Dancamelonat

C'est ce que je vous ai dit, j'avais déjà tout désinstaller avant de poser la question et j'assume. Mon problème n'est pas la perte de mes favoris malgré ma déception mais le fait de ne pas pouvoir ouvrir cette application et m'en servir. Je n'aime pas du tout travailler avec internet explorer et on me l'avaii déconseillé ici comme naviguateur de tout les jours. Je vais voir ce que je peux faire en mode sans échec et vous reviens.Merci.

On m'avait suggéré d'éliminer toutes traces et réinstaller. Alors je n'ai plus rien. Je croyais avoir sauvegardeé mes marque-pages ce qui ne semble pas le cas. Je suis tellment déçu d'avoir tout perdu! J'ai tenté de réinstaller à neuf et ça ne fonctionne pas. Je reçois ce message " le point d'entrée de procédure NSS_InitializePRErrorTable est introuvable dans la bibliothèque de liaisons nssutil3.dll " Même si je tente veotre manoeuvre pour un créer un nouveau profil j'ai aussi ce message. De plus pour moi Internet Exploerre plante régulièrement. Il gèle!

Euh...il n'y plus rien à ce que je comprends? Je ne peux toujours pas exécuter Mozilla Firefox. Peut-être dois-je poster mon problème dans la section software?

voilà Rapport de ZHPFix 1.12.3380 par Nicolas Coolman, Update du 05/02/2011 Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-2012-02-09-18-15-34.txt Run by Administrateur at 2012-02-09 18:15:34 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com ========== Clé(s) du Registre ========== ABSENT Key: HKLM\Software\OpenCandy SUPPRIME Key: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7ee743314c844c7f445b8b1d7617612df1fdd50f ABSENT Key: HKLM\Software\Canneverbe Limited\OpenCandy SUPPRIME Driver Key: npclsifw ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eee6c35b-6118-11dc-9c72-001320c79847} ABSENT Key: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847} ========== Valeur(s) du Registre ========== SUPPRIME IFC: [FEATURE_BROWSER_EMULATION] svchost.exe ABSENT IFC: [FEATURE_BROWSER_EMULATION] svchost.exe Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Dossier(s) ========== ABSENT C:\Documents and Settings\Administrateur\Local Settings\Application Data\OpenCandy SUPPRIME Folder: C:\Program Files\Spybot - Search & Destroy SUPPRIME Flash Cookies: 137 SUPPRIME Temporaires Windows: : 92 ========== Fichier(s) ========== ABSENT Folder/File: c:\documents and settings\administrateur\local settings\application data\opencandy SUPPRIME Flash Cookies: 55 SUPPRIME Temporaires Windows: : 987 ========== Autre ========== NON TRAITE PROCESSUS MALWARE (Rootkit, trojan, ver, spyware, adware,...) NON TRAITE detected hooks: NON TRAITE Warning: possible MBR rootkit infection ! NON TRAITE PROCESSUS SUPERFLU DU SYSTEME NON TRAITE TOOLBAR INUTILE (Navigateur internet) ========== Récapitulatif ========== 6 : Clé(s) du Registre 3 : Valeur(s) du Registre 4 : Dossier(s) 3 : Fichier(s) 5 : Autre End of clean in 00mn 15s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 2012-02-09 18:15:34 [2012]

Je suis un peu perdue, là. Spybot n'est pas installé sur mon PC, je ne l'utilise plus depuis longtemps et l'avais désinstallé. De plus, je ne travaille pas sous Vista mais sous Windows XP. Alors je reprends où ?

Voilà pour le rapport de MBAM Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Version de la base de données: v2012.02.03.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Administrateur :: PANASONI-D546DF [administrateur] 2012-02-05 20:05:17 mbam-log-2012-02-05 (20-05-17).txt Type d'examen: Examen complet Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 314677 Temps écoulé: 2 heure(s), 50 minute(s), 24 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 0 (Aucun élément nuisible détecté) (fin)

Pour TDSSKiller Mon lien Pour AdwCleaner Mon lien et Mon lien Pour MBAM je n'ai pas pu copier le rapport car on a fermé monPC à mon inssu. Par contre j'ai vu qu'il avait trouvé une menace qu'il a traité avec succès. Je suis à refaire un nouveau scan et poste le rapport dès que terminé afin de m'assurer avec vous que tout est OK.

