005 18:39:43 C:\WINDOWS\system32\ImagXRA7.dll |20/01/2005 18:39:43 C:\WINDOWS\system32\Inetwh32.dll |21/01/2005 08:00:30 C:\WINDOWS\system32\ir32_32.dll |20/01/2005 05:25:51 C:\WINDOWS\system32\ir41_qc.dll |20/01/2005 05:26:13 C:\WINDOWS\system32\ir41_qcx.dll |20/01/2005 05:26:13 C:\WINDOWS\system32\ir50_32.dll |20/01/2005 05:26:13 C:\WINDOWS\system32\ir50_qc.dll |20/01/2005 05:26:13 C:\WINDOWS\system32\ir50_qcx.dll |20/01/2005 05:26:13 C:\WINDOWS\system32\isrdbg32.dll |19/01/2005 21:37:18 C:\WINDOWS\system32\jgaw400.dll |20/01/2005 05:25:51 C:\WINDOWS\system32\jgdw400.dll |20/01/2005 05:25:51 C:\WINDOWS\system32\jgdwmie.dll |21/01/2005 08:00:31 C:\WINDOWS\system32\jgmd400.dll |20/01/2005 05:25:51 C:\WINDOWS\system32\jgpl400.dll |20/01/2005 05:25:51 C:\WINDOWS\system32\jgsd400.dll |20/01/2005 05:25:51 C:\WINDOWS\system32\jgsh400.dll |20/01/2005 05:25:51 C:\WINDOWS\system32\lcppn21.dll |14/11/2001 12:56:00 C:\WINDOWS\system32\lfbmp11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\lfbmp13n.dll |19/05/2004 09:55:44 C:\WINDOWS\system32\LFCMP11n.DLL |07/06/2002 01:02:00 C:\WINDOWS\system32\LFCMP13n.DLL |19/05/2004 09:55:58 C:\WINDOWS\system32\lfeps11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\lfeps13n.dll |19/05/2004 09:56:04 C:\WINDOWS\system32\lffax11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\lffax13n.dll |19/05/2004 09:56:08 C:\WINDOWS\system32\lfgif11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\lfgif13n.dll |19/05/2004 09:56:12 C:\WINDOWS\system32\lfpcd11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\lfpcd13n.dll |19/05/2004 09:56:14 C:\WINDOWS\system32\lfpcx11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\lfpcx13n.dll |19/05/2004 09:56:16 C:\WINDOWS\system32\Lfpng11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\Lfpng13n.dll |19/05/2004 09:56:22 C:\WINDOWS\system32\lfpsd11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\lfpsd13n.dll |19/05/2004 09:56:26 C:\WINDOWS\system32\lftga11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\lftga13n.dll |19/05/2004 09:56:26 C:\WINDOWS\system32\lftif11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\lftif13n.dll |19/05/2004 09:56:32 C:\WINDOWS\system32\lfwmf11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\lfwmf13n.dll |19/05/2004 09:56:36 C:\WINDOWS\system32\libeay32_0.9.6l.dll |05/09/2006 22:36:35 C:\WINDOWS\system32\Ltclr13n.dll |19/05/2004 09:57:00 C:\WINDOWS\system32\LTDIS11n.dll |07/06/2002 01:02:00 C:\WINDOWS\system32\LTDIS13n.dll |19/05/2004 09:57:36 C:\WINDOWS\system32\ltefx13n.DLL |19/05/2004 09:57:42 C:\WINDOWS\system32\ltfil11n.DLL |07/06/2002 01:02:00 C:\WINDOWS\system32\ltfil13n.DLL |19/05/2004 09:57:52 C:\WINDOWS\system32\ltimg11n.dll |07/06/2002 01:02:02 C:\WINDOWS\system32\ltimg13n.dll |19/05/2004 09:58:04 C:\WINDOWS\system32\ltkrn11n.dll |07/06/2002 01:02:02 C:\WINDOWS\system32\ltkrn13n.dll |19/05/2004 09:58:26 C:\WINDOWS\system32\Ltwvc11n.dll |07/06/2002 01:02:02 C:\WINDOWS\system32\Ltwvc13n.dll |19/05/2004 09:58:58 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 18:47:06 C:\WINDOWS\system32\midas.dll |09/08/2002 13:00:00 C:\WINDOWS\system32\msdmo.dll |20/01/2005 05:25:54 C:\WINDOWS\system32\msencode.dll |20/01/2005 05:25:54 C:\WINDOWS\system32\Oemdspif.dll |12/01/2005 14:11:33 C:\WINDOWS\system32\Packet.dll |09/05/2006 16:57:30 C:\WINDOWS\system32\paqsp.dll |23/08/2001 18:47:16 C:\WINDOWS\system32\PCDLIB32.DLL |07/06/2002 01:02:02 C:\WINDOWS\system32\pdfcmnnt.dll |20/05/2006 09:14:07 C:\WINDOWS\system32\picn20.dll |20/01/2005 18:42:29 C:\WINDOWS\system32\pncrt.dll |21/01/2005 07:55:03 C:\WINDOWS\system32\pndx5016.dll |21/01/2005 07:55:03 C:\WINDOWS\system32\pndx5032.dll |21/01/2005 07:55:03 C:\WINDOWS\system32\PSIKey.dll |28/09/2004 22:53:58 C:\WINDOWS\system32\PsisDecd.dll |20/01/2005 16:00:11 C:\WINDOWS\system32\pthreadVC.dll |09/05/2006 17:25:58 C:\WINDOWS\system32\qedwipes.dll |20/01/2005 05:25:59 C:\WINDOWS\system32\qt-mt331.dll |28/09/2004 22:54:30 C:\WINDOWS\system32\rmoc3260.dll |21/01/2005 07:55:07 C:\WINDOWS\system32\roboex32.dll |21/01/2005 08:00:30 C:\WINDOWS\system32\RTLCPAPI.dll |20/01/2005 15:21:35 C:\WINDOWS\system32\sbe.dll |20/01/2005 05:26:00 C:\WINDOWS\system32\slbcsp.dll |20/01/2005 05:26:01 C:\WINDOWS\system32\slbiop.dll |20/01/2005 05:26:01 C:\WINDOWS\system32\slbrccsp.dll |20/01/2005 05:26:01 C:\WINDOWS\system32\spnike.