titi321
-
Compteur de contenus
3 -
Inscription
-
Dernière visite
titi321's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
et j'ai oublié le rapport combofix : ComboFix 08-01-14.4 - tanguy 2008-01-14 19:28:41.1 - FAT32x86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.100 [GMT 1:00] Running from: C:\Documents and Settings\tanguy\Local Settings\Temporary Internet Files\Content.IE5\O5MBKLMN\ComboFix[1].exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\tanguy\Application Data\HbTools C:\Documents and Settings\tanguy\Application Data\HbTools\HbTools.log C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\1.sdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\1384287.sdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\1435645.sdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\269318.sdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\308857.sdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\934538.sdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\15040 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\2020 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\20570 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\25509 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\29115 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\41999 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\437306 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\44320 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\44878 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\52625 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\54189 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\617075 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\6704 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\696893 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\705078 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\705187 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\705206 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\753017 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\89885 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90300 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\90375 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\99739 C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\dynamic\ustat\35cc.dat C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\ads.cdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\btntrans.idx C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\btntrans1.dat C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\business_promo.htm C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\buttondir.txt C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\components.cdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\cursors.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\d_icons_buttons_1000.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\d_icons_buttons_2000.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\d_icons_buttons_3000.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\d_icons_buttons_bar.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\d_icons_buttons_bbar1.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\d_icons_buttons_logos.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\d_icons_buttons_other.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\d_icons_weather.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\default.cdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_511745-514279.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz1.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz10.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz11.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz12.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz13.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz14.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz15.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz16.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz17.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz18.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz19.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz2.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz20.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz3.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz4.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz5.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz6.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz7.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz8.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_bidz9.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_categorize.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_comparison.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_em_PROFL_CA_flow_b_IEB.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_explorer-Mails.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_explorer-people.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_favorites.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_Games.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_Hide.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_hotbarcom.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_Hotmail.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_hsskin.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_jemster.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_jemsterie.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_jemsteruk.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_jobsearch.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_Mails.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_new.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_premium.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_reun.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_ringtones.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_SearchBoxTrapper.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_searchfor.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_searchgo.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_weather.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Default_yellowpages.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\email-def-511724-548964.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\email-def-511724-9595.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\email-t1-bg.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\gamesmenu.cdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\gamesMenu.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\hb_ie_menu.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\hotbar-premium-hotbar-premium.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\hotbar-premium.cdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\hotbar_promo.htm C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\icons2.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\ie_games_icon.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\ie_video.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\keywords.idx C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\keywords1.dat C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\layout.cdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\linkpathlegal.txt C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\more.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\new_games.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\progress.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\s_icons_buttons.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\sales_buttons.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\t2_bg.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\theweb.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\top7.cdf C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\Top7_theweb.mnu C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\tsd_bg.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\1\weathericon.res C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\ads.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\BtnTrans.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\BtnTrans1.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\business_promo.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\buttondir.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\cursors.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_1000.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_2000.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_3000.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_bar.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_bbar1.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_logos.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_other.