Voilà Mon lien

Voilà Mon lien

Bonjour, J'ai un sérieux problème de ralentissement de mon PC ces derniers temps, suite à une infection détectée par ZoneAlarm. Il semblerait que c'était un Trojan, qui semble avoir disparu... Mais bon, je n'en suis pas certaine. Je n'arrive plus à installer Mozilla Firefox, malgré désinstallation et nettoyage. Je ne sais même pas pourquoi il a cessé de fonctionner, d'ailleurs. Internet explorer est un calvaire pour moi. La pire tortue ! Plus il y a d'onglets actifs et pire c'est. Je ne sais pas s'il y a un lien entre tout ça mais une chose est sûre, quelque chose cloche et je ne sais pas si je suis toujours infectée. Merci d'avance pour votre aide.

Tout est parfait!!! Plus aucun symptôme!!! Je suis à terminer d'appliquer vos dernières recommandations. Un grand merci à vous pour votre aide et la qualité de service. Malgré le décalage horaire j'ai toujours reçu des réponses efficaces et rapides. Tellement apprécié quand on a des problèmes et qu'on veut les régler.

Désolée, pour le moment c'est le calme plat !!! depuis ce matin je regarde ce qui se passe, j'ai aussi ouvert internet explorer et tout est bon jusqu'à maintenant. Plus de symptômes. Je suis vraiment contente. Peut-on envisager crier victoire bientôt? Merci pour votre aide.