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\spxcoins.dll |19/01/2005 22:32:48 C:\WINDOWS\system32\SynCOM.dll |20/01/2005 15:34:57 C:\WINDOWS\system32\SynCtrl.dll |20/01/2005 15:34:57 C:\WINDOWS\system32\SynTPAPI.dll |20/01/2005 15:34:57 C:\WINDOWS\system32\SynTPCo2.dll |20/01/2005 15:34:57 C:\WINDOWS\system32\SynTPFcs.dll |20/01/2005 15:34:57 C:\WINDOWS\system32\tifmicon.dll |13/01/2004 11:46:00 C:\WINDOWS\system32\tsd32.dll |20/01/2005 05:26:05 C:\WINDOWS\system32\TwnLib20.dll |20/01/2005 18:39:46 C:\WINDOWS\system32\TwnLib4.dll |20/01/2005 18:42:29 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\vsdata.dll |05/09/2006 22:35:50 C:\WINDOWS\system32\vsinit.dll |05/09/2006 22:35:50 C:\WINDOWS\system32\vsmonapi.dll |05/09/2006 22:36:28 C:\WINDOWS\system32\vspubapi.dll |05/09/2006 22:36:28 C:\WINDOWS\system32\vsregexp.dll |05/09/2006 22:36:35 C:\WINDOWS\system32\vsutil.dll |05/09/2006 22:35:50 C:\WINDOWS\system32\vsutil_loc040c.dll |05/09/2006 22:36:38 C:\WINDOWS\system32\vswmi.dll |05/09/2006 22:36:29 C:\WINDOWS\system32\vsxml.dll |05/09/2006 22:36:29 C:\WINDOWS\system32\W29MLRES.dll |20/01/2005 15:58:13 C:\WINDOWS\system32\w29NCPA.dll |17/01/2005 17:37:46 C:\WINDOWS\system32\WanPacket.dll |09/05/2006 16:57:28 C:\WINDOWS\system32\wbtapi.dll |29/11/2004 19:39:04 C:\WINDOWS\system32\WidcommSdk.dll |29/11/2004 19:39:48 C:\WINDOWS\system32\win87em.dll |20/01/2005 05:26:06 C:\WINDOWS\system32\WMP9PlugIn.dll |20/01/2005 21:43:16 C:\WINDOWS\system32\wpcap.dll |09/05/2006 17:24:50 C:\WINDOWS\system32\zlcomm.dll |05/09/2006 22:36:34 C:\WINDOWS\system32\zlcommdb.dll |05/09/2006 22:36:34 Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est 84E0-49AC Répertoire de C:\WINDOWS\system32 05/08/2004 13:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 13 884 538 880 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est 84E0-49AC Répertoire de C:\WINDOWS\Downloaded Program Files 08/03/2007 02:01 <REP> . 08/03/2007 02:01 <REP> .. 19/01/2005 21:37 65 desktop.ini 08/09/2004 22:38 1 271 erma.inf 22/11/2006 23:22 372 736 GAME_UNO1.dll 22/11/2006 20:50 316 GAME_UNO1.INF 16/06/2006 15:08 1 529 592 ICSScan.dll 16/06/2006 13:03 470 ICSScanner.inf 08/08/2006 11:45 576 kavwebscan.inf 29/05/2003 15:00 160 864 messengerstatsclient.dll 29/05/2003 15:00 84 064 minesweeper.dll 29/05/2003 15:00 77 408 msgrchkr.dll 22/08/2003 21:10 226 opuc.inf 08/12/2003 13:58 3 759 swflash.inf 03/08/2004 14:51 293 wuweb.inf 13 fichier(s) 2 231 640 octets Total des fichiers listés : 13 fichier(s) 2 231 640 octets 2 Rép(s) 13 884 534 784 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Liste des programmes installes a-squared Free 2.0 Ad-Aware SE Personal Adobe Flash Player 9 ActiveX Adobe Photoshop 6.0 Adobe Reader 7.0.9 - Français Adobe SVG Viewer AOL (France) AOL Auto-diagnostic AOL Coach Version 1.0(Build:20040229.1 fr) AOL Toolbar ATI - Utilitaire de désinstallation du logiciel ATI Control Panel ATI Display Driver AutoUpdate avast! Antivirus AVManager V1.1.1.2 Barre d'outils Outlook de Windows Live (Windows Live Toolbar) BELKIN F5U109 V1.25 Bloqueur de fenêtres pop-up (Windows Live Toolbar) Broadcom 440x 10/100 Integrated Controller Broadcom 440x 10/100 Integrated Controller CCleaner (remove only) CD-DTU V22.140.1.19 Complément Microsoft Word pour Microsoft Works Suite Correctif pour Windows XP (KB914440) Correctif Windows XP - KB834707 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB887797 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Correctif Windows XP - KB893086 Creatix 2.0 AC'97 Modem DivX Player DivX Pro Documentation Opérationnelle - Nomade Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) DVD Decrypter (Remove Only) DVD Shrink 3.2 Ecran de veille AOL Photos eMule Encyclopédie Microsoft Encarta 2005 EPSON SMART PANEL for Scanner EPSON TWAIN 5 Ernst Französisch 11.2002 Extension de Windows Live Toolbar (Windows Live Toolbar) Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP FileZilla (remove only) Free - Kit de connexion FreeGo 3 GAEA 1.2 - Demo Gif Movie Gear v3 Google Toolbar for Internet Explorer HijackThis 1.99.1 Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) Informations sur votre PC J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.2_05 K!TV Kaspersky On-line Scanner Kaspersky Online Scanner Language pack for Ad-Aware SE Launch Manager V1.2.9 Learn2 Player (Uninstall Only) Lecteur Windows Media 11 Lexibook SyncMan Macromedia Shockwave Player MediaShow 3.0 Menus intelligents (Windows Live Toolbar) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft AutoRoute 2005 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Digital Image Library 9 - Blocker Microsoft Flight Simulator 2004 Un siècle d'aviation Microsoft Internationalized Domain Names Mitigation APIs Microsoft Money Microsoft National Language Support Downlevel APIs Microsoft Office Professional Edition 2003 Microsoft Photo Premium 10 Microsoft Photo Premium 10 Microsoft Picture It! Album 10 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Works Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows XP (KB883939) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893066) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB896688) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899588) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911280) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922760) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925454) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB896727) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB931836) Mise à niveau de Works Mise à niveau du système 1.2.350.0 Module de connectivité AOL Mozilla Firefox (1.5.0.10) MSXML 4.0 SP2 (KB927978) Musicmatch® Jukebox Nero Suite Nvu 1.0 OneCare Advisor (Windows Live Toolbar) PC-Bibliothek PDFCreator PhotoNow! 