Voila le rapport

Hier j'ai déja fait beaucoup de choses (cf post portant le meme nom)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:22:33, on 24/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceMa­nager.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll
O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll
O3 - Toolbar: (no name) - {4596013b-6c31-408b-a266-deae5c086dc2} - (no file)
O3 - Toolbar: Google Bloc-notes - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Switcher.exe] "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Outpost Firewall] C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe /waitservice
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [OutpostFeedBack] C:\PROGRA~1\Agnitum\OUTPOS~1.0\feedback.exe /dump:os_startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Page à noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll/gn_menu1.html
O8 - Extra context menu item: À noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll/gn_menu2.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/...
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\PROGRA~1\Agnitum\OUTPOS~1.0\wl_hook.dll
O21 - SSODL: gnowmebk - {36A732A7-0590-4960-975B-D846C72DA9EC} - C:\WINDOWS\gnowmebk.dll (file missing)
O21 - SSODL: pxgdslro - {B76C1C4D-BDEE-4F5B-804C-C10BAF9DF47B} - C:\WINDOWS\pxgdslro.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
End of file - 17309 bytes

Re,

oui moi aussi j´ai un probleme pour visionner les messages, y a du bug dans l´air.

ca a l´air plutot clean

a l´aide de hijack this coche et fix :

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O3 - Toolbar: (no name) - {4596013b-6c31-408b-a266-deae5c086dc2} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/...
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O21 - SSODL: gnowmebk - {36A732A7-0590-4960-975B-D846C72DA9EC} - C:\WINDOWS\gnowmebk.dll (file missing)
O21 - SSODL: pxgdslro - {B76C1C4D-BDEE-4F5B-804C-C10BAF9DF47B} - C:\WINDOWS\pxgdslro.dll (file missing)

comment fixer :

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

regarde ce tutorial pour mettre ta console java a jour :

http://www.malekal.com/update_JAVA_Flash.php

puis passe cet antispyware si tu ne l´as pas deja passé :

Fais un scan avec cet antispyware :

Telecharge malwarebytes + tutoriel :

-> http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

@+
Le meilleur moyen de faire tourner la tête à une femme, c'est de lui dire qu'elle a un joli profil

EN GROS VOICI CE QUE J'AI FAIT HIER


Rapport GenProc 1.965 [1] effectué le 23/05/2008 à 18:29:09,14 - Windows XP

Dans CCleaner, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. C'est tout.

# Etape 1/ Télécharge :

- Navilog1 (IL-MAFIOSO) http://pagesperso-orange.fr/il.mafioso/Navifix/Navilog1.exe sur ton bureau. Double clique sur navilog1.exe pour lancer l'installation. Une fois l'installation terminée, le fix s'exécutera automatiquement (si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau). Laisse-toi guider. Au menu principal, choisis 1 et valide.
Patiente jusqu'au message " Analyse Termine le .....". Appuie sur une touche comme demandé, le blocnote va s'ouvrir, poste-le maintenant et passe à la suite.

- VundoFix.exe (Atribune) http://www.atribune.org/ccount/click.php?id=4 sur ton Bureau

- combofix.exe (sUBs) http://download.bleepingcomputer.com/sUBs/ComboFix.exe sur ton Bureau

- SmitfrauFix (S!Ri) http://siri.urz.free.fr/Fix/SmitfraudFix.exe
* double-clique sur le fichier "smitfraudfix.exe" et choisis l'option 1, il va lister tous les éléments nuisibles dans un rapport : poste le maintenant.

- MSNFix.zip (!aur3n7) http://sosvirus.changelog.fr/MSNFix.zip et décompresse-le sur le Bureau.


***** Copie ce qui suit dans un fichier texte et redémarre en mode sans échec comme indiqué ici http://www.pcloisirs.eu/mode_sans_echec.htm (choisis ta session courante "Alexis") *****


# Etape 2/

* Double clique sur le raccourci Navilog1, choisis l'option 2 et valide, patiente jusqu'au message : *** Nettoyage Termine le ..... ***, le blocnote va s'ouvrir ; sauvegarde le rapport de manière à le retrouver, referme le blocnote. Ton bureau va réapparaitre

# Etape 3/

* Double-clique VundoFix.exe afin de le lancer, puis clique sur le bouton "Scan for Vundo".
Lorsque le scan est complété, clique sur le bouton "Fix Vundo", une invite te demandera si tu veux supprimer les fichiers, clique YES : le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer : clique OK
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo

* Double clique [b]combofix.exe/b.
Tape sur la touche Y (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra

# Etape 4/

Double-clique sur le fichier "SmitfraudFix.exe" et choisis l'option 2, réponds oui à tout et laisse-le procéder. Sauvegarde le rapport sur ton bureau.

# Etape 5/

Lance le fichier MSNFix.bat qui se trouve dans le dossier MSNfix, sur le bureau.
- Exécute l'option R.
- Si l'infection est détectée, exécute l'option N.
- Sauvegarde ce rapport sur ton bureau.

# Etape 6/

Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.

# Etape 7/

Redémarre normalement et poste, dans la même réponse :
- Un nouveau rapport HijackThis, toutes fenêtres et applications fermées http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis.exe ;
- Le contenu du rapport situé dans C:\vundofix.txt ;
- Le contenu du rapport situé dans C:\Combofix.txt ;
- Le rapport SmitfraudFix que tu as sauvegardé sur ton bureau ;
- Le contenu du fichier cleannavi.txt qui se trouve dans Poste de travail C:\ ;
- Le contenu du rapport MSNfix situé sur le Bureau ;


Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.

Ok

ca a l´air d´avoir porté ces fruits ;-)

te serait-il possible de poster les rapports de chacuns ?

@+
Le meilleur moyen de faire tourner la tête à une femme, c'est de lui dire qu'elle a un joli profil

Oui c'est possible
je vais le faire
par contre j'ai de nouveau accès a l'ancien post tout est dessus donc essaie d'y aller
merci

Ok

de mon coté quand j´essaie ca plante grave...
Le meilleur moyen de faire tourner la tête à une femme, c'est de lui dire qu'elle a un joli profil

VOILA J'ai fait un gros copier coller de l'ancien post
Je sais pas si ca sera très lisible pour toi
Merci d'avance

Gros probleme message windows security alert
par obiwan222
Fil de Discussions
Statut : Non résolu
vendredi 23 mai 2008 à 18:21:18
Bonjour,
Depuis hier soir, sur l'ecran apparait sans arret un message : windows security alert et dit : "Somebody's trying to infect your PC with spyware or harmful...". J'ai deja fait un nettoyage avec CCleaner a plusieurs reprise et scanné avec spybot et adware deux fois tous les deux. Quoiqu'il arrive le message revient. J'ai aussi une icone dans la barre des tache qui clignote : (un hexagone orange avec une croix blanches) et de nouvelles icones sur mon bureau : privacy protector, spyware and malware potection... Si vous pouviez m'aider!!!