Bonjour à toi Voici le rapport ComboFix 11-05-10.02 - Administrateur 2011-05-11 7:57.2.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.1014.597 [GMT -4:00] Lancé depuis: c:\documents and settings\Administrateur\Bureau\ComboFix.exe FW: ZoneAlarm Extreme Security Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrateur\Local Settings\Application Data\tvwskclkxc.dat c:\documents and settings\Administrateur\Local Settings\Application Data\tvwskclkxc_nav.dat c:\documents and settings\Administrateur\Local Settings\Application Data\tvwskclkxc_navps.dat . Une copie infectée de c:\windows\system32\kernel32.dll a été trouvée et désinfectée Copie restaurée à partir de - c:\windows\ERDNT\cache\kernel32.dll . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-11 au 2011-05-11 )))))))))))))))))))))))))))))))))))) . . 2011-05-10 13:15 . 2011-05-10 13:15 -------- d-----w- c:\documents and settings\Administrateur\DoctorWeb 2011-05-10 00:41 . 2011-05-10 00:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky SDK 2011-05-09 12:25 . 2011-05-09 12:25 -------- d-----w- C:\_OTL 2011-05-07 19:57 . 2011-05-07 19:57 512 ----a-w- C:\PhysicalMBR.bin 2011-05-06 01:42 . 2011-05-06 01:42 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2011-05-06 01:36 . 2011-05-08 18:54 -------- d-----w- c:\program files\ZHPDiag 2011-05-06 01:07 . 2011-05-06 01:07 -------- d-----r- c:\documents and settings\LocalService\Favoris 2011-05-05 10:47 . 2011-04-14 16:47 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-05-05 10:47 . 2011-04-14 16:47 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2011-05-05 10:47 . 2011-04-14 16:47 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2011-05-05 10:47 . 2011-04-14 16:47 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2011-05-05 10:47 . 2011-04-14 16:47 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2011-05-05 10:47 . 2011-04-14 16:47 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2011-05-05 10:47 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll 2011-05-05 10:47 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll 2011-05-05 00:08 . 2010-12-20 22:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-05 00:07 . 2010-12-20 22:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-05 00:07 . 2011-05-05 03:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-05-04 02:50 . 2011-05-04 02:50 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2011-05-03 22:02 . 2011-05-03 22:02 -------- d-----w- c:\documents and settings\Administrateur\Application Data\MailFrontier 2011-05-03 17:43 . 2010-08-29 06:53 72704 ----a-w- c:\windows\zllsputility.exe 2011-05-03 17:43 . 2009-10-12 22:15 128016 ----a-w- c:\windows\system32\drivers\kl1.sys 2011-05-03 17:41 . 2010-08-29 06:53 69120 ----a-w- c:\windows\system32\zlcomm.dll 2011-05-03 17:41 . 2010-08-29 06:53 103936 ----a-w- c:\windows\system32\zlcommdb.dll 2011-05-03 17:41 . 2011-05-03 18:40 -------- d-----w- c:\windows\system32\ZoneLabs 2011-05-03 17:41 . 2010-08-29 06:53 1238528 ----a-w- c:\windows\system32\zpeng25.dll 2011-05-03 17:41 . 2011-05-03 17:41 -------- d-----w- c:\program files\Zone Labs 2011-05-03 17:29 . 2011-05-11 12:11 -------- d-----w- c:\windows\Internet Logs 2011-05-03 17:06 . 2011-05-03 17:06 -------- d-----r- c:\documents and settings\NetworkService\Favoris 2011-05-03 16:43 . 2011-05-03 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2011-05-03 16:43 . 2011-05-03 16:43 -------- d-----w- c:\documents and settings\Administrateur\Application Data\TuneUp Software 2011-05-03 14:56 . 2011-05-03 14:59 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe 2011-05-03 00:09 . 2011-05-04 22:53 -------- d-----w- c:\documents and settings\All Users\Application Data\dL28603GgIgF28603 2011-05-03 00:01 . 2011-05-03 00:01 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes 2011-05-03 00:00 . 2011-05-03 00:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-05-02 01:17 . 2011-05-02 01:17 -------- d-----w- c:\documents and settings\All Users\Application Data\SlySoft 2011-05-02 01:08 . 2011-05-02 01:24 -------- d-----w- c:\program files\SlySoft 2011-05-02 00:20 . 2011-05-02 00:20 126976 --sha-r- c:\windows\system32\iac25_32X.dll 2011-04-22 13:20 . 2011-04-22 14:07 -------- d-----w- C:\Impot 2010 2011-04-13 21:14 . 2011-04-13 21:14 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS 2011-04-13 21:01 . 2008-04-13 17:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2011-04-13 21:01 . 2008-04-13 17:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2011-04-13 20:55 . 2011-04-13 20:55 -------- d-----w- c:\program files\Fichiers communs\Hewlett-Packard 2011-04-13 20:47 . 2011-04-13 21:14 -------- d-----w- c:\program files\Hewlett-Packard . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-07 05:33 . 2007-07-03 18:43 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-03-04 06:36 . 2004-08-05 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-03-03 13:53 . 2004-08-05 12:00 1858048 ----a-w- c:\windows\system32\win32k.sys 2011-02-22 23:05 . 2004-08-05 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2011-02-22 23:05 . 2004-08-05 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-02-22 23:05 . 2004-08-05 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-02-22 11:42 . 2004-08-05 12:00 385024 ----a-w- c:\windows\system32\html.iec 2011-02-17 13:18 . 2004-08-05 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-02-17 13:18 . 2004-08-05 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys 2011-02-17 12:54 . 2008-05-05 11:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll 2011-02-15 12:56 . 2004-08-05 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll 2011-04-14 16:47 . 