1.0 PowerCinema 4.0 PowerDirector PowerDVD PowerProducer Pro Evolution Soccer 4 Pro Evolution Soccer 4 QuickTime RealPlayer Realtek AC'97 Audio Shockwave SPEED-LINK DUAL SHOCK ADAPTER Sélecteur d'installation de Microsoft Works 2005 Synaptics Pointing Device Driver Texas Instruments PCIxx21/x515 drivers. TIxx21/x515 Total Annihilation - Contre-Attaque TrackMania Nations ESWC - Update 2 Utilitaire de sauvegarde Windows videon Viewpoint Media Player Visionneuse Journal Windows Microsoft WebFldrs XP WIDCOMM Bluetooth Software Windows Genuine Advantage Notifications (KB905474) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live Favorites pour Windows Live Toolbar Windows Live Messenger Windows Live Toolbar Windows Live Toolbar Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 WinPcap 4.0 alpha1 World Community Grid Agent X10 Hardware ZoneAlarm Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est 84E0-49AC Répertoire de C:\Program Files 07/03/2007 19:45 <REP> . 07/03/2007 19:45 <REP> .. 05/10/2006 22:13 <REP> Adobe 20/01/2005 18:42 <REP> Ahead 22/02/2006 09:00 <REP> Alwil Software 08/09/2006 23:32 <REP> AOL 9.0 21/01/2005 08:01 <REP> AOL Compagnon 15/11/2005 01:39 <REP> AOL Toolbar 06/03/2007 21:17 <REP> a-squared Free 20/01/2005 15:15 <REP> ATI Technologies 10/03/2006 19:17 <REP> BELKIN 19/01/2005 21:47 <REP> Broadcom 19/09/2005 21:05 <REP> CAVEDOG 07/03/2007 19:45 <REP> CCleaner 20/01/2005 16:01 <REP> Common Files 19/01/2005 21:37 <REP> ComPlus Applications 19/08/2006 21:58 <REP> CSTB 07/11/2005 22:59 <REP> Cyanide 03/06/2005 15:24 <REP> CyberLink 20/01/2005 21:55 <REP> DivX 30/08/2006 18:29 <REP> Documentation Operationnelle 08/03/2005 23:57 <REP> DVD Decrypter 17/08/2006 19:53 <REP> DVD Shrink 06/03/2007 22:34 <REP> eMule 20/01/2005 17:16 <REP> Encarta 08/09/2005 18:58 <REP> EPSON 11/10/2006 22:23 <REP> Fichiers communs 28/12/2006 23:38 <REP> FileZilla 23/02/2007 07:54 <REP> Free.fr 04/03/2007 18:57 <REP> FreeGo 02/06/2006 17:21 <REP> GAEA 22/09/2005 23:13 <REP> Google 20/01/2005 16:11 <REP> HighMAT CD Writing Wizard 04/06/2005 08:57 <REP> Home Cinema 20/06/2006 23:22 <REP> HP 15/07/2006 20:02 89 806 INSTALL.LOG 19/01/2005 21:44 <REP> Intel 17/02/2007 10:37 <REP> Internet Explorer 07/12/2005 20:31 <REP> Java 19/07/2006 17:03 <REP> K!TV 19/09/2005 12:19 <REP> KONAMI 14/08/2006 17:37 <REP> Launch Manager 08/05/2006 09:30 <REP> Lavasoft 21/01/2005 08:01 <REP> Learn2.com 11/10/2006 22:24 <REP> Lexibook 20/09/2005 15:11 <REP> Manager2005 05/07/2005 18:21 <REP> Messenger 20/01/2005 17:19 <REP> Microsoft AutoRoute 19/01/2005 21:39 <REP> microsoft frontpage 20/01/2005 17:37 <REP> Microsoft Games 14/11/2005 22:40 <REP> Microsoft Money 2005 05/03/2005 13:22 <REP> Microsoft Office 05/03/2005 13:22 <REP> Microsoft Visual Studio 20/01/2005 17:07 <REP> Microsoft Works 20/01/2005 17:01 <REP> Microsoft Works Suite 2005 05/03/2005 13:22 <REP> Microsoft.NET 19/01/2005 21:37 <REP> Movie Maker 08/03/2007 22:50 <REP> Mozilla Firefox 19/01/2005 21:36 <REP> MSN 19/01/2005 21:36 <REP> MSN Gaming Zone 24/02/2007 10:53 <REP> MSN Messenger 15/11/2006 00:15 <REP> MSXML 4.0 20/01/2005 19:35 <REP> Musicmatch 20/01/2005 18:58 <REP> muvee Technologies 19/01/2005 21:37 <REP> NetMeeting 28/12/2006 23:27 <REP> Nvu 20/01/2005 19:15 <REP> OfficeUpdate11 19/01/2005 21:36 <REP> Online Services 14/12/2006 00:16 <REP> Outlook Express 20/05/2006 09:14 <REP> PDFCreator 20/01/2005 17:15 <REP> Picture It! Premium 10 21/01/2005 08:01 <REP> QuickTime 21/01/2005 07:55 <REP> Real 19/01/2005 21:37 <REP> Services en ligne 20/01/2005 15:34 <REP> Synaptics 21/01/2005 07:59 <REP> TechCity Solutions 22/02/2007 00:03 <REP> TrackMania Nations ESWC 08/09/2005 18:33 <REP> TwainV5-5 27/03/2005 20:20 <REP> UNILEX 19/08/2006 21:59 2 227 unins000.dat 19/08/2006 21:59 643 129 unins000.exe 02/04/2005 20:31 <REP> VID_0E8F&PID_0003 21/01/2005 08:01 <REP> Viewpoint 20/04/2006 21:20 <REP> Visicom Media 20/01/2005 15:26 <REP> WIDCOMM 19/01/2005 21:56 <REP> Windows Journal Viewer 19/12/2006 01:36 <REP> Windows Live Favorites 19/12/2006 01:36 <REP> Windows Live Toolbar 06/01/2007 23:53 <REP> Windows Media Connect 06/01/2007 23:56 <REP> Windows Media Connect 2 06/01/2007 23:56 <REP> Windows Media Player 19/01/2005 21:36 <REP> Windows NT 04/03/2007 18:57 <REP> WinPcap 20/01/2005 21:43 <REP> Wistron 08/03/2007 22:48 <REP> WorldCommunityGrid 04/06/2005 09:20 <REP> X10 Hardware 19/01/2005 21:39 <REP> xerox 05/09/2006 22:36 <REP> Zone Labs 3 fichier(s) 735 162 octets 95 Rép(s) 13 884 563 456 octets libres Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est 84E0-49AC Répertoire de C:\Program Files\fichiers communs 11/10/2006 22:23 <REP> . 