caretdav

mais lsd est installé sur un xp pro valide ! merci pour le lien, je vais voir ce que je peux faire ++

oui, une vieille copie que je traine depuis des années ... mais il me semble que j'ai deja fait appel à ce forum et que ça n'a pas posé de problème ... c si grave que ça ?

le vla ComboFix 08-12-16.03 - CARETDAV 2008-12-17 18:57:02.2 - NTFSx86 Lancé depuis: c:\documents and settings\CARETDAV\Bureau\plop.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\ntnet.drv c:\windows\system32\sysaudio.sys . ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-17 au 2008-12-17 )))))))))))))))))))))))))))))))))))) . 2008-12-17 12:39 . 2008-12-17 12:39 <REP> d-------- c:\windows\system32\fr-fr 2008-12-17 12:38 . 2008-12-17 12:39 1,393 --a------ c:\windows\imsins.BAK 2008-12-17 00:34 . 2008-12-17 00:35 <REP> d-------- c:\windows\AU_Temp 2008-12-17 00:34 . 2008-12-17 00:34 21,463,593 --a------ c:\windows\VPTNFILE.713 2008-12-17 00:34 . 2008-12-17 00:34 21,463,593 --a------ c:\windows\LPT$VPN.713 2008-12-17 00:32 . 2008-12-17 00:32 <REP> d-------- c:\windows\system32\Kaspersky Lab . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-17 17:49 --------- d-----w c:\documents and settings\CARETDAV\Application Data\DNA 2008-12-17 17:30 --------- d-----w c:\program files\Mozilla Thunderbird 2008-12-17 17:29 --------- d-----w c:\program files\DNA 2008-12-16 23:35 91,744 ----a-w c:\windows\BPMNT.dll 2008-12-16 23:35 71,749 ----a-w c:\windows\hcextoutput.dll 2008-12-16 23:35 345,157 ----a-w c:\windows\TSC.exe 2008-12-16 23:35 1,213,784 ----a-w c:\windows\vsapi32.dll 2008-12-16 23:34 69,689 ----a-w c:\windows\UNZIP.DLL 2008-12-16 23:34 507,904 ----a-w c:\windows\TMUPDATE.DLL 2008-12-16 23:34 286,720 ----a-w c:\windows\PATCH.EXE 2008-12-16 18:54 --------- d-----w c:\program files\eMule 2008-12-15 22:23 --------- d-----w c:\documents and settings\CARETDAV\Application Data\BitTorrent 2008-11-23 12:22 --------- d-----w c:\documents and settings\CARETDAV\Application Data\dvdcss 2008-11-05 14:25 --------- d-----w c:\program files\Xvid 2008-11-05 14:21 --------- d-----w c:\program files\Virtual Dub 2008-11-05 14:11 --------- d-----w c:\program files\FLV Player 2008-11-02 10:06 --------- d-----w c:\program files\EasyPHP 2.0b1 2008-10-22 13:11 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-10-21 14:44 --------- d-----w c:\program files\BitTorrent 2008-10-21 14:11 --------- d-----w c:\program files\Microsoft Works 2008-10-21 14:10 --------- d-----w c:\program files\MSBuild 2008-10-21 14:02 --------- d-----w c:\program files\PyGrenouille 2008-09-22 08:58 7,809 ----a-w c:\program files\hijackthis.log 2007-02-04 12:14 1,455 ----a-w c:\program files\Google Earth.lnk 2006-06-06 20:25 278,528 ----a-w c:\program files\Fichiers communs\FDEUnInstaller.exe 2005-02-16 09:06 218,112 ----a-w c:\program files\HijackThis.exe 2000-06-05 15:47 32,768 ----a-w c:\program files\mozilla firefox\plugins\AppSub32.dll 2006-05-06 16:42 7,260,160 ----a-w c:\program files\mozilla firefox\plugins\libvlc.dll . ------- Sigcheck ------- 2005-06-28 17:56 359808 77c0c5e7d6cfe2052b8cf28b8722f528 c:\windows\system32\drivers\tcpip.sys 2005-03-02 19:13 2181632 3e2a0a4a0c0b19fc113618a9562a3b2a c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe 2005-03-02 19:08 2181376 63729dd0f2aae36cc52b89c05505146c c:\windows\Driver Cache\i386\ntoskrnl.exe 2005-06-15 22:00 2321152 bebb29fbd9c14448a7bc12204a362d9e c:\windows\system32\ntoskrnl.exe 2005-06-15 22:01 1036288 cc5b99af6247175a151b0cc4e71c7f58 c:\windows\explorer.exe . ((((((((((((((((((((((((((((( snapshot@2008-09-17_10.55.36.15 ))))))))))))))))))))))))))))))))))))))))) . + 2008-11-05 14:11:25 473,600 ----a-w c:\windows\Applian FLV Player\uninstall.exe + 2008-10-21 14:10:57 4,608 ----a-w c:\windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll + 2008-10-21 14:10:52 31,560 ----a-w c:\windows\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL + 2008-10-21 14:10:55 8,007,680 ----a-w c:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll + 2008-10-21 14:10:52 16,712 ----a-w c:\windows\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll + 2008-10-21 14:10:08 80,696 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll + 2008-10-21 14:10:35 1,612,592 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll + 2008-10-21 14:10:35 1,276,720 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll + 2008-10-21 14:10:35 150,320 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll + 2008-10-21 14:10:52 404,296 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll + 2008-10-21 14:10:35 88,896 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll + 2008-10-21 14:10:35 146,232 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll + 2008-10-21 14:10:35 248,632 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll + 2008-10-21 14:10:35 232,248 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll + 2008-10-21 14:10:35 20,280 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll + 2008-10-21 14:10:35 781,104 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll + 2008-10-21 14:10:55 13,312 ----a-w c:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll - 2007-02-17 19:27:25 371,296 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll + 2008-10-21 14:10:35 371,496 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll + 2008-10-21 14:10:35 64,288 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll + 2008-10-21 14:10:35 416,544 ----a-w c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL + 2008-10-21 14:10:08 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll + 2008-10-21 14:10:09 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll + 2008-10-21 14:10:42 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll + 2008-10-21 14:10:52 12,616 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll + 2008-10-21 14:10:52 12,616 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll + 2008-10-21 14:10:47 12,112 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll + 2008-10-21 14:10:49 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll + 2008-10-21 14:10:43 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll + 2008-10-21 14:10:51 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll + 2008-10-21 14:10:44 12,080 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll + 2008-10-21 14:10:44 11,544 ----a-w c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll - 2008-04-30 00:28:26 71,749 ----a-w c:\windows\AU_Temp\1\27\hcextoutput.dll + 2008-12-10 00:36:32 71,749 ----a-w c:\windows\AU_Temp\1\27\hcextoutput.dll - 2008-04-30 00:28:26 333,576 ----a-w c:\windows\AU_Temp\1\27\TSC.exe + 2008-12-10 00:36:32 345,157 ----a-w c:\windows\AU_Temp\1\27\tsc.exe - 2006-11-22 15:48:28 91,744 ----a-w c:\windows\AU_Temp\2\4\BPMNT.dll + 2006-11-22 16:48:28 91,744 ----a-w c:\windows\AU_Temp\2\4\BPMNT.dll - 2008-03-30 16:55:22 1,213,784 ----a-w c:\windows\AU_Temp\2\4\vsapi32.dll + 2008-03-30 17:55:22 1,213,784 ----a-w c:\windows\AU_Temp\2\4\vsapi32.dll - 1999-07-23 08:53:20 129,536 ----a-w c:\windows\AuHCcup1.dll + 1999-07-23 09:53:20 129,536 ----a-w c:\windows\AuHCcup1.dll - 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE + 2004-08-19 16:09:20 61,440 -c----w c:\windows\ie7\admparse.dll + 2004-08-19 16:09:20 101,888 -c----w c:\windows\ie7\advpack.dll + 2005-05-02 20:57:10 1,020,416 -c----w c:\windows\ie7\browseui.dll + 2004-08-19 16:09:22 35,328 -c----w c:\windows\ie7\corpol.dll + 2004-08-19 16:09:24 357,888 -c----w c:\windows\ie7\dxtmsft.dll + 2004-08-19 16:09:24 201,728 -c----w c:\windows\ie7\dxtrans.dll + 2004-08-19 16:09:26 55,808 -c----w c:\windows\ie7\extmgr.dll + 2004-08-19 16:09:28 38,912 -c----w c:\windows\ie7\hmmapi.dll + 2004-08-19 16:09:56 34,304 -c----w c:\windows\ie7\ie4uinit.exe + 2004-08-19 16:09:28 139,264 -c----w c:\windows\ie7\ieakeng.dll + 2004-08-19 16:09:28 221,696 -c----w c:\windows\ie7\ieaksie.dll + 2001-08-28 14:00:00 245,760 -c----w c:\windows\ie7\ieakui.dll + 2004-08-19 16:09:28 323,584 -c----w c:\windows\ie7\iedkcs32.dll + 2005-05-01 00:19:07 18,432 -c----w c:\windows\ie7\iedw.exe + 2004-08-19 16:09:28 81,920 -c----w c:\windows\ie7\ieencode.dll + 2005-05-02 20:57:10 250,880 -c----w c:\windows\ie7\iepeers.dll + 2004-08-19 16:09:28 49,152 -c----w c:\windows\ie7\iernonce.dll + 2004-08-19 16:09:28 63,488 -c----w c:\windows\ie7\iesetup.dll + 2004-08-19 16:09:56 93,184 -c----w c:\windows\ie7\iexplore.exe + 2004-08-19 16:09:30 35,840 -c----w c:\windows\ie7\imgutil.dll + 2005-05-02 20:57:11 96,768 -c----w c:\windows\ie7\inseng.dll + 2004-08-19 16:09:32 450,560 -c----w c:\windows\ie7\jscript.dll + 2004-08-19 16:09:32 15,872 -c----w c:\windows\ie7\jsproxy.dll + 2004-08-19 16:09:32 22,528 -c----w c:\windows\ie7\licmgr10.dll + 2004-08-19 16:10:00 29,184 -c----w c:\windows\ie7\mshta.exe + 2005-05-02 11:57:12 3,011,072 -c----w c:\windows\ie7\mshtml.dll + 2005-05-02 20:57:11 448,512 -c----w c:\windows\ie7\mshtmled.dll + 2004-08-19 16:08:28 57,344 -c----w c:\windows\ie7\mshtmler.dll + 2001-08-28 14:00:00 146,432 -c----w c:\windows\ie7\msls31.dll + 2005-05-02 20:57:11 146,432 -c----w c:\windows\ie7\msrating.dll + 2004-08-19 16:09:36 530,432 -c----w c:\windows\ie7\mstime.dll + 2004-08-19 16:09:38 97,280 -c----w c:\windows\ie7\occache.dll + 2005-05-02 20:57:11 39,424 -c----w c:\windows\ie7\pngfilt.dll + 2005-05-02 20:57:12 1,484,288 -c----w c:\windows\ie7\shdocvw.dll + 2005-05-02 20:57:12 474,112 -c----w c:\windows\ie7\shlwapi.dll + 2007-09-26 17:34:42 33,472 -c----w c:\windows\ie7\spuninst\iecustom.dll + 2007-09-26 17:32:30 66,048 -c--a-w c:\windows\ie7\spuninst\ieResetIcons.exe + 2006-09-06 16:43:28 216,800 -c----w c:\windows\ie7\spuninst\spuninst.exe + 2006-09-06 16:43:30 394,976 -c----w c:\windows\ie7\spuninst\updspapi.dll + 2004-08-19 16:09:48 37,888 -c----w c:\windows\ie7\url.dll + 2005-05-02 20:57:12 605,696 -c----w c:\windows\ie7\urlmon.dll + 2004-08-19 16:09:48 417,792 -c----w c:\windows\ie7\vbscript.dll + 2004-08-19 16:09:48 848,384 -c----w c:\windows\ie7\vgx.dll + 2004-08-19 16:09:48 281,600 -c----w c:\windows\ie7\webcheck.dll + 2005-05-02 20:57:12 662,016 -c----w c:\windows\ie7\wininet.dll + 2008-10-21 14:11:33 1,165,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2008-10-21 14:11:34 20,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2008-10-21 14:11:33 159,504 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2008-10-21 14:11:34 217,864 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe + 2008-10-21 14:11:34 18,704 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe + 2008-10-21 14:11:34 35,088 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2008-10-21 14:11:33 845,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe + 2008-10-21 14:11:34 922,384 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2008-10-21 14:11:34 272,648 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2008-10-21 14:11:34 888,080 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2008-10-21 14:11:33 1,172,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2008-10-21 14:06:58 217,864 ----a-r c:\windows\Installer\{90120000-006E-040C-0000-0000000FF1CE}\misc.exe + 2002-10-15 13:29:40 77,824 ----a-w