Voici aussi mon rapport hijack this


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:10:55, on 23/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TuneUp Utilities 2008\OneClick.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\TuneUp Utilities 2008\RegistryCleaner.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://internetsearchservice.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://internetsearchservice.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://internetsearchservice.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://internetsearchservice.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O1 - Hosts: 62.75.224.159 www.bns1.net
O1 - Hosts: 62.75.224.159 www.bns2.net
O1 - Hosts: 62.75.224.159 www.bns3.net
O1 - Hosts: 62.75.224.159 www.bns4.net
O1 - Hosts: 62.75.224.159 www.bns5.net
O1 - Hosts: 62.75.224.159 www.bns6.net
O1 - Hosts: 62.75.224.159 www.bns7.net
O1 - Hosts: 62.75.224.159 www.bns8.net
O1 - Hosts: 62.75.224.159 www.cms1.net
O1 - Hosts: 62.75.224.159 www.cms2.net
O1 - Hosts: 62.75.224.159 www.cms3.net
O1 - Hosts: 62.75.224.159 www.cms4.net
O1 - Hosts: 62.75.224.159 www.cms5.net
O1 - Hosts: 62.75.224.159 www.cms6.net
O1 - Hosts: 62.75.224.159 www.cms7.net
O1 - Hosts: 62.75.224.159 www.cms8.net
O1 - Hosts: 62.75.224.159 www.rg1.com
O1 - Hosts: 62.75.224.159 www.rg2.com
O1 - Hosts: 62.75.224.159 www.rg3.com
O1 - Hosts: 62.75.224.159 www.rg4.com
O1 - Hosts: 62.75.224.159 www.rg5.com
O1 - Hosts: 62.75.224.159 www.rg6.com
O1 - Hosts: 62.75.224.159 www.rg7.com
O1 - Hosts: 62.75.224.159 www.rg8.com
O1 - Hosts: 62.75.224.159 www.cjt1.net
O1 - Hosts: 62.75.224.159 www.rgs1.net
O1 - Hosts: 62.75.224.159 www.rgs2.net
O1 - Hosts: 62.75.224.159 www.bns1.net
O1 - Hosts: 62.75.224.159 www.bns2.net
O1 - Hosts: 62.75.224.159 www.cms1.net
O1 - Hosts: 62.75.224.159 www.cms2.net
O1 - Hosts: 62.75.224.159 bns1.net
O1 - Hosts: 62.75.224.159 bns2.net
O1 - Hosts: 62.75.224.159 bns3.net
O1 - Hosts: 62.75.224.159 bns4.net
O1 - Hosts: 62.75.224.159 bns5.net
O1 - Hosts: 62.75.224.159 bns6.net
O1 - Hosts: 62.75.224.159 bns7.net
O1 - Hosts: 62.75.224.159 bns8.net
O1 - Hosts: 62.75.224.159 cms1.net
O1 - Hosts: 62.75.224.159 cms2.net
O1 - Hosts: 62.75.224.159 cms3.net
O1 - Hosts: 62.75.224.159 cms4.net
O1 - Hosts: 62.75.224.159 cms5.net
O1 - Hosts: 62.75.224.159 cms6.net
O1 - Hosts: 62.75.224.159 cms7.net
O1 - Hosts: 62.75.224.159 cms8.net
O1 - Hosts: 62.75.224.159 rg1.com
O1 - Hosts: 62.75.224.159 rg2.com
O1 - Hosts: 62.75.224.159 rg3.com
O1 - Hosts: 62.75.224.159 rg4.com
O1 - Hosts: 62.75.224.159 rg5.com
O1 - Hosts: 62.75.224.159 rg6.com
O1 - Hosts: 62.75.224.159 rg7.com
O1 - Hosts: 62.75.224.159 rg8.com
O1 - Hosts: 62.75.224.159 cjt1.net
O1 - Hosts: 62.75.224.159 rgs1.net
O1 - Hosts: 62.75.224.159 rgs2.net
O1 - Hosts: 62.75.224.159 bns1.net
O1 - Hosts: 62.75.224.159 bns2.net
O1 - Hosts: 62.75.224.159 cms1.net
O1 - Hosts: 62.75.224.159 cms2.net
O1 - Hosts: 62.75.224.159 j800banners.cjt1.net
O1 - Hosts: 62.75.224.159 jadlogix.cjt1.net
O1 - Hosts: 62.75.224.159 jadtegrity.cjt1.net
O1 - Hosts: 62.75.224.159 jaimmedia.cjt1.net
O1 - Hosts: 62.75.224.159 javatar.cjt1.net
O1 - Hosts: 62.75.224.159 jbeet.cjt1.net
O1 - Hosts: 62.75.224.159 jbigpops.cjt1.net
O1 - Hosts: 62.75.224.159 jbouncetek.cjt1.net
O1 - Hosts: 62.75.224.159 jbravenet.cjt1.net
O1 - Hosts: 62.75.224.159 jcdcover.cjt1.net
O1 - Hosts: 62.75.224.159 jclickspring.cjt1.net
O1 - Hosts: 62.75.224.159 jcollegehumor.cjt1.net
O1 - Hosts: 62.75.224.159 jdownloadacc.cjt1.net
O1 - Hosts: 62.75.224.159 jedonkey.cjt1.net
O1 - Hosts: 62.75.224.159 jeuniverse.cjt1.net
O1 - Hosts: 62.75.224.159 jhot.cjt1.net
O1 - Hosts: 62.75.224.159 jicmedia.cjt1.net
O1 - Hosts: 62.75.224.159 jicq.cjt1.net
O1 - Hosts: 62.75.224.159 jieplugin.cjt1.net
O1 - Hosts: 62.75.224.159 jinternetoptimizer.cjt1.net
O1 - Hosts: 62.75.224.159 jmediabuy1.cjt1.net
O1 - Hosts: 62.75.224.159 jmediabuyad.cjt1.net
O1 - Hosts: 62.75.224.159 jmindset.cjt1.net
O1 - Hosts: 62.75.224.159 jmindsettest.cjt1.net
O1 - Hosts: 62.75.224.159 jnictech.cjt1.net
O1 - Hosts: 62.75.224.159 jnova.cjt1.net
O1 - Hosts: 62.75.224.159 jpiolet.cjt1.net
O1 - Hosts: 62.75.224.159 jsanboxer.cjt1.net
O1 - Hosts: 62.75.224.159 jsercee.cjt1.net
O1 - Hosts: 62.75.224.159 jthedelfin.cjt1.net
O1 - Hosts: 62.75.224.159 jwarezp2p.cjt1.net
O1 - Hosts: 62.75.224.159 jwildmedia.cjt1.net
O1 - Hosts: 62.75.224.159 mediabuy-nic.cjt1.net
O1 - Hosts: 62.75.224.159 www.m7z.net
O1 - Hosts: 62.75.224.159 m7z.net
O1 - Hosts: 62.75.224.159 jcms.cydoor.com
O1 - Hosts: 62.75.224.159 cydoor.com
O1 - Hosts: 62.75.224.159 www.cydoor.com
O1 - Hosts: 62.75.224.159 jnova.cjt1.net
O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: QXK Olive - {0683B6A6-0FF9-4C6C-9240-B71CA010D48F} - C:\WINDOWS\nldfmtapndk.dll
O2 - BHO: (no name) - {1B55E1E5-3216-4F89-B243-C0DA572F878E} - C:\WINDOWS\system32\qoMdETLd.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: {805e6663-b7c7-5e88-72b4-b57a1a7ded93} - {39ded7a1-a75b-4b27-88e5-7c7b3666e508} - C:\WINDOWS\system32\eeahtbsg.dll
O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {8294D83E-4F05-4783-BB7C-DE3EF0B79B64} - C:\WINDOWS\system32\opnonoOg.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {BD962BAB-F429-460F-805B-B137087AB623} - C:\WINDOWS\system32\ssqQifdA.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll
O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll
O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - (no file)
O3 - Toolbar: Google Bloc-notes - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll
O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: gktxaspm - {CA5FD8FF-2744-4E18-BDF2-07A02A98AF3A} - C:\WINDOWS\gktxaspm.dll
O4 - HKLM\..\Run: [Switcher.exe] "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [54a58e5f] rundll32.exe "C:\WINDOWS\system32\kutubmce.dll",b
O4 - HKLM\..\Run: [BM5796bdc3] Rundll32.exe "C:\WINDOWS\system32\gqfvutdt.dll",s
O4 - HKLM\..\RunOnce: [eISS_cleanup] "C:\DOCUME~1\Alexis\LOCALS~1\Temp\cacu_001.exe" /cleanup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [] "C:\Program Files\Internet Explorer\iexplore.exe" http://www.symantec.com/...
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-2129557840-4265919523-2197693088-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Xavier WINDAL')
O4 - HKUS\S-1-5-21-2129557840-4265919523-2197693088-1006\..\RunOnce: [^SetupICWDesktop] (User 'Xavier WINDAL')
O4 - HKUS\S-1-5-21-2129557840-4265919523-2197693088-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Perrine')
O4 - HKUS\S-1-5-21-2129557840-4265919523-2197693088-1008\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe" (User 'Perrine')
O4 - HKUS\S-1-5-21-2129557840-4265919523-2197693088-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Administrateur')
O4 - HKUS\S-1-5-21-2129557840-4265919523-2197693088-500\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe" (User 'Administrateur')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Page à noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll/gn_menu1.html
O8 - Extra context menu item: À noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll/gn_menu2.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ssqQifdA - C:\WINDOWS\SYSTEM32\ssqQifdA.dll
O21 - SSODL: gnowmebk - {36A732A7-0590-4960-975B-D846C72DA9EC} - C:\WINDOWS\gnowmebk.dll
O21 - SSODL: pxgdslro - {B76C1C4D-BDEE-4F5B-804C-C10BAF9DF47B} - C:\WINDOWS\pxgdslro.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
End of file - 24874 bytes