11/10/2006 22:23 <REP> .. 21/09/2005 18:31 <REP> Adobe 20/01/2005 18:42 <REP> Ahead 05/07/2005 20:44 <REP> AOL 24/03/2005 19:26 <REP> aolshare 05/03/2005 13:22 <REP> DESIGNER 14/06/2006 21:00 <REP> Hewlett-Packard 20/01/2005 18:54 <REP> InstallShield 20/01/2005 21:59 <REP> Java 17/02/2007 10:36 <REP> Microsoft Shared 19/01/2005 21:37 <REP> MSSoap 20/01/2005 18:58 <REP> muvee Technologies 21/01/2005 08:00 <REP> Nullsoft 19/01/2005 22:32 <REP> ODBC 21/01/2005 07:55 <REP> Real 19/01/2005 21:37 <REP> Services 19/01/2005 22:32 <REP> SpeechEngines 14/12/2006 00:16 <REP> System 11/10/2006 22:23 <REP> Wise Installation Wizard 21/01/2005 07:55 <REP> xing shared 0 fichier(s) 0 octets 21 Rép(s) 13 884 563 456 octets libres Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est 84E0-49AC Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 05/03/2005 13:22 <REP> . 05/03/2005 13:22 <REP> .. 05/03/2005 13:22 <REP> 1033 05/03/2005 13:22 <REP> 1036 11/07/2003 10:15 1 292 872 MSONSEXT.DLL 15/07/2003 06:52 35 896 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 11/07/2003 02:25 80 448 PKMWS.DLL 5 fichier(s) 1 659 186 octets 4 Rép(s) 13 884 563 456 octets libres Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est 84E0-49AC Répertoire de C:\Program Files\common files 20/01/2005 16:01 <REP> . 20/01/2005 16:01 <REP> .. 20/01/2005 16:01 <REP> X10 0 fichier(s) 0 octets 3 Rép(s) 13 884 559 360 octets libres Le volume dans le lecteur C s'appelle BOOT Le numéro de série du volume est 84E0-49AC Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 13 884 559 360 octets libres c:\Documents and Settings\Chris R\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe c:\Documents and Settings\Chris R\Application Data\Microsoft\Installer\{3CEA3FEC-1AF5-4818-89D5-406F627E7337}\IconF5FF112D.exe c:\Documents and Settings\Chris R\Bureau\gaea_setup.exe c:\Documents and Settings\Chris R\Bureau\zlsSetup_65_725_000_fr.exe c:\Documents and Settings\Chris R\Bureau\BXCRPRO3\BXCRPRO.EXE c:\Documents and Settings\Chris R\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Chris R\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Chris R\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Chris R\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Chris R\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Chris R\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Chris R\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Chris R\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Chris R\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Chris R\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Chris R\Bureau\Kitbar_v4.2\Kitbar4$.exe c:\Documents and Settings\Chris R\Mes documents\GCE 2\agsetup.exe c:\Documents and Settings\Chris R\Mes documents\GCE 5 Costic\Diag _énerg\BXCRPRO3\BXCRPRO.EXE c:\Documents and Settings\Chris R\Mes documents\PFE\Logiciels-tableurs\wkmlt.exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4P2B0LMN\iv_nt86[2].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GHIJK9YZ\fv_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\O1WHITK3\fi_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\O1WHITK3\ii_nt86[1].exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\Chris R\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\Chris R\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\Chris R\Application Data\Mozilla\Firefox\Profiles\x4xqo4ln.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll Que faire ensuite? Merci
  14. chris67380
    Ok je ferais ca ce soir, je suis au boulot la journée! Merci
  15. chris67380
    Voici mon nouveau log HijackThis : Logfile of HijackThis v1.99.1 Scan saved at 01:31:32, on 08/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Wistron\AVManager\AVManager.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\WorldCommunityGrid\UD.EXE C:\Program Files\WorldCommunityGrid\ud_11796683.exe C:\Program Files\WorldCommunityGrid\ud_11796683_0.dir\wcgridHCMD.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Chris R\Bureau\Kitbar_v4.2\Kitbar4$.exe C:\HijackThis\scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AVManager] "C:\Program Files\Wistron\AVManager\AVManager.exe" O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: World Community Grid Agent.lnk = C:\Program Files\WorldCommunityGrid\UD.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1106233521554 O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37880.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe Y-a-t-il encore autre chose a faire? ! Merci encore !