c:\windows\loadhttp.dll - 2000-08-31 06:00:00 28,672 ----a-w c:\windows\nircmd.exe + 2000-08-31 07:00:00 28,672 ----a-w c:\windows\nircmd.exe + 2001-12-14 12:34:46 164,864 ----a-w c:\windows\patchw32.dll + 2005-11-02 17:07:12 99,328 ----a-w c:\windows\runtsckl.exe - 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe + 2000-08-31 07:00:00 161,792 ----a-w c:\windows\swreg.exe - 2004-08-19 16:09:20 61,440 ----a-w c:\windows\system32\admparse.dll + 2007-08-13 17:39:20 71,680 ----a-w c:\windows\system32\admparse.dll - 2004-08-19 16:09:20 101,888 ----a-w c:\windows\system32\advpack.dll + 2007-08-13 17:39:00 123,904 ----a-w c:\windows\system32\advpack.dll - 2005-05-02 20:57:10 1,020,416 ----a-w c:\windows\system32\browseui.dll + 2006-09-23 12:12:56 1,022,976 ----a-w c:\windows\system32\browseui.dll - 2008-09-11 15:19:30 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat + 2008-12-16 23:35:46 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat - 2008-09-11 15:19:30 16,384 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-12-16 23:35:46 16,384 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-09-17 09:42:43 262,144 ----a-w c:\windows\system32\config\systemprofile\NtUser.dat - 2004-08-19 16:09:22 35,328 ----a-w c:\windows\system32\corpol.dll + 2007-08-13 17:42:54 17,408 ----a-w c:\windows\system32\corpol.dll + 2007-08-13 17:39:20 71,680 ------w c:\windows\system32\dllcache\admparse.dll + 2007-08-13 17:39:00 123,904 ------w c:\windows\system32\dllcache\advpack.dll + 2006-09-23 12:12:56 1,022,976 ------w c:\windows\system32\dllcache\browseui.dll + 2007-08-13 17:42:54 17,408 ------w c:\windows\system32\dllcache\corpol.dll + 2007-08-13 17:54:10 33,792 ------w c:\windows\system32\dllcache\custsat.dll + 2007-08-13 17:35:46 346,624 ------w c:\windows\system32\dllcache\dxtmsft.dll + 2007-08-13 17:35:38 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll + 2007-08-13 17:54:10 131,584 ------w c:\windows\system32\dllcache\extmgr.dll + 2007-08-13 17:18:02 60,416 ------w c:\windows\system32\dllcache\hmmapi.dll + 2007-08-13 17:39:06 54,784 ------w c:\windows\system32\dllcache\ie4uinit.exe + 2007-08-13 17:39:26 152,064 ------w c:\windows\system32\dllcache\ieakeng.dll + 2007-08-13 17:39:54 229,376 ------w c:\windows\system32\dllcache\ieaksie.dll + 2007-08-13 16:56:54 161,792 ------w c:\windows\system32\dllcache\ieakui.dll + 2007-08-13 17:39:50 382,976 ------w c:\windows\system32\dllcache\iedkcs32.dll + 2007-08-13 17:44:02 69,120 ------w c:\windows\system32\dllcache\iedw.exe + 2007-08-13 17:45:18 78,336 ------w c:\windows\system32\dllcache\ieencode.dll + 2007-08-13 17:54:10 191,488 ------w c:\windows\system32\dllcache\iepeers.dll + 2007-08-13 17:39:10 43,008 ------w c:\windows\system32\dllcache\iernonce.dll + 2007-08-13 17:39:12 55,296 ------w c:\windows\system32\dllcache\iesetup.dll + 2007-08-13 17:43:56 622,080 ------w c:\windows\system32\dllcache\iexplore.exe + 2007-08-13 17:36:06 36,352 ------w c:\windows\system32\dllcache\imgutil.dll + 2007-08-13 17:39:02 92,672 ------w c:\windows\system32\dllcache\inseng.dll + 2007-08-13 17:38:04 491,520 ------w c:\windows\system32\dllcache\jscript.dll + 2007-08-13 17:54:10 27,136 ------w c:\windows\system32\dllcache\jsproxy.dll + 2007-08-13 17:44:18 40,960 ------w c:\windows\system32\dllcache\licmgr10.dll + 2007-08-13 17:32:30 45,568 ------w c:\windows\system32\dllcache\mshta.exe + 2007-08-13 17:54:12 3,578,368 ------w c:\windows\system32\dllcache\mshtml.dll + 2007-08-13 17:54:10 475,648 ------w c:\windows\system32\dllcache\mshtmled.dll + 2007-08-13 17:01:12 48,128 ------w c:\windows\system32\dllcache\mshtmler.dll + 2007-08-13 17:54:10 156,160 ------w c:\windows\system32\dllcache\msls31.dll + 2007-08-13 17:44:26 192,000 ------w c:\windows\system32\dllcache\msrating.dll + 2007-08-13 17:54:10 670,720 ------w c:\windows\system32\dllcache\mstime.dll + 2007-08-13 17:44:06 101,376 ------w c:\windows\system32\dllcache\occache.dll + 2007-08-13 17:36:12 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll + 2006-09-23 12:12:56 1,497,088 ------w c:\windows\system32\dllcache\shdocvw.dll + 2006-09-23 12:12:56 474,624 ------w c:\windows\system32\dllcache\shlwapi.dll + 2007-08-13 17:44:30 105,984 ------w c:\windows\system32\dllcache\url.dll + 2007-08-13 17:54:10 1,162,240 ------w c:\windows\system32\dllcache\urlmon.dll + 2007-08-13 17:54:10 413,696 ------w c:\windows\system32\dllcache\vbscript.dll + 2007-08-13 17:54:10 765,952 ------w c:\windows\system32\dllcache\VGX.dll + 2007-08-13 17:54:10 231,424 ------w c:\windows\system32\dllcache\webcheck.dll + 2007-08-13 17:54:10 818,688 ------w c:\windows\system32\dllcache\wininet.dll + 2008-05-09 11:15:51 45,376 ----a-w c:\windows\system32\drivers\avgntdd.sys + 2008-01-21 16:11:28 22,336 ----a-w c:\windows\system32\drivers\avgntmgr.sys + 2008-11-25 12:37:40 75,072 ----a-w c:\windows\system32\drivers\avipbb.sys + 2007-03-01 08:34:22 28,352 ----a-w c:\windows\system32\drivers\ssmdrv.sys - 2004-08-19 16:09:24 357,888 ----a-w c:\windows\system32\dxtmsft.dll + 2007-08-13 17:35:46 346,624 ----a-w c:\windows\system32\dxtmsft.dll - 2004-08-19 16:09:24 201,728 ----a-w c:\windows\system32\dxtrans.dll + 2007-08-13 17:35:38 214,528 ----a-w c:\windows\system32\dxtrans.dll - 2004-08-19 16:09:26 55,808 ----a-w c:\windows\system32\extmgr.dll + 2007-08-13 17:54:10 131,584 ----a-w c:\windows\system32\extmgr.dll - 2003-08-03 17:56:16 1,146,184 ----a-w c:\windows\system32\FM20.DLL + 2006-10-26 12:10:08 1,190,688 ----a-w c:\windows\system32\FM20.DLL + 2006-10-26 12:10:06 33,088 ----a-w c:\windows\system32\FM20ENU.DLL - 2003-07-31 18:46:08 42,128 ----a-w c:\windows\system32\FM20FRA.DLL + 2006-10-26 12:42:36 36,160 ----a-w c:\windows\system32\FM20FRA.DLL - 2008-07-27 09:30:06 504,216 ----a-w c:\windows\system32\FNTCACHE.DAT + 2008-11-20 12:39:09 572,048 ----a-w c:\windows\system32\FNTCACHE.DAT + 2007-08-13 17:36:26 61,952 ------w c:\windows\system32\icardie.dll + 2006-06-29 07:05:44 26,112 ------w c:\windows\system32\idndl.dll - 2004-08-19 16:09:56 34,304 ----a-w c:\windows\system32\ie4uinit.exe + 2007-08-13 17:39:06 54,784 ----a-w c:\windows\system32\ie4uinit.exe - 2004-08-19 16:09:28 139,264 ----a-w c:\windows\system32\ieakeng.dll + 2007-08-13 17:39:26 152,064 ----a-w c:\windows\system32\ieakeng.dll - 2004-08-19 16:09:28 221,696 ----a-w c:\windows\system32\ieaksie.dll + 2007-08-13 17:39:54 229,376 ----a-w c:\windows\system32\ieaksie.dll - 2001-08-28 14:00:00 245,760 ----a-w c:\windows\system32\ieakui.dll + 2007-08-13 16:56:54 161,792 ----a-w c:\windows\system32\ieakui.dll + 2007-02-12 15:10:12 2,451,312 ------w c:\windows\system32\ieapfltr.dat + 2007-07-11 11:27:48 383,488 ------w c:\windows\system32\ieapfltr.dll - 2004-08-19 16:09:28 323,584 ----a-w c:\windows\system32\iedkcs32.dll + 2007-08-13 17:39:50 382,976 ----a-w c:\windows\system32\iedkcs32.dll - 2004-08-19 16:09:28 81,920 ----a-w c:\windows\system32\ieencode.dll + 2007-08-13 17:45:18 78,336 ----a-w c:\windows\system32\ieencode.dll + 2007-08-13 17:54:10 6,049,280 ------w c:\windows\system32\ieframe.dll - 2005-05-02 20:57:10 250,880 ----a-w c:\windows\system32\iepeers.dll + 2007-08-13 17:54:10 191,488 ----a-w c:\windows\system32\iepeers.dll - 2004-08-19 16:09:28 49,152 ----a-w c:\windows\system32\iernonce.dll + 2007-08-13 17:39:10 43,008 ----a-w c:\windows\system32\iernonce.dll + 2007-08-13 17:34:04 266,752 ------w c:\windows\system32\iertutil.dll - 2004-08-19 16:09:28 63,488 ----a-w c:\windows\system32\iesetup.dll + 2007-08-13 17:39:12 55,296 ----a-w c:\windows\system32\iesetup.dll + 2007-08-13 17:39:10 13,312 ----a-w c:\windows\system32\ieudinit.exe + 2007-08-13 17:54:10 180,736 ------w c:\windows\system32\ieui.dll - 2004-08-19 16:09:30 35,840 ----a-w c:\windows\system32\imgutil.dll + 2007-08-13 17:36:06 36,352 ----a-w c:\windows\system32\imgutil.dll - 2002-08-21 04:10:16 204,800 ----a-w c:\windows\system32\INKED.DLL + 2006-10-26 11:45:04 207,360 ----a-w c:\windows\system32\INKED.DLL - 2005-05-02 20:57:11 96,768 ----a-w c:\windows\system32\inseng.dll + 2007-08-13 17:39:02 92,672 ----a-w c:\windows\system32\inseng.dll - 2004-08-19 16:09:32 450,560 ----a-w c:\windows\system32\jscript.dll + 2007-08-13 17:38:04 491,520 ----a-w c:\windows\system32\jscript.dll - 2004-08-19 16:09:32 15,872 ----a-w c:\windows\system32\jsproxy.dll + 2007-08-13 17:54:10 27,136 ----a-w c:\windows\system32\jsproxy.dll + 2005-05-16 18:34:48 213,048 ----a-w c:\windows\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavss.dll + 2005-10-13 11:00:58 65,536 ----a-w c:\windows\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavuninstall.exe + 2005-10-13 11:00:56 790,528 ----a-w c:\windows\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavwebscan.dll - 2004-08-19 16:09:32 22,528 ----a-w c:\windows\system32\licmgr10.dll + 2007-08-13 17:44:18 40,960 ----a-w c:\windows\system32\licmgr10.dll - 2007-11-21 00:52:38 2,884,992 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll + 2008-10-05 03:24:02 3,695,008 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll - 2007-11-21 00:52:40 218,496 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe + 2008-10-05 03:24:04 235,936 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe - 2008-02-29 09:51:51 70,264 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe + 2008-10-30 18:37:25 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe - 2003-06-19 00:31:48 17,920 ----a-w c:\windows\system32\mdimon.dll + 2006-10-26 17:58:10 30,512 ----a-w c:\windows\system32\mdimon.dll + 2007-08-13 17:54:10 458,752 ------w c:\windows\system32\msfeeds.dll + 2007-08-13 17:54:10 50,688 ------w c:\windows\system32\msfeedsbs.dll + 2007-08-13 17:36:40 12,288 ------w c:\windows\system32\msfeedssync.exe - 2004-08-19 16:10:00 29,184 ----a-w c:\windows\system32\mshta.exe + 2007-08-13 17:32:30 45,568 ----a-w c:\windows\system32\mshta.exe - 2005-05-02 11:57:12 3,011,072 ----a-w c:\windows\system32\mshtml.dll + 2007-08-13 17:54:12 3,578,368 ----a-w c:\windows\system32\mshtml.dll - 2005-05-02 20:57:11 448,512 ----a-w c:\windows\system32\mshtmled.dll + 2007-08-13 17:54:10 475,648 ----a-w c:\windows\system32\mshtmled.dll - 2004-08-19 16:08:28 57,344 ----a-w c:\windows\system32\mshtmler.dll + 2007-08-13 17:01:12 48,128 ----a-w c:\windows\system32\mshtmler.dll - 2001-08-28 14:00:00 146,432 ----a-w c:\windows\system32\msls31.dll + 2007-08-13 17:54:10 156,160 ----a-w c:\windows\system32\msls31.dll - 2005-05-02 20:57:11 146,432 ----a-w c:\windows\system32\msrating.dll + 2007-08-13 17:44:26 192,000 ----a-w c:\windows\system32\msrating.dll - 2004-08-19 16:09:36 530,432 ----a-w c:\windows\system32\mstime.dll + 2007-08-13 17:54:10 670,720 ----a-w c:\windows\system32\mstime.dll + 2006-06-28 16:59:26 24,576 ------w c:\windows\system32\nlsdl.dll + 2006-06-29 07:05:44 23,552 ------w c:\windows\system32\normaliz.dll - 2004-08-19 16:09:38 97,280 ----a-w c:\windows\system32\occache.dll + 2007-08-13 17:44:06 101,376 ----a-w c:\windows\system32\occache.dll - 2008-09-16 10:24:14 53,608 ----a-w c:\windows\system32\perfc009.dat + 2008-12-17 11:47:12 53,608 ----a-w c:\windows\system32\perfc009.dat - 2008-09-16 10:24:14 64,492 ----a-w c:\windows\system32\perfc00C.dat + 2008-12-17 