SVP AIDER MOI

Configuration: Windows XP
Firefox 2.0.0.14

Répondre à obiwan222 Signaler ce message aux modérateurs Aller au dernier message Ajouter à mes alertes (mes interventions)

1

*


Ce message vous semble utile, votez !
* Signaler ce message aux modérateurs
*


Par eZula, le vendredi 23 mai 2008 à 18:25:10 Fil de Discussions
Bonjour,

télécharge GenProc http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip sur ton bureau

dézippe le dossier, double-clique sur GenProc.bat et poste le contenu du rapport qui s'ouvre

Aide en images : http://www.alt-shift-return.org/Info/GenProc-HowTo.html

Répondre à eZula

2

*


Ce message vous semble utile, votez !
* Signaler ce message aux modérateurs
*


Par obiwan222, le vendredi 23 mai 2008 à 18:30:20 Fil de Discussions
OK c'est en cour

Répondre à obiwan222

3

*


Ce message vous semble utile, votez !
* Signaler ce message aux modérateurs
*


Par obiwan222, le vendredi 23 mai 2008 à 18:31:25 Fil de Discussions
VOICI LE CONTENU

Rapport GenProc 1.965 [1] effectué le 23/05/2008 à 18:29:09,14 - Windows XP

Dans CCleaner, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. C'est tout.

# Etape 1/ Télécharge :

- Navilog1 (IL-MAFIOSO) http://pagesperso-orange.fr/il.mafioso/Navifix/Navilog1.exe sur ton bureau. Double clique sur navilog1.exe pour lancer l'installation. Une fois l'installation terminée, le fix s'exécutera automatiquement (si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau). Laisse-toi guider. Au menu principal, choisis 1 et valide.
Patiente jusqu'au message " Analyse Termine le .....". Appuie sur une touche comme demandé, le blocnote va s'ouvrir, poste-le maintenant et passe à la suite.

- VundoFix.exe (Atribune) http://www.atribune.org/ccount/click.php?id=4 sur ton Bureau

- combofix.exe (sUBs) http://download.bleepingcomputer.com/sUBs/ComboFix.exe sur ton Bureau

- SmitfrauFix (S!Ri) http://siri.urz.free.fr/Fix/SmitfraudFix.exe
* double-clique sur le fichier "smitfraudfix.exe" et choisis l'option 1, il va lister tous les éléments nuisibles dans un rapport : poste le maintenant.

- MSNFix.zip (!aur3n7) http://sosvirus.changelog.fr/MSNFix.zip et décompresse-le sur le Bureau.


***** Copie ce qui suit dans un fichier texte et redémarre en mode sans échec comme indiqué ici http://www.pcloisirs.eu/mode_sans_echec.htm (choisis ta session courante "Alexis") *****


# Etape 2/

* Double clique sur le raccourci Navilog1, choisis l'option 2 et valide, patiente jusqu'au message : *** Nettoyage Termine le ..... ***, le blocnote va s'ouvrir ; sauvegarde le rapport de manière à le retrouver, referme le blocnote. Ton bureau va réapparaitre

# Etape 3/

* Double-clique VundoFix.exe afin de le lancer, puis clique sur le bouton "Scan for Vundo".
Lorsque le scan est complété, clique sur le bouton "Fix Vundo", une invite te demandera si tu veux supprimer les fichiers, clique YES : le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer : clique OK
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo

* Double clique [b]combofix.exe/b.
Tape sur la touche Y (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra

# Etape 4/

Double-clique sur le fichier "SmitfraudFix.exe" et choisis l'option 2, réponds oui à tout et laisse-le procéder. Sauvegarde le rapport sur ton bureau.

# Etape 5/

Lance le fichier MSNFix.bat qui se trouve dans le dossier MSNfix, sur le bureau.
- Exécute l'option R.
- Si l'infection est détectée, exécute l'option N.
- Sauvegarde ce rapport sur ton bureau.

# Etape 6/

Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.

# Etape 7/

Redémarre normalement et poste, dans la même réponse :
- Un nouveau rapport HijackThis, toutes fenêtres et applications fermées http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis.exe ;
- Le contenu du rapport situé dans C:\vundofix.txt ;
- Le contenu du rapport situé dans C:\Combofix.txt ;
- Le rapport SmitfraudFix que tu as sauvegardé sur ton bureau ;
- Le contenu du fichier cleannavi.txt qui se trouve dans Poste de travail C:\ ;
- Le contenu du rapport MSNfix situé sur le Bureau ;


Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.