  16. chris67380
    Clean Navipromo version 1.0.5 commencé le 08/03/2007 à 0:10:42,24 Fix lancé depuis C:\Documents and Settings\Chris R\Bureau Mise a jour le 03.03.2007 a 23h00 by IL-MAFIOSO Executé en mode sans echec Mode suppression par méthode manuelle Nom du fichier saisi : kupblqthga *** Recherche, Creation backups et suppression *** C:\WINDOWS\system32\kupblqthga_navup.dat absent ! C:\WINDOWS\system32\kupblqthga_navtmp.dat absent ! C:\WINDOWS\system32\kupblqthga_m2s.xml absent ! C:\WINDOWS\system32\kupblqthga.exe trouvé ! Copie C:\WINDOWS\system32\kupblqthga.exe réalisé avec succès ! C:\WINDOWS\system32\kupblqthga.exe supprimé ! C:\WINDOWS\system32\kupblqthga.dat trouvé ! Copie C:\WINDOWS\system32\kupblqthga.dat réalisé avec succès ! C:\WINDOWS\system32\kupblqthga.dat supprimé ! C:\WINDOWS\system32\kupblqthga_nav.dat trouvé ! Copie C:\WINDOWS\system32\kupblqthga_nav.dat réalisé avec succès ! C:\WINDOWS\system32\kupblqthga_nav.dat supprimé ! C:\WINDOWS\system32\kupblqthga_navps.dat trouvé ! Copie C:\WINDOWS\system32\kupblqthga_navps.dat réalisé avec succès ! C:\WINDOWS\system32\kupblqthga_navps.dat supprimé ! C:\WINDOWS\prefetch\kupblqthga*.pf trouvé ! Copie C:\WINDOWS\prefetch\kupblqthga*.pf réalisé avec succès ! C:\WINDOWS\prefetch\kupblqthga*.pf supprimé ! *** Suppression dossiers dans C:\WINDOWS *** *** Suppression dossiers dans C:\Program Files *** *** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Suppression dossiers dans C:\Documents and Settings\Chris R\Application Data *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Chris R\Local Settings\Temp effectué ! *** Sauvegarde du registre vers dossier Backupnavi*** sauvegarde du registre réalisée avec succès ! *** Nettoyage registre *** Nettoyage registre Ok *** Traitement Recherche complémentaire *** 1)Recherche/Suppressions nouveaux fichiers connus: 2)Recherche Heuristique (Fichiers à supprimer si nécéssaire): * ** *** **** *** Nettoyage termine le 08/03/2007 à 0:12:02,07 *** Merci en tout cas, ca semble être bon !
  17. chris67380
    03/07/07 22:38:05 [info]: BlackLight Engine 1.0.55 initialized 03/07/07 22:38:05 [info]: OS: 5.1 build 2600 (Service Pack 2) 03/07/07 22:38:05 [Note]: 7019 4 03/07/07 22:38:05 [Note]: 7005 0 03/07/07 22:38:14 [Note]: 7006 0 03/07/07 22:38:14 [Note]: 7011 1480 03/07/07 22:38:14 [Note]: 7026 0 03/07/07 22:38:14 [Note]: 7026 0 03/07/07 22:38:15 [Note]: 7024 3 03/07/07 22:38:15 [info]: Hidden process: C:\windows\system32\kupblqthga.exe 03/07/07 22:38:28 [Note]: FSRAW library version 1.7.1021 03/07/07 22:45:19 [Note]: 4020 11708 65536 03/07/07 22:45:19 [Note]: 4018 11708 65536 03/07/07 22:45:30 [Note]: 4020 11708 65536 03/07/07 22:45:30 [Note]: 4018 11708 65536 03/07/07 22:45:41 [Note]: 4020 11708 65536 03/07/07 22:45:41 [Note]: 4018 11708 65536 03/07/07 22:45:52 [Note]: 4020 11708 65536 03/07/07 22:45:52 [Note]: 4018 11708 65536 03/07/07 22:46:02 [Note]: 4020 11708 65536 03/07/07 22:46:02 [Note]: 4018 11708 65536 03/07/07 22:46:13 [Note]: 4020 11708 65536 03/07/07 22:46:13 [Note]: 4018 11708 65536 03/07/07 22:46:24 [Note]: 4020 11708 65536 03/07/07 22:46:24 [Note]: 4018 11708 65536 03/07/07 22:46:37 [Note]: 4020 11708 65536 03/07/07 22:46:37 [Note]: 4018 11708 65536 03/07/07 22:46:52 [Note]: 4020 11708 65536 03/07/07 22:46:52 [Note]: 4018 11708 65536 03/07/07 22:47:04 [Note]: 4020 11708 65536 03/07/07 22:47:04 [Note]: 4018 11708 65536 03/07/07 22:47:13 [Note]: 4020 11708 65536 03/07/07 22:47:13 [Note]: 4018 11708 65536 03/07/07 22:47:22 [Note]: 4020 11708 65536 03/07/07 22:47:22 [Note]: 4018 11708 65536 03/07/07 22:47:31 [Note]: 4020 11708 65536 03/07/07 22:47:31 [Note]: 4018 11708 65536 03/07/07 22:47:43 [Note]: 4020 11708 65536 03/07/07 22:47:43 [Note]: 4018 11708 65536 03/07/07 22:47:53 [Note]: 4020 11708 65536 03/07/07 