11:47:12 64,492 ----a-w c:\windows\system32\perfc00C.dat - 2008-09-16 10:24:14 383,254 ----a-w c:\windows\system32\perfh009.dat + 2008-12-17 11:47:12 383,254 ----a-w c:\windows\system32\perfh009.dat - 2008-09-16 10:24:14 447,772 ----a-w c:\windows\system32\perfh00C.dat + 2008-12-17 11:47:12 447,772 ----a-w c:\windows\system32\perfh00C.dat - 2005-05-02 20:57:11 39,424 ----a-w c:\windows\system32\pngfilt.dll + 2007-08-13 17:36:12 44,544 ----a-w c:\windows\system32\pngfilt.dll - 2005-05-02 20:57:12 1,484,288 ----a-w c:\windows\system32\shdocvw.dll + 2006-09-23 12:12:56 1,497,088 ----a-w c:\windows\system32\shdocvw.dll - 2005-05-02 20:57:12 474,112 ----a-w c:\windows\system32\shlwapi.dll + 2006-09-23 12:12:56 474,624 ----a-w c:\windows\system32\shlwapi.dll - 2003-06-19 00:31:44 758,784 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mdigraph.dll + 2006-10-26 17:58:24 793,392 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mdigraph.dll - 2003-06-19 00:31:46 35,328 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mdiui.dll + 2006-10-26 17:58:16 65,328 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mdiui.dll - 2003-06-19 00:31:44 758,784 ----a-w c:\windows\system32\spool\drivers\w32x86\mdigraph.dll + 2006-10-26 17:58:24 793,392 ----a-w c:\windows\system32\spool\drivers\w32x86\mdigraph.dll - 2003-06-19 00:31:46 35,328 ----a-w c:\windows\system32\spool\drivers\w32x86\mdiui.dll + 2006-10-26 17:58:16 65,328 ----a-w c:\windows\system32\spool\drivers\w32x86\mdiui.dll - 2003-06-19 00:31:48 18,944 ----a-w c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll + 2006-10-26 17:58:12 30,512 ----a-w c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll - 2004-08-19 16:09:48 37,888 ----a-w c:\windows\system32\url.dll + 2007-08-13 17:44:30 105,984 ----a-w c:\windows\system32\url.dll - 2005-05-02 20:57:12 605,696 ----a-w c:\windows\system32\urlmon.dll + 2007-08-13 17:54:10 1,162,240 ----a-w c:\windows\system32\urlmon.dll - 2004-08-19 16:09:48 417,792 ----a-w c:\windows\system32\vbscript.dll + 2007-08-13 17:54:10 413,696 ----a-w c:\windows\system32\vbscript.dll - 2004-08-19 16:09:48 281,600 ----a-w c:\windows\system32\webcheck.dll + 2007-08-13 17:54:10 231,424 ----a-w c:\windows\system32\webcheck.dll + 2007-08-13 17:45:16 206,336 ------w c:\windows\system32\WinFXDocObj.exe - 2005-05-02 20:57:12 662,016 ----a-w c:\windows\system32\wininet.dll + 2007-08-13 17:54:10 818,688 ----a-w c:\windows\system32\wininet.dll - 2002-08-21 04:13:12 189,952 ----a-w c:\windows\system32\WISPTIS.EXE + 2006-10-26 11:45:04 293,376 ----a-w c:\windows\system32\WISPTIS.EXE + 2006-07-14 15:51:51 121,856 ------w c:\windows\system32\xmllite.dll - 2006-04-20 14:00:02 856,064 ----a-w c:\windows\system32\xvidcore.dll + 2006-11-01 13:52:38 765,952 ----a-w c:\windows\system32\xvidcore.dll - 2006-02-27 13:30:34 217,088 ----a-w c:\windows\system32\xvidvfw.dll + 2006-11-01 13:54:30 180,224 ----a-w c:\windows\system32\xvidvfw.dll . -- Instantané actualisé -- . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-11-12 342336] "LClock"="lclock.exe" [2004-12-08 c:\windows\LClock.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696] "SoundMan"="SOUNDMAN.EXE" [2005-04-15 c:\windows\SOUNDMAN.EXE] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 c:\windows\KHALMNPR.Exe] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 c:\windows\KHALMNPR.Exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "LSD_III"="c:\windows\LSD\end.cmd" [2005-07-14 2310] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-19 44544] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-06-04 688128] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSMBalloonTip"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2007-01-30 01:15 65536 c:\program files\Fichiers communs\Logitech\Bluetooth\LBTWlgn.