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\d_icons_weather.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\default.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\email-t1-bg.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\gamesmenu.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\hb_ie_menu.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\hotbar-premium.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\hotbar_promo.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\icons2.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\ie_games_icon.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\ie_video.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\keywords.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\keywords1.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\layout.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\linkpathlegal.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\more.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\progress.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\s_icons_buttons.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\sales_buttons.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\samplegroups2.txt C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\samplegroups2.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\t2_bg.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\top7.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\tsd_bg.xip C:\Documents and Settings\tanguy\Application Data\HbTools\v3.0\HbTools\static\DownLoad\weathericon.xip C:\Documents and Settings\tanguy\Application Data\install_fr[1].exe C:\Documents and Settings\tanguy\Application Data\setup_fr[1].exe C:\Documents and Settings\tanguy\Application Data\ShoppingReport C:\Documents and Settings\tanguy\Application Data\ShoppingReport\cs\Config.xml C:\Documents and Settings\tanguy\Application Data\ShoppingReport\cs\db\Aliases.dbs C:\Documents and Settings\tanguy\Application Data\ShoppingReport\cs\db\Sites.dbs C:\Documents and Settings\tanguy\Application Data\ShoppingReport\cs\dwld\WhiteList.xip C:\Documents and Settings\tanguy\Application Data\ShoppingReport\cs\report\aggr_storage.xml C:\Documents and Settings\tanguy\Application Data\ShoppingReport\cs\report\send_storage.xml C:\Documents and Settings\tanguy\Application Data\ShoppingReport\cs\res2\WhiteList.dbs C:\Documents and Settings\tanguy\ResErrors.log C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll C:\Program Files\ShoppingReport\Uninst.exe C:\WINDOWS\cookies.ini C:\WINDOWS\system32\abadd.ini C:\WINDOWS\system32\abadd.ini2 C:\Program Files\ShoppingReport . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-14 to 2008-01-14 )))))))))))))))))))))))))))))))))))) . 2008-01-14 19:27 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-14 10:56 . 2008-01-14 10:56 <REP> d-------- C:\Deckard 2008-01-11 07:42 . 2008-01-11 07:42 <REP> d--hs---- C:\FOUND.003 2008-01-09 19:44 . 2008-01-09 19:44 <REP> d-------- C:\VundoFix Backups 2008-01-09 19:29 . 2008-01-09 19:29 <REP> d-------- C:\Program Files\Trend Micro 2008-01-07 18:46 . 2008-01-07 18:46 <REP> d-------- C:\Program Files\TuneUp Utilities 2008 2008-01-07 18:46 . 2008-01-07 18:46 <REP> d-------- C:\Documents and Settings\tanguy\Application Data\TuneUp Software 2008-01-07 18:46 . 2008-01-07 18:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-01-07 18:46 . 2008-01-07 18:46 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe 2008-01-07 18:46 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll 2008-01-07 18:45 . 2008-01-07 18:45 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-01-06 20:12 . 2008-01-06 20:12 407,680 --a------ C:\WINDOWS\system32\qqnucxoi.dll 2008-01-06 17:37 . 2008-01-06 17:37 <REP> d--hs---- C:\FOUND.002 2008-01-02 23:09 . 2008-01-02 23:09 <REP> d--hs---- C:\FOUND.001 2008-01-02 21:01 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2008-01-02 21:01 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-01-02 21:01 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-01-02 21:01 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-01-02 21:00 . 2008-01-02 21:00 <REP> d-------- C:\Program Files\Alwil Software 2008-01-02 21:00 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-01-02 21:00 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2008-01-02 21:00 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-01-02 21:00 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-01-02 20:50 . 2008-01-02 20:50 <REP> d--hs---- C:\AntivirusMagique 2008-01-02 20:49 . 2008-01-02 20:49 <REP> d-------- C:\Documents and Settings\tanguy\Application Data\AntivirusMagique 2008-01-02 20:49 . 2008-01-02 20:49 <REP> dr------- C:\Documents and Settings\All Users\Application Data\SalesMon 2008-01-02 20:48 . 2008-01-02 20:48 <REP> d-------- C:\Program Files\AntivirusMagique 2008-01-02 20:48 . 2001-03-08 18:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll 2008-01-02 20:11 . 2008-01-02 20:11 <REP> d--hs---- C:\FOUND.000 2007-12-25 23:51 . 2007-12-25 23:51 39,424 --a------ C:\WINDOWS\system32\pmnlihi.dll.vir . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-11 06:42 90,112 ----a-w C:\WINDOWS\DUMP446b.tmp 2007-11-14 07:28 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll 2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll 2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll 2007-10-30 17:20 360,064 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys 2007-10-30 10:18 3,079,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll 2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll 2007-10-25 16:56 8,510,976 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll 2007-10-25 09:01 2,109,440 ----a-w C:\WINDOWS\system32\dllcache\wmvcore.dll 2007-10-25 09:00 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-10-25 09:00 230,912 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll 2006-09-29 23:26 16,277,288 ----a-w C:\Program Files\Install_Messenger.exe 2007-09-25 06:34 7,430 --sh--w C:\WINDOWS\system32\kmllm.bak1 2007-10-03 20:40 15,201 --sh--w C:\WINDOWS\system32\cbeeg.bak2 2007-10-01 06:30 24,307 --sh--w C:\WINDOWS\system32\cbeeg.bak1 . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8559C4FF-9E98-4E09-A4F9-A9B425642EE0}] C:\WINDOWS\system32\ddaba.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-10-14 18:09 103712] "msnmsgr"="~C:\Program Files\MSN Messenger\msnmsgr.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaunchApp"="Alaunch" [] "SiSPower"="SiSPower.dll" [2005-02-25 04:35 49152 C:\WINDOWS\system32\SiSPower.dll] "SiS Windows KeyHook"="C:\WINDOWS\system32\keyhook.exe" [2005-03-04 13:13 32768] "SoundMan"="SOUNDMAN.EXE" [2005-02-23 03:13 77824 C:\WINDOWS\SOUNDMAN.EXE] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-07 23:44 98394] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-07 23:43 688218] "PCMService"="C:\Program Files\Arcade\PCMService.exe" [2005-03-09 18:59 49152] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 05:00 208952] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00 59392] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 05:00 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 05:00 455168] "LManager"="C:\Program Files\Launch Manager\QtZgAcer.EXE" [2005-03-28 12:30 315392] "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 16:41 393216] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57 188416] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59 77824] "320d18a1"="C:\WINDOWS\system32\qqnucxoi.dll" [2008-01-06 20:12 407680] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-10-14 18:09 103712] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtqq] C:\WINDOWS\system32\awtqq.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkklll] jkkklll.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mllmk] C:\WINDOWS\system32\mllmk.dll R0 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 01:14] R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46] R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58] R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57] R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-05 05:00] R3 HSFHWSIS;HSFHWSIS;C:\WINDOWS\system32\DRIVERS\HSFHWSIS.sys [2004-12-15 00:18] R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51;C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 01:43] S3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys [2003-12-31 11:35] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-01-07 18:46] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 05:00] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-01-07 17:46:36 C:\WINDOWS\Tasks\Maintenance en 1 clic.job" - C:\Program Files\TuneUp Utilities 2008\OneClick.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-14 19:32:40 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Merci beaucoup!!