22:47:53 [Note]: 4018 11708 65536 03/07/07 22:48:03 [Note]: 4020 11708 65536 03/07/07 22:48:03 [Note]: 4018 11708 65536 03/07/07 22:48:12 [Note]: 4020 11708 65536 03/07/07 22:48:12 [Note]: 4018 11708 65536 03/07/07 22:48:22 [Note]: 4020 11708 65536 03/07/07 22:48:22 [Note]: 4018 11708 65536 03/07/07 22:48:36 [Note]: 4020 11708 65536 03/07/07 22:48:36 [Note]: 4018 11708 65536 03/07/07 22:48:46 [Note]: 4020 11708 65536 03/07/07 22:48:46 [Note]: 4018 11708 65536 03/07/07 22:48:55 [Note]: 4020 11708 65536 03/07/07 22:48:55 [Note]: 4018 11708 65536 03/07/07 22:49:05 [Note]: 4020 11708 65536 03/07/07 22:49:05 [Note]: 4018 11708 65536 03/07/07 22:49:16 [Note]: 4020 11708 65536 03/07/07 22:49:16 [Note]: 4018 11708 65536 03/07/07 22:49:25 [Note]: 4020 11708 65536 03/07/07 22:49:25 [Note]: 4018 11708 65536 03/07/07 22:49:35 [Note]: 4020 11708 65536 03/07/07 22:49:35 [Note]: 4018 11708 65536 03/07/07 22:49:47 [Note]: 4020 11708 65536 03/07/07 22:49:47 [Note]: 4018 11708 65536 03/07/07 22:49:56 [Note]: 4020 11708 65536 03/07/07 22:49:56 [Note]: 4018 11708 65536 03/07/07 22:50:06 [Note]: 4020 11708 65536 03/07/07 22:50:06 [Note]: 4018 11708 65536 03/07/07 22:50:17 [Note]: 4020 11708 65536 03/07/07 22:50:17 [Note]: 4018 11708 65536 03/07/07 22:50:30 [Note]: 4020 11708 65536 03/07/07 22:50:30 [Note]: 4018 11708 65536 03/07/07 22:50:40 [Note]: 4020 11708 65536 03/07/07 22:50:40 [Note]: 4018 11708 65536 03/07/07 22:50:49 [Note]: 4020 11708 65536 03/07/07 22:50:49 [Note]: 4018 11708 65536 03/07/07 22:51:02 [Note]: 4020 11708 65536 03/07/07 22:51:02 [Note]: 4018 11708 65536 03/07/07 22:51:16 [Note]: 4020 11708 65536 03/07/07 22:51:16 [Note]: 4018 11708 65536 03/07/07 22:51:35 [Note]: 4020 11708 65536 03/07/07 22:51:35 [Note]: 4018 11708 65536 03/07/07 22:51:47 [Note]: 4020 11708 65536 03/07/07 22:51:47 [Note]: 4018 11708 65536 03/07/07 22:51:55 [Note]: 4020 11708 65536 03/07/07 22:51:55 [Note]: 4018 11708 65536 03/07/07 22:52:05 [Note]: 4020 11708 65536 03/07/07 22:52:05 [Note]: 4018 11708 65536 03/07/07 22:52:14 [Note]: 4020 11708 65536 03/07/07 22:52:14 [Note]: 4018 11708 65536 03/07/07 22:52:23 [Note]: 4020 11708 65536 03/07/07 22:52:23 [Note]: 4018 11708 65536 03/07/07 22:52:33 [Note]: 4020 11708 65536 03/07/07 22:52:33 [Note]: 4018 11708 65536 03/07/07 22:52:43 [Note]: 4020 11708 65536 03/07/07 22:52:43 [Note]: 4018 11708 65536 03/07/07 22:52:54 [Note]: 4020 11708 65536 03/07/07 22:52:54 [Note]: 4018 11708 65536 03/07/07 22:53:11 [Note]: 4020 11708 65536 03/07/07 22:53:11 [Note]: 4018 11708 65536 03/07/07 22:53:20 [Note]: 4020 11708 65536 03/07/07 22:53:20 [Note]: 4018 11708 65536 03/07/07 22:53:31 [Note]: 4020 11708 65536 03/07/07 22:53:31 [Note]: 4018 11708 65536 03/07/07 22:53:41 [Note]: 4020 11708 65536 03/07/07 22:53:41 [Note]: 4018 11708 65536 03/07/07 22:53:52 [Note]: 4020 11708 65536 03/07/07 22:53:52 [Note]: 4018 11708 65536 03/07/07 22:54:05 [Note]: 4020 11708 65536 03/07/07 22:54:05 [Note]: 4018 11708 65536 03/07/07 22:54:14 [Note]: 4020 11708 65536 03/07/07 22:54:14 [Note]: 4018 11708 65536 03/07/07 22:54:29 [Note]: 4020 11708 65536 03/07/07 22:54:29 [Note]: 4018 11708 65536 03/07/07 22:54:39 [Note]: 4020 11708 65536 03/07/07 22:54:39 [Note]: 4018 11708 65536 03/07/07 22:54:48 [Note]: 4020 11708 65536 03/07/07 22:54:48 [Note]: 4018 11708 65536 03/07/07 22:54:56 [Note]: 4020 11708 65536 03/07/07 22:54:56 [Note]: 4018 11708 65536 03/07/07 22:55:07 [Note]: 4020 11708 65536 03/07/07 22:55:07 [Note]: 4018 11708 65536 03/07/07 22:55:17 [Note]: 4020 11708 65536 03/07/07 22:55:17 [Note]: 4018 11708 65536 03/07/07 22:55:27 [Note]: 4020 11708 65536 03/07/07 22:55:27 [Note]: 4018 11708 65536 03/07/07 22:55:37 [Note]: 4020 11708 65536 03/07/07 22:55:37 [Note]: 4018 11708 65536 03/07/07 22:55:46 [Note]: 4020 11708 65536 03/07/07 22:55:46 [Note]: 