2011-05-05 10:47 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872] "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200] "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752] "WSwitch"="c:\program files\Panasonic\WSwitch\WSwitch.exe" [2007-03-20 726672] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-21 134656] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2010-10-13 1040384] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-01-22 40368] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-08-29 1039360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ZAFFRegisterTrustChecker"="-s" [X] "ZAFFRegisterTrustCheckerIE"="-s" [X] . c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ hp officejet 4100 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe [2003-4-6 147456] hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672] . [HKLM\~\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 3.0.lnk] path=c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.0.lnk backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-01-22 05:05 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2008-07-10 13:47 116040 ----a-w- c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] 2005-12-10 14:57 133016 ----a-w- c:\program files\DAEMON Tools\daemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gestionnaire Antidote.exe] 2007-09-24 02:55 533944 ----a-w- c:\program files\Druide\Antidote\Gestionnaire Antidote.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 15:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2010-04-17 02:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-03-29 15:29 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "CTFMON.EXE"=c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" "Panasonic Hotkey Manager"=c:\program files\Panasonic\Hotkey Appendix\HKEYAPP.EXE "ShwiconXP"=c:\program files\Multimedia Card Reader\ShwiconXP.exe "Persistence"=c:\windows\system32\igfxpers.exe "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" "HotKeysCmds"=c:\windows\system32\hkcmd.exe "USBDetector"=c:\usbstorage\USBDetector.exe "PCinfo"=c:\program files\Panasonic\pcinfo\PcInfoUt.exe "SoundMAXPnP"=c:\program files\Analog Devices\Core\smax4pnp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= . R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-01-07 20744] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-10-09 642560] R2 ISWKL;ZoneAlarm ForceField ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2009-02-12 26352] R2 IswSvc;ZoneAlarm ForceField IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [2009-02-12 493032] R2 PcInfoPi;Panasonic PC Information Viewer Service 2;c:\program files\Panasonic\pcinfo\PCInfoPi.exe [2007-07-03 54928] R2 PcInfoSV;Panasonic PC Information Viewer;c:\program files\Panasonic\pcinfo\PCInfoSV.exe [2007-07-03 186000] R3 icsak;icsak;c:\program files\CheckPoint\ZAForceField\AK\icsak.sys [2009-02-12 35568] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-07-03 36352] R3 NewMisc;Panasonic Misc Driver;c:\windows\system32\drivers\newmisc.sys [2007-07-03 42624] S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2008-12-07 30088] S3 CBEN5;Pilote de la famille de carte CardBus Ethernet 10/100 Xircom;c:\windows\system32\drivers\cben5.sys [2007-09-06 46108] S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-07-02 26248] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys --> c:\windows\system32\DRIVERS\wdcsam.sys [?] . Contenu du dossier 'Tâches planifiées' . 2011-05-11 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-29 15:29] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.ca/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab DPF: {03A89EFD-E023-8600-A22D-45F77558EB4C} - hxxp://e2icommconf.e2impact.com/download/ilinci86.dll DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\ FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official FF - prefs.js: network.proxy.type - 0 FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-05-11 08:10 Windows 5.1.2600 Service Pack 3 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-2843922286-2270138109-1441698907-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c0,e9,1f,0f,ab,fc,b7,4c,92,26,02,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c0,e9,1f,0f,ab,fc,b7,4c,92,26,02,\ . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'winlogon.exe'(1272) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll c:\program files\CheckPoint\ZAForceField\AK\icsak.dll . - - - - - - - > 'lsass.exe'(1364) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll c:\program files\CheckPoint\ZAForceField\AK\icsak.dll . - - - - - - - > 'explorer.exe'(1180) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll c:\program files\CheckPoint\ZAForceField\AK\icsak.dll c:\progra~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . - - - - - - - > 'csrss.exe'(1148) c:\program files\CheckPoint\ZAForceField\AK\akconsole.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\CDBurnerXP\NMSAccessU.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\program files\Photodex\ProShowProducer\ScsiAccess.exe c:\program files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe c:\program files\Intel\Wireless\Bin\Dot1XCfg.exe c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpoFXM08.exe c:\progra~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe . ************************************************************************** . Heure de fin: 2011-05-11 08:18:30 - La machine a redémarré ComboFix-quarantined-files.txt 2011-05-11 12:18 ComboFix2.txt 2011-05-09 20:27 . Avant-CF: 34 067 697 664 octets libres Après-CF: 34 083 590 144 octets libres . - - End Of File - - 2B0D7B2EC4B3669AFD3ADA9095560D1E