Répondre à obiwan222

4

*


Ce message vous semble utile, votez !
* Signaler ce message aux modérateurs
*


Par eZula, le vendredi 23 mai 2008 à 18:32:32 Fil de Discussions
suis la procédure

Répondre à eZula

5

*


Ce message vous semble utile, votez !
* Signaler ce message aux modérateurs
*


Par obiwan222, le vendredi 23 mai 2008 à 18:38:39 Fil de Discussions
Merci je poste le rapport navilog dès que possible

Répondre à obiwan222

6

*


Ce message vous semble utile, votez !
* Signaler ce message aux modérateurs
*


Par obiwan222, le vendredi 23 mai 2008 à 18:48:47 Fil de Discussions
Le voila je continue la suite

Search Navipromo version 3.5.7 commencé le

23/05/2008 à 18:39:25,84

!!! Attention,ce rapport peut indiquer des

fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire

analyser !!!
!!! Ne lancez pas la partie désinfection sans

l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Alexis"

Mise à jour le 11.05.2008 à 18h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1

\applic~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1

\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and

Settings\Alexis\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1

\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1

\Perrine\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\XAVIER~1

\applic~1" ***


*** Recherche dossiers dans "C:\Documents and

Settings\Alexis\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1

\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1

\Perrine\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\XAVIER~1

\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and

Settings\Alexis\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1

\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1

\Perrine\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\XAVIER~1

\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware

detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des

fichiers légitimes !!!
!!! A vérifier impérativement avant toute

suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and

Settings\Alexis\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1

\applic~1" *

* Recherche dans "C:\DOCUME~1\Perrine\locals~1

\applic~1" *

* Recherche dans "C:\DOCUME~1\XAVIER~1\locals~1

\applic~1" *



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !

*** Recherche clés spécifiques dans le Registre

***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

crfndygucq.dat trouvé !
crfndygucq_nav.dat trouvé !
crfndygucq_navps.dat trouvé !
nxtfjki.dat trouvé !
nxtfjki_nav.dat trouvé !
nxtfjki_navps.dat trouvé !
nxtfjki_navup.dat trouvé !

* Dans "C:\Documents and Settings\Alexis\locals~1

\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


* Dans "C:\DOCUME~1\Perrine\locals~1\applic~1" :


* Dans "C:\DOCUME~1\XAVIER~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

C:\WINDOWS\system32\gOononpo.ini2 trouvé !

infection Vundo possible non traitée par cet outil

!
C:\WINDOWS\system32\YybJlUtv.ini2 trouvé !

infection Vundo possible non traitée par cet outil

!


*** Analyse terminée le 23/05/2008 à 18:47:31,99

***

Répondre à obiwan222

7

*


Ce message vous semble utile, votez !
* Signaler ce message aux modérateurs
*


Par obiwan222, le vendredi 23 mai 2008 à 18:53:05 Fil de Discussions
Et le rapport SmitFraudFix v2.320

Rapport fait à 18:49:52,70, 23/05/2008
Executé à partir de C:\Documents and Settings\Alexis\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TuneUp Utilities 2008\OneClick.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\TuneUp Utilities 2008\RegistryCleaner.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\NOTEPAD.EXE
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Alexis


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Alexis\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url PRESENT !
C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Alexis\Favoris

C:\DOCUME~1\Alexis\Favoris\Error Cleaner.url PRESENT !
C:\DOCUME~1\Alexis\Favoris\Privacy Protector.url PRESENT !
C:\DOCUME~1\Alexis\Favoris\Spyware?Malware Protection.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

C:\DOCUME~1\Alexis\Bureau\Error Cleaner.url PRESENT !
C:\DOCUME~1\Alexis\Bureau\Privacy Protector.url PRESENT !
C:\DOCUME~1\Alexis\Bureau\Spyware?Malware Protection.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL"
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Inventel Gateway #4 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

Description: Inventel Gateway #4 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{CDBD75EE-A158-4BE5-8882-51FA5B65951A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{E781E867-E1A3-4A9A-A175-6F409C09852B}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A879C299-193F-4CA8-A8DF-59B122C5E41D}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{CDBD75EE-A158-4BE5-8882-51FA5B65951A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{E781E867-E1A3-4A9A-A175-6F409C09852B}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CDBD75EE-A158-4BE5-8882-51FA5B65951A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{E781E867-E1A3-4A9A-A175-6F409C09852B}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Répondre à obiwan222

8

*


Ce message vous semble utile, votez !
* Signaler ce message aux modérateurs
*


Par obiwan222, le vendredi 23 mai 2008 à 20:26:28 Fil de Discussions
Me revoila
J'ai tout fait : fix vundo n'a rien trouvé et je n'ai pas pu demarrer en mode sans echec, je suis passé par le mode sans echec avec prise en charge réseau. Pour l'instant ça a l'aire d'avoir disparu.

Voici les rapports demandés

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:20:49, on 23/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: QXK Olive - {0683B6A6-0FF9-4C6C-9240-B71CA010D48F} - C:\WINDOWS\nldfmtapndk.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: {805e6663-b7c7-5e88-72b4-b57a1a7ded93} - {39ded7a1-a75b-4b27-88e5-7c7b3666e508} - C:\WINDOWS\system32\eeahtbsg.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll
O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll
O3 - Toolbar: (no name) - {4596013b-6c31-408b-a266-deae5c086dc2} - (no file)
O3 - Toolbar: Google Bloc-notes - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: gktxaspm - {CA5FD8FF-2744-4E18-BDF2-07A02A98AF3A} - C:\WINDOWS\gktxaspm.dll (file missing)
O4 - HKLM\..\Run: [Switcher.exe] "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [54a58e5f] rundll32.exe "C:\WINDOWS\system32\kutubmce.dll",b
O4 - HKLM\..\Run: [BM5796bdc3] Rundll32.exe "C:\WINDOWS\system32\gqfvutdt.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Page à noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll/gn_menu1.html
O8 - Extra context menu item: À noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll/gn_menu2.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: gnowmebk - {36A732A7-0590-4960-975B-D846C72DA9EC} - C:\WINDOWS\gnowmebk.dll (file missing)
O21 - SSODL: pxgdslro - {B76C1C4D-BDEE-4F5B-804C-C10BAF9DF47B} - C:\WINDOWS\pxgdslro.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNet

Ok

as tu fais l´option deux de navilog ainsi que celle de smitfraudfix?
Le meilleur moyen de faire tourner la tête à une femme, c'est de lui dire qu'elle a un joli profil

Oui en mode sans echec et ça a du marché puisque je n'ai plus les fenetres intempestives

Ok

tu as le rapport de combofix ?
Le meilleur moyen de faire tourner la tête à une femme, c'est de lui dire qu'elle a un joli profil

Ui : plusieurs.. parce qu'on m'a demandé de le faire plusieurs fois :

ComboFix 08-05-21.3 - Alexis 2008-05-24 9:43:11.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.452 [GMT 2:00]
Endroit: C:\Documents and Settings\Alexis\Bureau\Reparation\ComboFix.exe
Command switches used :: C:\Documents and Settings\Alexis\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color

FILE ::
C:\WINDOWS\BM5796bdc3.xml
C:\WINDOWS\system32\ecmbutuk.ini
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Alexis\Application Data\inst.exe
C:\Documents and Settings\Perrine\Application Data\addon.dat
C:\Documents and Settings\Xavier\Application Data\addon.dat
C:\VundoFix Backups
C:\WINDOWS\BM5796bdc3.xml
C:\WINDOWS\system32\ecmbutuk.ini

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-24 to 2008-05-24 ))))))))))))))))))))))))))))))))))))
.