4018 11708 65536 03/07/07 22:55:56 [Note]: 4020 11708 65536 03/07/07 22:55:56 [Note]: 4018 11708 65536 03/07/07 22:56:07 [Note]: 4020 11708 65536 03/07/07 22:56:07 [Note]: 4018 11708 65536 03/07/07 22:56:17 [Note]: 4020 11708 65536 03/07/07 22:56:17 [Note]: 4018 11708 65536 03/07/07 22:56:26 [Note]: 4020 11708 65536 03/07/07 22:56:26 [Note]: 4018 11708 65536 03/07/07 22:56:35 [Note]: 4020 11708 65536 03/07/07 22:56:35 [Note]: 4018 11708 65536 03/07/07 22:56:46 [Note]: 4020 11708 65536 03/07/07 22:56:46 [Note]: 4018 11708 65536 03/07/07 22:56:55 [Note]: 4020 11708 65536 03/07/07 22:56:55 [Note]: 4018 11708 65536 03/07/07 22:57:07 [Note]: 4020 11708 65536 03/07/07 22:57:07 [Note]: 4018 11708 65536 03/07/07 22:57:16 [Note]: 4020 11708 65536 03/07/07 22:57:16 [Note]: 4018 11708 65536 03/07/07 22:57:26 [Note]: 4020 11708 65536 03/07/07 22:57:26 [Note]: 4018 11708 65536 03/07/07 22:57:36 [Note]: 4020 11708 65536 03/07/07 22:57:36 [Note]: 4018 11708 65536 03/07/07 22:57:46 [Note]: 4020 11708 65536 03/07/07 22:57:46 [Note]: 4018 11708 65536 03/07/07 22:57:56 [Note]: 4020 11708 65536 03/07/07 22:57:56 [Note]: 4018 11708 65536 03/07/07 22:58:05 [Note]: 4020 11708 65536 03/07/07 22:58:05 [Note]: 4018 11708 65536 03/07/07 22:58:16 [Note]: 4020 11708 65536 03/07/07 22:58:16 [Note]: 4018 11708 65536 03/07/07 22:58:24 [Note]: 4020 11708 65536 03/07/07 22:58:24 [Note]: 4018 11708 65536 03/07/07 22:58:33 [Note]: 4020 11708 65536 03/07/07 22:58:33 [Note]: 4018 11708 65536 03/07/07 22:58:42 [Note]: 4020 11708 65536 03/07/07 22:58:42 [Note]: 4018 11708 65536 03/07/07 22:58:52 [Note]: 4020 11708 65536 03/07/07 22:58:52 [Note]: 4018 11708 65536 03/07/07 22:59:01 [Note]: 4020 11708 65536 03/07/07 22:59:01 [Note]: 4018 11708 65536 03/07/07 22:59:11 [Note]: 4020 11708 65536 03/07/07 22:59:11 [Note]: 4018 11708 65536 03/07/07 22:59:20 [Note]: 4020 11708 65536 03/07/07 22:59:20 [Note]: 4018 11708 65536 03/07/07 22:59:29 [Note]: 4020 11708 65536 03/07/07 22:59:29 [Note]: 4018 11708 65536 03/07/07 22:59:38 [Note]: 4020 11708 65536 03/07/07 22:59:38 [Note]: 4018 11708 65536 03/07/07 22:59:49 [Note]: 4020 11708 65536 03/07/07 22:59:49 [Note]: 4018 11708 65536 03/07/07 22:59:59 [Note]: 4020 11708 65536 03/07/07 22:59:59 [Note]: 4018 11708 65536 03/07/07 23:00:08 [Note]: 4020 11708 65536 03/07/07 23:00:08 [Note]: 4018 11708 65536 03/07/07 23:00:17 [Note]: 4020 11708 65536 03/07/07 23:00:17 [Note]: 4018 11708 65536 03/07/07 23:00:25 [Note]: 4020 11708 65536 03/07/07 23:00:25 [Note]: 4018 11708 65536 03/07/07 23:00:33 [Note]: 4020 11726 65536 03/07/07 23:00:33 [Note]: 4018 11726 65536 03/07/07 23:00:41 [Note]: 4020 11708 65536 03/07/07 23:00:41 [Note]: 4018 11708 65536 03/07/07 23:00:49 [Note]: 4020 11708 65536 03/07/07 23:00:49 [Note]: 4018 11708 65536 03/07/07 23:00:57 [Note]: 4020 11708 65536 03/07/07 23:00:57 [Note]: 4018 11708 65536 03/07/07 23:01:04 [Note]: 4020 11708 65536 03/07/07 23:01:04 [Note]: 4018 11708 65536 03/07/07 23:01:14 [Note]: 4020 11708 65536 03/07/07 23:01:14 [Note]: 4018 11708 65536 03/07/07 23:01:24 [Note]: 4020 11708 65536 03/07/07 23:01:24 [Note]: 4018 11708 65536 03/07/07 23:01:35 [Note]: 4020 11708 65536 03/07/07 23:01:35 [Note]: 4018 11708 65536 03/07/07 23:01:45 [Note]: 4020 11708 65536 03/07/07 23:01:45 [Note]: 4018 11708 65536 03/07/07 23:01:56 [Note]: 4020 11708 65536 03/07/07 23:01:56 [Note]: 4018 11708 65536 03/07/07 23:02:07 [Note]: 4020 11708 65536 03/07/07 23:02:07 [Note]: 4018 11708 65536 03/07/07 23:02:24 [Note]: 4020 11708 65536 03/07/07 23:02:24 [Note]: 4018 11708 65536 03/07/07 23:02:35 [Note]: 4020 11708 65536 03/07/07 23:02:35 [Note]: 4018 11708 65536 03/07/07 23:02:47 [Note]: 4020 11708 65536 03/07/07 23:02:47 [Note]: 4018 11708 65536 03/07/07 23:02:57 [Note]: 4020 11708 65536 03/07/07 23:02:57 [Note]: 4018 11708 