-
Merci beaucoup! voici le rapport vundofix : VundoFix V6.7.7 Checking Java version... Sun Java not detected Scan started at 19:44:41 09/01/2008 Listing files found while scanning.... No infected files were found. VundoFix V6.7.7 Checking Java version... Sun Java not detected Scan started at 20:08:58 13/01/2008 Listing files found while scanning.... VundoFix V6.7.7 Checking Java version... Sun Java not detected Scan started at 23:07:33 13/01/2008 Listing files found while scanning.... C:\windows\system32\awvtu.dll Beginning removal... Attempting to delete C:\windows\system32\awvtu.dll C:\windows\system32\awvtu.dll Has been deleted! Performing Repairs to the registry. Done! VundoFix V6.7.7 Checking Java version... Sun Java not detected Scan started at 17:28:19 14/01/2008 Listing files found while scanning.... No infected files were found. Beginning removal... et le rapport Hijack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:23:35, on 14/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\keyhook.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Arcade\PCMService.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\sistray.exe C:\WINDOWS\system32\LVComS.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Acer\eManager\anbmServ.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\calc.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll O2 - BHO: {b23e9ed3-aa05-62e8-c4d4-1bf058b5dc91} - {19cd5b85-0fb1-4d4c-8e26-50aa3de9e32b} - (no file) O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: (no name) - {561D535C-43C9-46A2-8831-2CED465E3E9B} - (no file) O2 - BHO: (no name) - {8559C4FF-9E98-4E09-A4F9-A9B425642EE0} - C:\WINDOWS\system32\ddaba.dll (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {FB9D6781-63D7-4779-B9A6-2A82B0EDCE85} - (no file) O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [320d18a1] rundll32.exe "C:\WINDOWS\system32\qqnucxoi.dll",sitypnow O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab O20 - Winlogon Notify: awtqq - C:\WINDOWS\system32\awtqq.dll (file missing) O20 - Winlogon Notify: jkkklll - jkkklll.dll (file missing) O20 - Winlogon Notify: mllmk - C:\WINDOWS\system32\mllmk.dll (file missing) O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 6954 bytes Merci beaucoup pour ton aide!! Tu me sauves la vie...
-
Bonjour à tous, moi aussi je suis une innocente victime de ce foutu virus... Qqun pourrait-il m'aider? Merci beaucoup par avance voici le log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:30:14, on 14/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\keyhook.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Arcade\PCMService.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\sistray.exe C:\WINDOWS\system32\LVComS.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Acer\eManager\anbmServ.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll O2 - BHO: {b23e9ed3-aa05-62e8-c4d4-1bf058b5dc91} - {19cd5b85-0fb1-4d4c-8e26-50aa3de9e32b} - (no file) O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: (no name) - {561D535C-43C9-46A2-8831-2CED465E3E9B} - (no file) O2 - BHO: (no name) - {8559C4FF-9E98-4E09-A4F9-A9B425642EE0} - C:\WINDOWS\system32\ddaba.dll (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {FB9D6781-63D7-4779-B9A6-2A82B0EDCE85} - (no file) O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [320d18a1] rundll32.exe "C:\WINDOWS\system32\qqnucxoi.dll",sitypnow O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab O20 - Winlogon Notify: awtqq - C:\WINDOWS\system32\awtqq.dll (file missing) O20 - Winlogon Notify: jkkklll - jkkklll.dll (file missing) O20 - Winlogon Notify: mllmk - C:\WINDOWS\system32\mllmk.dll (file missing) O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 6891 bytes cheval de Troie : win32 TratBho...