2008-05-23 19:56 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-05-23 18:50 . 2008-05-23 19:57 3,550 --a------ C:\WINDOWS\system32\tmp.reg
2008-05-23 18:50 . 2008-05-23 19:57 0 --a------ C:\WINDOWS\system32\tmp.MSNFix
2008-05-23 18:49 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-05-23 18:49 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-05-23 18:49 . 2008-05-15 23:22 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-05-23 18:49 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-05-23 18:49 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-05-23 18:49 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-05-23 18:49 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-05-23 18:36 . 2008-05-23 19:22 <REP> d-------- C:\Program Files\Navilog1
2008-05-23 18:10 . 2008-05-23 18:10 <REP> d-------- C:\Program Files\Trend Micro
2008-05-22 23:39 . 2008-05-22 23:39 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons
2008-05-22 21:26 . 2008-05-22 21:26 <REP> d-------- C:\Documents and Settings\Incomplete\FTACHJK44J4ZXNUO3GN5VBRWRYDOELFZ
2008-05-22 21:12 . 2008-05-22 21:12 0 --a------ C:\WINDOWS\pestpatrol5.INI
2008-05-22 21:04 . 2008-05-22 21:04 <REP> d-------- C:\Program Files\CA
2008-05-22 20:58 . 2008-05-22 20:58 <REP> d-------- C:\Documents and Settings\Alexis\Total Uninstall 4.8.0.562 Multilingual
2008-05-22 20:57 . 2008-05-22 21:16 17,706,611 --a------ C:\Documents and Settings\Alexis\Agnitum Outpost Firewall Pro v4.0.1025.zip
2008-05-22 19:37 . 2008-05-24 09:40 3,616 --a------ C:\WINDOWS\system32\PerfStringBackup.TMP
2008-05-22 19:33 . 2008-05-23 21:56 <REP> d-------- C:\WINDOWS\system32\CatRoot2
2008-05-22 19:31 . 2008-05-24 09:36 2,148 --a------ C:\WINDOWS\system32\wpa.dbl
2008-05-22 18:03 . 2008-05-22 18:03 143 --a------ C:\term.bat
2008-05-22 17:35 . 2008-05-22 17:35 <REP> d-------- C:\Documents and Settings\Incomplete\JOR2K44V4QZDISGCTFQFUEX33JGWWBGR
2008-05-22 17:32 . 2008-05-22 17:32 <REP> d-------- C:\Documents and Settings\Incomplete\CLWYQCLC7UG35RQEH2ARY3AOKITA55DD
2008-05-21 20:09 . 2008-05-21 20:09 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\DVDFab
2008-05-21 19:31 . 2008-05-21 19:31 <REP> d-------- C:\Program Files\DVDFab Platinum 4
2008-05-21 19:31 . 2008-05-21 20:17 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Vso
2008-05-21 19:31 . 2008-05-21 19:31 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-05-21 19:31 . 2008-05-21 19:31 47,360 --a------ C:\Documents and Settings\Alexis\Application Data\pcouffin.sys
2008-05-21 19:29 . 2008-05-21 19:29 <REP> d-------- C:\Documents and Settings\Alexis\DVDFab Platinium 4.0.5.5 Full-Ghosthunter
2008-05-18 18:42 . 2008-05-18 18:42 <REP> d-------- C:\Program Files\Nero
2008-05-10 12:27 . 2008-05-10 12:27 <REP> d--hs---- C:\found.000
2008-05-08 10:40 . 2008-05-08 10:40 <REP> d-------- C:\Program Files\TagRename
2008-05-08 10:11 . 2008-05-08 10:11 495,104 --a------ C:\WINDOWS\system32\mp3tsshx.dll
2008-05-08 10:08 . 2008-05-08 10:08 <REP> d-------- C:\Program Files\Media Tagger
2008-05-07 17:56 . 2005-02-22 12:36 765,952 --a------ C:\WINDOWS\system32\CDDBUI.dll
2008-05-07 17:56 . 2005-02-22 12:37 589,824 --a------ C:\WINDOWS\system32\CDDBControl.dll
2008-05-07 17:56 . 2006-09-05 08:49 503,808 --a------ C:\WINDOWS\system32\MLAG2.ocx
2008-05-07 17:56 . 2000-12-05 20:00 415,176 --a------ C:\WINDOWS\system32\COMCT332.OCX
2008-05-07 17:56 . 2001-07-09 02:18 141,408 --a------ C:\WINDOWS\system32\dXPSystm.dll
2008-05-07 17:56 . 2004-03-09 01:00 132,880 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-05-07 17:56 . 1998-06-17 20:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-05-07 16:50 . 2008-05-07 16:50 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\AQUATRA
2008-05-04 11:32 . 2008-05-04 11:32 <REP> d-------- C:\WINDOWS\IP Changer
2008-05-04 09:19 . 2008-05-04 09:19 <REP> d-------- C:\WINDOWS\Caps
2008-05-03 10:38 . 2008-05-03 10:38 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-05-02 18:56 . 2007-07-19 22:42 20,280 --a------ C:\WINDOWS\system32\drivers\SSFS0BB8.sys
2008-05-01 20:36 . 2008-05-01 20:36 0 --a------ C:\WINDOWS\system32\SBRC.dat
2008-05-01 20:36 . 2008-05-01 20:36 0 --a------ C:\WINDOWS\system32\SBFC.dat
2008-05-01 20:32 . 2008-05-01 20:32 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Sunbelt Software
2008-04-27 14:40 . 2008-04-27 14:40 <REP> d-------- C:\WINDOWS\system32\Akamai Technologies
2008-04-27 12:08 . 2008-05-04 11:34 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\tor
2008-04-27 12:07 . 2008-04-27 12:07 <REP> d-------- C:\Program Files\Vidalia Bundle
2008-04-27 12:07 . 2008-05-04 11:35 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Vidalia