65536 03/07/07 23:03:08 [info]: Hidden file: c:\WINDOWS\system32\kupblqthga.dat 03/07/07 23:03:08 [Note]: 10002 1 03/07/07 23:03:08 [info]: Hidden file: C:\windows\system32\kupblqthga.exe 03/07/07 23:03:08 [Note]: 10002 1 03/07/07 23:03:09 [info]: Hidden file: c:\WINDOWS\system32\kupblqthga_nav.dat 03/07/07 23:03:09 [Note]: 10002 1 03/07/07 23:03:09 [info]: Hidden file: c:\WINDOWS\system32\kupblqthga_navps.dat 03/07/07 23:03:09 [Note]: 10002 1 03/07/07 23:03:17 [Note]: 4020 11708 65536 03/07/07 23:03:17 [Note]: 4018 11708 65536 03/07/07 23:03:35 [Note]: 4020 11708 65536 03/07/07 23:03:35 [Note]: 4018 11708 65536 03/07/07 23:03:52 [Note]: 4020 11708 65536 03/07/07 23:03:52 [Note]: 4018 11708 65536 03/07/07 23:04:09 [Note]: 4020 11708 65536 03/07/07 23:04:09 [Note]: 4018 11708 65536 03/07/07 23:04:23 [Note]: 4020 11708 65536 03/07/07 23:04:23 [Note]: 4018 11708 65536 03/07/07 23:04:41 [Note]: 4020 11708 65536 03/07/07 23:04:41 [Note]: 4018 11708 65536 03/07/07 23:05:00 [Note]: 4020 11708 65536 03/07/07 23:05:00 [Note]: 4018 11708 65536 03/07/07 23:05:16 [Note]: 4020 11708 65536 03/07/07 23:05:16 [Note]: 4018 11708 65536 03/07/07 23:05:32 [Note]: 4020 11708 65536 03/07/07 23:05:32 [Note]: 4018 11708 65536 03/07/07 23:05:50 [Note]: 4020 11708 65536 03/07/07 23:05:50 [Note]: 4018 11708 65536 03/07/07 23:06:04 [Note]: 4020 11708 65536 03/07/07 23:06:04 [Note]: 4018 11708 65536 03/07/07 23:06:15 [Note]: 4020 11708 65536 03/07/07 23:06:15 [Note]: 4018 11708 65536 03/07/07 23:06:35 [Note]: 4020 11708 65536 03/07/07 23:06:35 [Note]: 4018 11708 65536 03/07/07 23:06:45 [Note]: 4020 11708 65536 03/07/07 23:06:45 [Note]: 4018 11708 65536 03/07/07 23:06:57 [Note]: 4020 11708 65536 03/07/07 23:06:57 [Note]: 4018 11708 65536 03/07/07 23:07:08 [Note]: 4020 11708 65536 03/07/07 23:07:08 [Note]: 4018 11708 65536 03/07/07 23:07:19 [Note]: 4020 11708 65536 03/07/07 23:07:19 [Note]: 4018 11708 65536 03/07/07 23:07:35 [Note]: 4020 11708 65536 03/07/07 23:07:35 [Note]: 4018 11708 65536 03/07/07 23:07:52 [Note]: 4020 11708 65536 03/07/07 23:07:52 [Note]: 4018 11708 65536 03/07/07 23:08:10 [Note]: 4020 11708 65536 03/07/07 23:08:10 [Note]: 4018 11708 65536 03/07/07 23:08:29 [Note]: 4020 11708 65536 03/07/07 23:08:29 [Note]: 4018 11708 65536 03/07/07 23:08:46 [Note]: 4020 11708 65536 03/07/07 23:08:46 [Note]: 4018 11708 65536 03/07/07 23:08:55 [Note]: 4020 11708 65536 03/07/07 23:08:55 [Note]: 4018 11708 65536 03/07/07 23:09:45 [Note]: 7007 0 L'application détectée a plusieurs fois tenté de se connecter a internet mais je lui refusais l'accès grace a Zone alarm... Merci de me dire pour la suite ! Chris
  18. chris67380
    Scan en cours, je te tiens au courant ! En tout cas merci pour votre aide !
  19. chris67380
    Bonjour, j'ai déjà passé a², ccleaner, adaware, avast mais rien n'y change j'ai des pubs intempestives et des applications bizarres dans zone alarm ! Logfile of HijackThis v1.99.1 Scan saved at 20:18:51, on 07/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Wistron\AVManager\AVManager.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\WorldCommunityGrid\UD.EXE C:\Program Files\WorldCommunityGrid\ud_11796683.exe C:\Program Files\WorldCommunityGrid\ud_11796683_0.dir\wcgridHCMD.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\HijackThis\scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AVManager] "C:\Program Files\Wistron\AVManager\AVManager.exe" O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: World Community Grid Agent.lnk = C:\Program Files\WorldCommunityGrid\UD.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 6233521554 O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/p [...] r37880.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe Si quelq'un pouvait m'aider ! Merci d'avance ! Chris
×
×
  • Créer...