OTL logfile created on: 2011-05-10 13:55:44 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrateur\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd 1 014,00 Mb Total Physical Memory | 495,00 Mb Available Physical Memory | 49,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 32,29 Gb Free Space | 43,33% Space Free | Partition Type: NTFS Drive F: | 241,13 Mb Total Space | 155,53 Mb Free Space | 64,50% Space Free | Partition Type: FAT Drive G: | 14,90 Gb Total Space | 1,60 Gb Free Space | 10,73% Space Free | Partition Type: FAT32 Computer Name: PANASONI-D546DF | User Name: Administrateur | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011-05-07 15:53:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe PRC - [2010-08-29 02:54:52 | 002,434,568 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe PRC - [2010-08-29 02:53:14 | 001,039,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe PRC - [2010-08-27 05:34:02 | 000,493,032 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe PRC - [2010-08-27 05:34:00 | 000,730,600 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe PRC - [2010-03-04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2009-10-16 10:31:38 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShowProducer\scsiaccess.exe PRC - [2009-03-30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009-03-30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2008-07-10 09:47:18 | 000,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2008-04-13 22:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-03-20 16:37:38 | 000,726,672 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\WSwitch\WSwitch.exe PRC - [2007-02-21 11:19:58 | 000,819,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2007-02-21 11:17:42 | 000,970,752 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe PRC - [2007-02-21 11:13:26 | 000,487,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe PRC - [2007-02-12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007-02-12 13:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2006-12-21 20:47:24 | 000,186,000 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe PRC - [2006-11-28 12:53:52 | 000,054,928 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe PRC - [2003-04-06 01:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe ========== Modules (SafeList) ========== MOD - [2011-05-07 15:53:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe MOD - [2010-08-27 05:34:08 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll MOD - [2010-08-27 05:33:58 | 000,562,664 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\AK\icsak.dll MOD - [2010-08-23 12:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2008-07-25 11:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll MOD - [2008-07-25 11:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll ========== Win32 Services (SafeList) ========== SRV - [2011-05-03 22:50:36 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010-08-29 02:54:52 | 002,434,568 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stop_Pending] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2010-08-27 05:34:02 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc) SRV - [2010-03-04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009-10-16 10:31:38 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowProducer\scsiaccess.exe -- (ScsiAccess) SRV - [2009-03-30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2008-11-04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008-07-10 09:47:18 | 000,116,040 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2007-02-12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2006-12-21 20:47:24 | 000,186,000 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe -- (PcInfoSV) SRV - [2006-11-28 12:53:52 | 000,054,928 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe -- (PcInfoPi) SRV - [2006-10-26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005-04-04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003-03-09 16:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) ========== Driver Services (SafeList) ========== DRV - [2010-08-27 05:33:54 | 000,035,568 | ---- | M] (Check Point Software Technologies) [Kernel | On_Demand | Running] -- C:\Program Files\CheckPoint\ZAForceField\AK\icsak.sys -- (icsak) DRV - [2010-08-27 05:33:54 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV - [2010-06-09 19:16:12 | 000,528,128 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2009-11-12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009-10-14 12:29:54 | 000,030,880 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL) DRV - [2009-10-12 18:15:30 | 000,317,072 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2009-01-07 23:39:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus) DRV - [2008-12-07 12:44:54 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs) DRV - [2008-07-02 14:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs) DRV - [2007-10-09 20:56:39 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi) DRV - [2007-10-09 20:52:16 | 000,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2007-03-02 16:56:24 | 000,042,624 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\newmisc.sys -- (NewMisc) DRV - [2007-02-25 06:05:24 | 002,203,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Pilote de carte Intel® DRV - [2007-02-21 11:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2006-12-22 07:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2006-12-22 07:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2006-12-22 07:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2006-11-14 06:48:36 | 000,019,840 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hotkey.sys -- (HOTKEY) DRV - [2005-10-21 07:19:34 | 000,036,352 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM) DRV - [2005-01-31 06:20:03 | 000,211,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928) DRV - [2005-01-31 06:12:46 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2001-08-17 20:13:14 | 000,046,108 | ---- | M] (Xircom, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cben5.sys -- (CBEN5) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official" FF - prefs.js..extensions.enabledItems: [email protected]:1.0 FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.152.14 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0 FF - prefs.js..extensions.enabledItems: {E37D0722-A3C5-4874-AEEB-718E1BE6100D}:1.9.1 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011-05-05 06:57:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{E37D0722-A3C5-4874-AEEB-718E1BE6100D}: C:\Documents and Settings\Administrateur\Local Settings\Application Data\{E37D0722-A3C5-4874-AEEB-718E1BE6100D} FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-05-05 06:47:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-04-27 08:59:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Extensions [2011-05-03 23:52:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\extensions [2010-04-29 14:29:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-05-03 13:33:00 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-01-14 22:15:01 | 000,000,000 | ---D | M] (Canadian English Dictionary) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\extensions\[email protected] [2010-07-28 14:16:06 | 000,001,183 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\searchplugins\4shared.xml [2010-10-30 14:45:19 | 000,002,979 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\rik8mqj4.default\searchplugins\photoxpress.xml [2011-05-05 06:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- [2009-01-23 11:33:46 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011-04-14 12:47:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2010-01-01 04:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010-01-01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml [2010-01-01 04:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010-01-01 04:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010-01-01 04:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010-01-01 04:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml Hosts file not found O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [intelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [WSwitch] C:\Program Files\Panasonic\WSwitch\WSwitch.exe (Matsushita Electric Industrial Co., Ltd.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp officejet 4100 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {03A89EFD-E023-8600-A22D-45F77558EB4C} http://e2icommconf.e2impact.com/download/ilinci86.dll (ILINCInstall86 Class) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} Java Plug-in Technology (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (GoPetsWeb Control) O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-07-03 14:46:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011-05-10 11:45:05 | 001,407,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrateur\Bureau\TDSSKiller.exe [2011-05-10 09:15:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\DoctorWeb [2011-05-10 07:53:16 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011-05-09 20:41:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK [2011-05-09 15:47:55 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011-05-09 15:44:27 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011-05-09 15:44:27 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011-05-09 15:44:27 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011-05-09 15:44:27 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011-05-09 15:42:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011-05-09 15:42:12 | 000,000,000 | ---D | C] -- C:\Qoobox [2011-05-09 12:03:59 | 002,322,184 | ---- | C] (ESET) -- C:\Documents and Settings\Administrateur\Bureau\esetsmartinstaller_fra.exe [2011-05-09 08:25:55 | 000,000,000 | ---D | C] -- C:\_OTL [2011-05-08 12:20:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2011-05-07 15:25:38 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe [2011-05-06 15:43:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Téléchargements [2011-05-05 21:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag [2011-05-05 21:36:18 | 001,224,845 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\Administrateur\Mes documents\ZHPFix.exe [2011-05-05 21:35:07 | 002,457,557 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\Administrateur\Mes documents\ZHPDiag2.exe [2011-05-04 20:08:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011-05-04 20:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2011-05-04 20:07:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011-05-04 20:07:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011-05-04 16:14:51 | 072,022,928 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Administrateur\Bureau\msert.exe [2011-05-03 22:50:36 | 000,361,216 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe [2011-05-03 18:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\MailFrontier [2011-05-03 14:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia [2011-05-03 14:28:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe [2011-05-03 13:43:57 | 000,072,704 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\zllsputility.exe [2011-05-03 13:43:53 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\kl1.sys [2011-05-03 13:41:53 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll [2011-05-03 13:41:48 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll [2011-05-03 13:41:48 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll [2011-05-03 13:41:33 | 000,043,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll [2011-05-03 13:41:32 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll [2011-05-03 13:41:32 | 000,300,544 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll [2011-05-03 13:41:32 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll [2011-05-03 13:41:32 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll [2011-05-03 13:41:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs [2011-05-03 13:41:28 | 000,528,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys [2011-05-03 13:41:22 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs [2011-05-03 13:40:32 | 000,686,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll [2011-05-03 13:40:32 | 000,229,376 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll [2011-05-03 13:40:32 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll [2011-05-03 13:29:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs [2011-05-03 12:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software [2011-05-03 12:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\TuneUp Software [2011-05-03 10:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe [2011-05-03 10:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia [2011-05-03 10:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe [2011-05-02 20:09:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\dL28603GgIgF28603 [2011-05-02 20:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes [2011-05-02 20:00:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011-05-01 21:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SlySoft [2011-05-01 21:08:49 | 000,000,000 | ---D | C] -- C:\Program Files\SlySoft [2011-04-22 09:20:06 | 000,000,000 | ---D | C] -- C:\Impot 2010 [2011-04-13 17:14:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hewlett-Packard [2011-04-13 17:14:12 | 000,082,380 | ---- | C] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS [2011-04-13 17:01:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys [2011-04-13 16:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Hewlett-Packard [2011-04-13 16:47:57 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard [2002-08-09 14:58:36 | 000,133,120 | ---- | C] ( ) -- C:\WINDOWS\System32\ZipDLL.dll ========== Files - Modified Within 30 Days ========== [2011-05-10 13:51:12 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011-05-10 12:20:34 | 000,000,144 | ---- | M] () -- C:\WINDOWS\System32\pdfl.dat [2011-05-10 12:19:44 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-05-10 12:19:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-05-10 10:02:35 | 000,000,089 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\DrWeb.csv [2011-05-10 09:09:29 | 062,047,064 