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-23 19:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-05-23 17:30 --------- d-----w C:\Program Files\Google
2008-05-23 17:00 --------- d-----w C:\Program Files\Conduit
2008-05-23 16:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-05-23 08:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-05-22 19:28 6,584 ----a-w C:\Documents and Settings\Incomplete\downloads.dat
2008-05-22 18:55 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-05-22 16:53 --------- d-----w C:\Program Files\FreeCommander
2008-05-22 16:40 --------- d-----w C:\Documents and Settings\Alexis\Application Data\Orbit
2008-05-21 19:05 --------- d-----w C:\Program Files\Notepad++
2008-05-21 19:05 --------- d-----w C:\Documents and Settings\Alexis\Application Data\Notepad++
2008-05-21 18:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\UniversalisV13
2008-05-10 11:50 --------- d-----w C:\Program Files\Opera
2008-05-10 11:36 --------- d-----w C:\Program Files\Audible
2008-05-10 08:45 --------- d-----w C:\Documents and Settings\Perrine\Application Data\Orbit
2008-05-09 06:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-02 10:04 --------- d-----w C:\Program Files\LimeWire
2008-04-29 11:10 --------- d-----w C:\Program Files\Creative
2008-04-28 17:53 --------- d-----w C:\Program Files\ScanSoft
2008-04-28 17:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-04-25 16:04 --------- d-----w C:\Program Files\Apple Software Update
2008-04-20 11:56 --------- d-----w C:\Program Files\iTunes
2008-04-20 11:56 --------- d-----w C:\Program Files\iPod
2008-04-20 11:53 --------- d-----w C:\Program Files\QuickTime
2008-04-11 19:08 --------- d-----w C:\Program Files\Picasa2
2008-04-08 17:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-04-08 17:32 --------- d-----w C:\Documents and Settings\Alexis\Application Data\TechSmith
2008-04-08 16:15 --------- d-----w C:\Program Files\TechSmith
2008-04-08 16:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\TechSmith
2008-04-08 16:14 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-31 15:55 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-03-29 14:59 --------- d-----w C:\Program Files\Activision
2008-03-29 14:47 --------- d-----w C:\Documents and Settings\Alexis\Application Data\FarStone
2008-03-29 14:44 5,501 ----a-w C:\WINDOWS\system32\dptlcg32.dll
2008-03-29 14:44 --------- d-----w C:\Program Files\FarStone
2008-03-29 14:42 --------- d-----w C:\Program Files\temp
2008-03-28 18:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-28 06:47 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-03-28 06:47 --------- d-----w C:\Documents and Settings\Alexis\Application Data\DAEMON Tools
2008-03-26 15:52 --------- d-----w C:\Program Files\EasyPHP 2.0b1
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-24 10:42 307,968 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-03-24 10:42 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-03-24 10:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-03-24 10:42 --------- d-----w C:\Documents and Settings\Alexis\Application Data\TuneUp Software
2008-03-23 20:39 74,703 ----a-w C:\WINDOWS\system32\mfc45.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-16 11:33 57,344 ----a-w C:\Documents and Settings\Alexis\lametritonus.dll
2008-03-16 11:33 162,304 ----a-w C:\Documents and Settings\Alexis\lame_enc.dll
2008-03-09 11:27 772 ----a-w C:\Documents and Settings\Alexis\Application Data\wklnhst.dat
2008-03-07 17:46 461 ----a-w C:\Documents and Settings\Alexis\Jscript.reg
2008-03-01 12:58 826,368 ------w C:\WINDOWS\system32\wininet.dll
2008-02-27 12:15 28,416 ----a-w C:\WINDOWS\system32\uxtuneup.dll
2007-12-24 18:57 4,532,651 ----a-w C:\Program Files\EasyWMVDemo.dmg
2007-12-24 17:56 54,330,664 ----a-w C:\Program Files\iTunesSetup.exe
2007-09-29 10:23 498,552 ----a-w C:\Program Files\setup.exe
2007-05-14 18:11 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-05-05 19:01 16,590,480 ----a-w C:\Program Files\jre-1_5_0_10-windows-i586-p-s.exe
2007-05-05 18:31 6,943,028 ----a-w C:\Program Files\installpro.exe
2007-04-19 10:50 53,062 ----a-w C:\Program Files\__def.rip2
2007-04-19 10:46 493 ----a-w C:\Program Files\versions.xml
2007-04-19 10:44 19,473,146 ----a-w C:\Program Files\RI4M_v501d_setup.exe
2007-03-07 17:19 295 ----a-w C:\Program Files\iepatch.reg
2007-03-02 12:06 8,344,627 ----a-w C:\Program Files\sfs6int.exe
2007-02-23 09:23 535,512 ----a-w C:\Program Files\pllangs.exe
2006-10-26 17:33 0 ----a-w C:\Documents and Settings\Perrine\Application Data\wklnhst.dat
2006-10-21 19:20 0 ----a-w C:\Documents and Settings\Xavier\Application Data\wklnhst.dat
2006-03-20 13:47 0 ----a-w C:\Documents and Settings\Alexis\CONFIG.SYS
2006-03-20 13:47 0 ----a-w C:\Documents and Settings\Alexis\AUTOEXEC.BAT
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2008-02-16 13:49 11,270 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-12-17 13:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll
.

((((((((((((((((((((((((((((( snapshot@2008-05-23_19.55.56.64 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-23 17:40:15 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-24 07:34:51 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-24 07:35:53 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_898.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Switcher.exe"="C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2006-02-14 13:11 176128]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2005-12-13 23:43 217088]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-03-14 20:10 116328]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 14:34 64512]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 15:07 49263]
"WD Button Manager"="WDBtnMgr.exe" [2008-01-31 19:26 364544 C:\WINDOWS\system32\WDBtnMgr.exe]
"ISUSPM"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 18:34 213936]
"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 18:38 583048]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-11-17 13:47 118784]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 14:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"gnowmebk"= {36A732A7-0590-4960-975B-D846C72DA9EC} - C:\WINDOWS\gnowmebk.dll [ ]
"pxgdslro"= {B76C1C4D-BDEE-4F5B-804C-C10BAF9DF47B} - C:\WINDOWS\pxgdslro.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2005-05-20 18:42 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"vidc.DIV3"= DivXc32.dll
"vidc.yv12"= yv12vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Alexis^Menu Démarrer^Programmes^Démarrage^Memeo AutoSync Launcher.lnk]
backup=C:\WINDOWS\pss\Memeo AutoSync Launcher.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Alexis^Menu Démarrer^Programmes^Démarrage^WD Anywhere Backup Launcher.lnk]
backup=C:\WINDOWS\pss\WD Anywhere Backup Launcher.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Orbit.lnk]
backup=C:\WINDOWS\pss\Orbit.lnkCommon Startup
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Orbit.lnk