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.X264"= x264vfw.dll "VIDC.3iv2"= 3ivxVfWCodec.dll "VIDC.HFYU"= huffyuv.dll "vidc.i263"= i263_32.drv "VIDC.VP31"= vp31vfw.dll "msacm.l3fhg"= mp3fhg.acm "msacm.imc"= imc32.acm "VIDC.VP40"= vp4vfw.dll "vidc.mpng"= c:\program files\Zweistein t@b (montage video)\0.957\686\tabdec.dll "vidc.mvjp"= c:\program files\Zweistein t@b (montage video)\0.957\686\tabdec.dll "vidc.444p"= c:\program files\Zweistein t@b (montage video)\0.957\686\tabdec.dll "aux"= sysaudio.sys [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BTTray.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk backup=c:\windows\pss\BTTray.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] --a------ 2008-07-22 19:42 116040 c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] --a------ 2005-10-28 16:25 94208 c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] --a------ 2007-08-31 20:01 1037736 c:\program files\Microsoft IntelliPoint\ipoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero DriveSpeed] --a------ 2005-10-24 23:36 602112 c:\progra~1\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-05-27 09:50 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16bf31b0-83f1-11dd-b427-806d6172696f}] \Shell\AutoRun\command - H:\WDSetup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c5e46f7-3ce7-11dc-b277-0013d48d8831}] \Shell\AutoRun\command - H:\LaunchU3.exe . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s IE: E&xporter vers Microsoft Excel - c:\progra~1\Microsoft Office\Office12\EXCEL.EXE/3000 IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm FF - ProfilePath - c:\documents and settings\CARETDAV\Application Data\Mozilla\Firefox\Profiles\x2g5djz7.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - plugin: c:\program files\DNA\plugins\npbtdna.dll FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJPI150_07.dll FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAdbESD.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NpIpx32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npvlc.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-17 18:57:40 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(736) c:\windows\system32\Ati2evxx.dll c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll c:\program files\fichiers communs\logitech\bluetooth\LBTServ.dll c:\program files\fichiers communs\logitech\bluetooth\lbtintw.dll c:\windows\system32\BtCoreIf.dll . Heure de fin: 2008-12-17 18:58:13 ComboFix-quarantined-files.txt 2008-12-17 17:58:00 ComboFix2.txt 2008-09-17 08:55:53 ComboFix3.txt 2007-06-06 19:24:18 Avant-CF: 20 191 866 880 octets libres Après-CF: 20,197,249,024 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect 484

bonjour, j'ai un souci de redirection google sur des sites comme bediddle.com, lesmeilleursliens.com, moxiesearch.com etc. ils apparaissent systematiquement dans mes premiers resulats de recherche. voici un rapport hijackthis tout frais, merci pour votre aide précieuse ! ++ david ---------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:44:43, on 17/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\lclock.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe D:\telechargements\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file) O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [LClock] lclock.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User '?') O4 - HKUS\S-1-5-21-1957994488-682003330-839522115-1003\..\Run: [LClock] lclock.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-18\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing) -- End of file - 7786 bytes