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\796lgayf.exe [2011-05-09 23:19:23 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe Enregistrer pour le Web 11.0 Prefs [2011-05-09 15:48:03 | 000,000,356 | RHS- | M] () -- C:\boot.ini [2011-05-09 15:43:19 | 004,344,420 | R--- | M] () -- C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe [2011-05-09 14:49:52 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Defogger.exe [2011-05-09 12:04:04 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\Administrateur\Bureau\esetsmartinstaller_fra.exe [2011-05-08 14:05:02 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-05-07 15:57:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011-05-07 15:53:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe [2011-05-07 12:22:26 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat [2011-05-06 15:44:00 | 000,879,081 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\SecurityCheck.exe [2011-05-06 13:53:32 | 143,754,240 | ---- | M] () -- C:\Documents and Settings\Administrateur\Mes documents\backup outlook.pst [2011-05-05 21:49:33 | 000,000,392 | ---- | M] () -- C:\ZHPRegY1.zhp [2011-05-05 21:49:21 | 000,000,392 | ---- | M] () -- C:\ZHPRegY0.zhp [2011-05-05 21:42:51 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011-05-05 21:36:18 | 001,224,845 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\Administrateur\Mes documents\ZHPFix.exe [2011-05-05 21:35:08 | 002,457,557 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\Administrateur\Mes documents\ZHPDiag2.exe [2011-05-05 20:25:19 | 000,000,116 | ---- | M] () -- C:\WINDOWS\wininit.ini [2011-05-05 06:47:22 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011-05-05 06:47:22 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk [2011-05-04 20:08:02 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011-05-04 16:16:29 | 072,022,928 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Administrateur\Bureau\msert.exe [2011-05-03 22:50:36 | 000,361,216 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe [2011-05-03 16:55:51 | 000,000,246 | ---- | M] () -- C:\Boot.bak [2011-05-03 14:30:54 | 019,423,264 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2011-05-03 14:30:54 | 000,228,692 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2011-05-03 13:46:50 | 000,425,725 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2011-05-03 13:43:58 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\ZoneAlarm Security.lnk [2011-05-03 13:38:35 | 152,520,704 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\ZASPSetup_93_037_000_en.exe [2011-05-03 09:22:04 | 003,801,120 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\cpes_clean.exe [2011-05-01 21:16:42 | 000,000,040 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2011-05-01 20:20:09 | 000,126,976 | RHS- | M] () -- C:\WINDOWS\System32\iac25_32X.dll [2011-05-01 14:21:34 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrateur\Bureau\TDSSKiller.exe [2011-04-28 13:17:39 | 000,001,616 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CDBurnerXP.lnk [2011-04-25 16:30:48 | 003,026,275 | ---- | M] () -- C:\Documents and Settings\Administrateur\Mes documents\Camille B&W Selective.jpg [2011-04-14 09:56:14 | 000,330,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-04-14 07:43:10 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011-04-14 07:28:40 | 000,514,142 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011-04-14 07:28:40 | 000,444,810 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-04-14 07:28:40 | 000,086,374 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011-04-14 07:28:40 | 000,072,686 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-04-13 17:29:36 | 000,000,531 | ---- | M] () -- C:\hpfr3420.xml [2011-04-13 17:16:51 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp officejet 4100 series.lnk [2011-04-13 17:15:35 | 000,020,471 | ---- | M] () -- C:\WINDOWS\hpoins01.dat [2011-04-13 17:14:28 | 000,000,669 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Disque de souvenirs HP.lnk [2011-04-13 17:14:12 | 000,082,380 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS [2011-04-13 16:49:58 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk [2011-04-13 16:49:49 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\HP Photo & Imaging.lnk [2011-04-13 16:49:31 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\HP Director.lnk ========== Files Created - No Company Name ========== [2011-05-10 10:02:35 | 000,000,089 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\DrWeb.csv [2011-05-10 08:57:53 | 062,047,064 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\796lgayf.exe [2011-05-09 15:48:03 | 000,000,246 | ---- | C] () -- C:\Boot.bak [2011-05-09 15:47:58 | 000,263,488 | RHS- | C] () -- C:\cmldr [2011-05-09 15:44:27 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011-05-09 15:44:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011-05-09 15:44:27 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011-05-09 15:44:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011-05-09 15:44:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011-05-09 15:10:56 | 000,001,000 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011-05-09 14:49:52 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Defogger.exe [2011-05-09 14:49:43 | 004,344,420 | R--- | C] () -- C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe [2011-05-07 15:57:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011-05-06 15:43:59 | 000,879,081 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\SecurityCheck.exe [2011-05-06 13:50:47 | 143,754,240 | ---- | C] () -- C:\Documents and Settings\Administrateur\Mes documents\backup outlook.pst [2011-05-05 21:49:21 | 000,000,392 | ---- | C] () -- C:\ZHPRegY1.zhp [2011-05-05 21:49:21 | 000,000,392 | ---- | C] () -- C:\ZHPRegY0.zhp [2011-05-05 21:42:51 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin [2011-05-05 06:47:22 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk [2011-05-05 06:47:22 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk [2011-05-04 20:08:02 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011-05-03 13:44:00 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2011-05-03 13:43:58 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\ZoneAlarm Security.lnk [2011-05-03 13:41:28 | 000,425,725 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml [2011-05-03 13:36:02 | 152,520,704 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\ZASPSetup_93_037_000_en.exe [2011-05-03 09:22:03 | 003,801,120 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\cpes_clean.exe [2011-05-02 15:32:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\wininit.ini [2011-05-01 21:16:42 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2011-05-01 20:20:09 | 000,126,976 | RHS- | C] () -- C:\WINDOWS\System32\iac25_32X.dll [2011-04-25 16:30:39 | 003,026,275 | ---- | C] () -- C:\Documents and Settings\Administrateur\Mes documents\Camille B&W Selective.jpg [2011-04-13 17:21:58 | 000,000,531 | ---- | C] () -- C:\hpfr3420.xml [2011-04-13 17:16:51 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp officejet 4100 series.lnk [2011-04-13 17:14:28 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Disque de souvenirs HP.lnk [2011-04-13 16:49:58 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk [2011-04-13 16:49:49 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\HP Photo & Imaging.lnk [2011-04-13 16:49:30 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\HP Director.lnk [2011-04-13 16:42:55 | 000,020,471 | ---- | C] () -- C:\WINDOWS\hpoins01.dat [2011-04-13 16:42:55 | 000,016,618 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat [2011-02-09 18:13:02 | 000,429,264 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010-10-14 20:07:04 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2010-10-09 11:14:50 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\drivers\service.ini [2010-08-11 15:13:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI [2010-08-03 21:30:17 | 000,000,292 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc [2010-06-18 00:11:37 | 000,000,467 | ---- | C] () -- C:\WINDOWS\exifmanager.ini [2010-05-31 22:10:33 | 000,001,820 | ---- | C] () -- C:\WINDOWS\System32\enc_ba-2_000001.ini [2010-05-31 22:10:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Progs_.ini [2010-05-11 21:43:32 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe Enregistrer pour le Web 11.0 Prefs [2010-03-10 23:58:51 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2010-01-13 21:24:31 | 000,000,395 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI [2009-09-08 11:11:33 | 000,000,081 | ---- | C] () -- C:\WINDOWS\ISW_SCM.INI [2009-07-30 13:06:56 | 000,000,067 | ---- | C] () -- C:\WINDOWS\KA.INI [2009-05-30 00:42:20 | 000,309,248 | ---- | C] () -- C:\WINDOWS\System32\sqlite36_engine.dll [2009-04-27 13:18:34 | 019,423,264 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2009-04-27 13:01:48 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\lkfl.dat [2009-04-27 13:01:48 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\ibfl.dat [2009-04-27 13:01:47 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\pdfl.dat [2009-03-11 21:01:28 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\DirectCOM.dll [2009-01-29 21:46:44 | 001,498,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin [2008-12-31 13:52:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PTWebCam.INI [2008-12-08 21:06:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI [2008-12-07 12:44:54 | 000,030,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys [2008-10-11 17:11:42 | 000,000,650 | ---- | C] () -- C:\WINDOWS\hegames.ini [2008-10-11 17:08:10 | 000,000,043 | ---- | C] () -- C:\WINDOWS\Preschol.ini [2008-10-11 17:07:51 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin040c.exe [2008-09-08 23:27:33 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\fusioncache.dat [2008-08-25 17:13:02 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2008-08-12 11:47:04 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\qttask.exe [2008-07-01 13:12:55 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2008-05-27 13:09:19 | 000,000,150 | ---- | C] () -- C:\WINDOWS\Antidote.ini [2008-02-29 23:44:36 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2008-02-29 09:07:45 | 000,001,890 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2008-02-29 09:07:45 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\7B4AE373AC.sys [2008-02-04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL [2008-01-02 13:43:48 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini [2007-12-27 22:20:38 | 000,362,173 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\tvwskclkxc_nav.dat [2007-12-27 22:20:38 | 000,004,698 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\tvwskclkxc.dat [2007-12-27 22:20:38 | 000,000,679 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\tvwskclkxc_navps.dat [2007-11-28 09:16:09 | 000,242,688 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007-11-12 21:23:45 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2007-10-22 22:21:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2007-10-09 20:56:39 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys [2007-10-09 20:52:16 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd4349.sys [2007-10-08 21:16:05 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2007-10-08 20:09:40 | 000,018,344 | ---- | C] () -- C:\WINDOWS\System32\imslsp_install_loc040c.dll [2007-10-08 20:09:40 | 000,018,344 | ---- | C] () -- C:\WINDOWS\System32\imsinstall_loc040c.dll [2007-07-03 15:29:01 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2007-07-03 15:16:20 | 000,000,102 | ---- | C] () -- C:\WINDOWS\System32\softkbd.exe.config [2007-07-03 15:13:37 | 000,000,052 | ---- | C] () -- C:\WINDOWS\DMIVIEW.INI [2007-07-03 15:01:14 | 000,910,304 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll [2007-07-03 15:01:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4814.dll [2007-07-03 14:51:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2007-07-03 14:43:21 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2007-07-03 10:33:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007-07-03 10:32:17 | 000,330,688 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2004-08-05 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004-08-05 08:00:00 | 000,514,142 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2004-08-05 08:00:00 | 000,444,810 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004-08-05 08:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2004-08-05 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004-08-05 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004-08-05 08:00:00 | 000,086,374 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2004-08-05 08:00:00 | 000,072,686 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004-08-05 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004-08-05 08:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2004-08-05 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004-08-05 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004-08-05 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004-08-05 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2003-03-09 16:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [2003-01-21 01:20:21 | 000,000,052 | -H-- | C] () -- C:\WINDOWS\AJ820503.bin [2002-08-09 11:18:36 | 000,122,368 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.dll [2002-06-02 18:05:40 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\chkey1.dll [2001-08-23 03:07:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 03:05:30 | 000,004,484 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-04-10 18:03:32 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll [2000-10-31 19:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ZipSFX.bin ========== Custom Scans ========== < MD5 for: DTSCSI.SYS > [2007-10-09 20:56:39 | 000,223,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dtscsi.sys < MD5 for: SPTD.SYS > [2007-10-09 20:52:16 | 000,642,560 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys < End of report >

De façon manuelle ou en copiant/collant (et effectivement les fichiers sont bien là), ça me fait toujours le même truc....