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Privoxy.lnk]
backup=C:\WINDOWS\pss\Privoxy.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\54a58e5f]
--a------ 2004-08-10 14:00 33792 C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcctMgr]
C:\Program Files\Norton Password Manager\AcctMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
--a------ 2008-01-30 20:36 2476408 C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2005-06-23 21:33 57344 C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2006-10-23 01:48 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
--a------ 2007-06-08 10:18 2321600 C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-10 14:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
--a------ 2007-12-23 01:03 916240 C:\Program Files\Eraser\eraser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2008-04-26 00:13 29744 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2004-02-12 14:38 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
--a------ 2004-03-23 10:05 172032 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
--a------ 2004-02-20 15:12 32768 C:\Program Files\Sony\ISB Utility\ISBMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 10:36 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
--a------ 2007-02-08 01:12 488984 C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
--a------ 2007-02-08 01:13 774168 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon]
--a------ 2002-03-14 17:46 45056 C:\WINDOWS\system32\ico.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0]
C:\Program Files\Norton Ghost\Agent\GhostTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2004-08-10 14:00 33792 C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDService.exe]
-ra------ 2004-07-06 15:15 40960 C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a------ 2008-02-26 03:23 443968 C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SFS6]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
--a------ 2003-09-29 17:00 155648 C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 Agent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 File Redirection Starter]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 HotKeys]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 PasswordManagerFFAutoFill]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-04-06 19:38 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp MemOptimizer]
--a------ 2008-03-03 10:41 197888 C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOCameraUtility]
--a------ 2005-12-27 14:58 69632 C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 14:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMConsole.exe]
--a------ 2005-12-21 13:26 339968 C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--------- 2006-11-03 10:59 204288 C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 14:50 122880 C:\Program Files\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"usnjsvc"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 1

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"=
"C:\\Program Files\\Sony\\VAIO Media 5.0\\Vc.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 SSFS0BB8;Spy Sweeper File System Filer Driver: 0BB8;C:\WINDOWS\system32\Drivers\SSFS0BB8.SYS [2007-07-19 22:42]
R1 PrivateDisk;PrivateDisk;C:\WINDOWS\system32\Drivers\PrivateDiskM.sys [2004-07-06 15:07]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 18:55]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-10 14:00]
R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys [2007-01-24 14:46]
S0 gdxwdm;GDXWDM;C:\WINDOWS\system32\DRIVERS\GDXWDM.sys []
S3 AdWatchDrv;AW Realtime Driver;C:\WINDOWS\system32\drivers\AWRTPD.sys [2007-07-11 14:37]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 16:18]
S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-01-24 19:53]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-26 00:13]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [2005-07-14 20:10]
S3 SonyImgF;Sony Image Conversion Filter Driver;C:\WINDOWS\system32\DRIVERS\SonyImgF.sys [2005-12-27 08:22]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 18:23]
S3 tap0801;TAP-Win32 Adapter V8;C:\WINDOWS\system32\DRIVERS\tap0801.sys [2006-03-27 17:03]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-24 12:42]
S4 AutoSyncService;Memeo AutoSync service;"C:\Program Files\Memeo\AutoSync\MemeoService.exe" [2007-07-06 18:28]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - CATCHME
*Newly Created Service* - COMHOST
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-20 15:01:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-24 07:35:42 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
"2008-05-24 07:35:42 C:\WINDOWS\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-05-22 15:18:36 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-05-23 18:32:32 C:\WINDOWS\Tasks\User_Feed_Synchronization-{84670574-7F27-4867-93B0-670B7ECFB683}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-24 09:47:00
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-24 9:50:10
ComboFix-quarantined-files.txt 2008-05-24 07:50:00
ComboFix2.txt 2008-05-23 19:22:00
ComboFix3.txt 2008-05-23 17:56:13

Pre-Run: 8,518,787,072 octets libres
Post-Run: 8,501,657,600 octets libres

360 --- E O F --- 2008-05-16 04:48:39


ComboFix 08-05-21.3 - Alexis 2008-05-23 21:03:04.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.411 [GMT 2:00]
Endroit: C:\Documents and Settings\Alexis\Bureau\Reparation\ComboFix.exe
Command switches used :: C:\Documents and Settings\Alexis\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color

FILE ::
C:\WINDOWS\eavx.exe
C:\WINDOWS\gktxaspm.dll
C:\WINDOWS\gnowmebk.dll
C:\WINDOWS\mdtgkswr.exe
C:\WINDOWS\nldfmtapndk.dll
C:\WINDOWS\pxgdslro.dll
C:\WINDOWS\system32\eeahtbsg.dll
C:\WINDOWS\system32\gqfvutdt.dll
C:\WINDOWS\system32\kutubmce.dll
C:\WINDOWS\system32\mtogwxlu.dll
C:\WINDOWS\system32\tcjqhmtt.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Alexis\ANTI-SPYWARE eTrust.PestPatrol. v8.0.0.6(with serial keys)
C:\Documents and Settings\Alexis\ANTI-SPYWARE eTrust.PestPatrol. v8.0.0.6(with serial keys)\eTrust.PestPatrol.Anti-Spyware.v8.0.0.6.rar
C:\Documents and Settings\Alexis\ANTI-SPYWARE eTrust.PestPatrol. v8.0.0.6(with serial keys)\eTrust.PestPatrol.Anti-Spyware.v8.0.0.6\pptrialr8.exe
C:\Documents and Settings\Alexis\ANTI-SPYWARE eTrust.PestPatrol. v8.0.0.6(with serial keys)\eTrust.PestPatrol.Anti-Spyware.v8.0.0.6\READ ME!!!.txt
C:\WINDOWS\eavx.exe
C:\WINDOWS\mdtgkswr.exe
C:\WINDOWS\nldfmtapndk.dll
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\eeahtbsg.dll
C:\WINDOWS\system32\gqfvutdt.dll
C:\WINDOWS\system32\kutubmce.dll
C:\WINDOWS\system32\mtogwxlu.dll
C:\WINDOWS\system32\tcjqhmtt.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-23 to 2008-05-23 ))))))))))))))))))))))))))))))))))))
.

2008-05-23 20:18 . 2008-05-23 21:03 354 ---hs---- C:\WINDOWS\system32\ecmbutuk.ini
2008-05-23 20:18 . 2008-05-23 20:18 0 --a------ C:\WINDOWS\BM5796bdc3.xml
2008-05-23 19:56 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-05-23 19:23 . 2008-05-23 19:23 <REP> d-------- C:\VundoFix Backups
2008-05-23 18:50 . 2008-05-23 19:57 3,550 --a------ C:\WINDOWS\system32\tmp.reg
2008-05-23 18:50 . 2008-05-23 19:57 0 --a------ C:\WINDOWS\system32\tmp.MSNFix
2008-05-23 18:49 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-05-23 18:49 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-05-23 18:49 . 2008-05-15 23:22 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-05-23 18:49 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-05-23 18:49 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-05-23 18:49 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-05-23 18:49 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-05-23 18:36 . 2008-05-23 19:22 <REP> d-------- C:\Program Files\Navilog1
2008-05-23 18:10 . 2008-05-23 18:10 <REP> d-------- C:\Program Files\Trend Micro
2008-05-22 23:39 . 2008-05-22 23:39 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons
2008-05-22 21:26 . 2008-05-22 21:26 <REP> d-------- C:\Documents and Settings\Incomplete\FTACHJK44J4ZXNUO3GN5VBRWRYDOELFZ
2008-05-22 21:12 . 2008-05-22 21:12 0 --a------ C:\WINDOWS\pestpatrol5.INI
2008-05-22 21:04 . 2008-05-22 21:04 <REP> d-------- C:\Program Files\CA
2008-05-22 20:58 . 2008-05-22 20:58 <REP> d-------- C:\Documents and Settings\Alexis\Total Uninstall 4.8.0.562 Multilingual
2008-05-22 20:57 . 2008-05-22 21:16 17,706,611 --a------ C:\Documents and Settings\Alexis\Agnitum Outpost Firewall Pro v4.0.1025.zip
2008-05-22 19:37 . 2008-05-23 20:21 3,616 --a------ C:\WINDOWS\system32\PerfStringBackup.TMP
2008-05-22 19:33 . 2008-05-23 19:55 <REP> d-------- C:\WINDOWS\system32\CatRoot2
2008-05-22 19:31 . 2008-05-23 20:18 2,148 --a------ C:\WINDOWS\system32\wpa.dbl
2008-05-22 18:03 . 2008-05-22 18:03 143 --a------ C:\term.bat
2008-05-22 17:35 . 2008-05-22 17:35 <REP> d-------- C:\Documents and Settings\Incomplete\JOR2K44V4QZDISGCTFQFUEX33JGWWBGR
2008-05-22 17:32 . 2008-05-22 17:32 <REP> d-------- C:\Documents and Settings\Incomplete\CLWYQCLC7UG35RQEH2ARY3AOKITA55DD
2008-05-21 20:09 . 2008-05-21 20:09 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\DVDFab
2008-05-21 19:31 . 2008-05-21 19:31 <REP> d-------- C:\Program Files\DVDFab Platinum 4
2008-05-21 19:31 . 2008-05-21 20:17 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Vso
2008-05-21 19:31 . 2008-05-21 19:31 87,608 --a------ C:\Documents and Settings\Alexis\Application Data\inst.exe
2008-05-21 19:31 . 2008-05-21 19:31 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-05-21 19:31 . 2008-05-21 19:31 47,360 --a------ C:\Documents and Settings\Alexis\Application Data\pcouffin.sys
2008-05-21 19:29 . 2008-05-21 19:29 <REP> d-------- C:\Documents and Settings\Alexis\DVDFab Platinium 4.0.5.5 Full-Ghosthunter
2008-05-18 18:42 . 2008-05-18 18:42 <REP> d-------- C:\Program Files\Nero
2008-05-18 18:42 . 2008-05-18 18:44 <REP> d-------- C:\Program Files\Fichiers communs\Nero
2008-05-10 12:27 . 2008-05-10 12:27 <REP> d--hs---- C:\found.000
2008-05-08 10:40 . 2008-05-08 10:40 <REP> d-------- C:\Program Files\TagRename
2008-05-08 10:11 . 2008-05-08 10:11 495,104 --a------ C:\WINDOWS\system32\mp3tsshx.dll
2008-05-08 10:08 . 2008-05-08 10:08 <REP> d-------- C:\Program Files\Media Tagger
2008-05-07 17:56 . 2005-02-22 12:36 765,952 --a------ C:\WINDOWS\system32\CDDBUI.dll
2008-05-07 17:56 . 2005-02-22 12:37 589,824 --a------ C:\WINDOWS\system32\CDDBControl.dll
2008-05-07 17:56 . 2006-09-05 08:49 503,808 --a------ C:\WINDOWS\system32\MLAG2.ocx
2008-05-07 17:56 . 2000-12-05 20:00 415,176 --a------ C:\WINDOWS\system32\COMCT332.OCX
2008-05-07 17:56 . 2001-07-09 02:18 141,408 --a------ C:\WINDOWS\system32\dXPSystm.dll
2008-05-07 17:56 . 2004-03-09 01:00 132,880 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-05-07 17:56 . 1998-06-17 20:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-05-07 16:50 . 2008-05-07 16:50 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\AQUATRA
2008-05-04 11:32 . 2008-05-04 11:32 <REP> d-------- C:\WINDOWS\IP Changer
2008-05-04 09:19 . 2008-05-04 09:19 <REP> d-------- C:\WINDOWS\Caps
2008-05-03 10:38 . 2008-05-03 10:38 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-05-02 18:56 . 2007-07-19 22:42 20,280 --a------ C:\WINDOWS\system32\drivers\SSFS0BB8.sys
2008-05-01 20:36 . 2008-05-01 20:36 0 --a------ C:\WINDOWS\system32\SBRC.dat
2008-05-01 20:36 . 2008-05-01 20:36 0 --a------ C:\WINDOWS\system32\SBFC.dat
2008-05-01 20:32 . 2008-05-01 20:32 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Sunbelt Software
2008-04-27 14:40 . 2008-04-27 14:40 <REP> d-------- C:\WINDOWS\system32\Akamai Technologies
2008-04-27 12:08 . 2008-05-04 11:34 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\tor
2008-04-27 12:07 . 2008-04-27 12:07 <REP> d-------- C:\Program Files\Vidalia Bundle
2008-04-27 12:07 . 2008-05-04 11:35 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Vidalia

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-23 17:30 --------- d-----w C:\Program Files\Google
2008-05-23 17:00 --------- d-----w C:\Program Files\Conduit
2008-05-23 16:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-05-23 08:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-05-22 19:28 6,584 ----a-w C:\Documents and Settings\Incomplete\downloads.dat
2008-05-22 18:55 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-05-22 16:53 --------- d-----w C:\Program Files\FreeCommander
2008-05-22 16:40 --------- d-----w C:\Documents and Settings\Alexis\Application Data\Orbit
2008-05-21 19:05 --------- d-----w C:\Program Files\Notepad++
2008-05-21 19:05 --------- d-----w C:\Documents and Settings\Alexis\Application Data\Notepad++
2008-05-21 18:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\UniversalisV13
2008-05-18 16:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-05-10 11:50 --------- d-----w C:\Program Files\Opera
2008-05-10 11:36 --------- d-----w C:\Program Files\Audible
2008-05-10 08:45 --------- d-----w C:\Documents and Settings\Perrine\Application Data\Orbit
2008-05-09 06:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-02 10:04 --------- d-----w C:\Program Files\LimeWire
2008-04-29 11:10 --------- d-----w C:\Program Files\Creative
2008-04-28 17:53 --------- d-----w C:\Program Files\ScanSoft
2008-04-28 17:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-04-25 16:04 --------- d-----w C:\Program Files\Apple Software Update
2008-04-20 11:56 --------- d-----w C:\Program Files\iTunes
2008-04-20 11:56 --------- d-----w C:\Program Files\iPod
2008-04-20 11:53 --------- d-----w C:\Program Files\QuickTime
2008-04-11 19:08 --------- d-----w C:\Program Files\Picasa2
2008-04-08 17:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-04-08 17:32 --------- d-----w C:\Documents and Settings\Alexis\Application Data\TechSmith
2008-04-08 16:15 --------- d-----w C:\Program Files\TechSmith
2008-04-08 16:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\TechSmith
2008-04-08 16:14 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-31 15:55 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-03-29 14:59 --------- d-----w C:\Program Files\Activision
2008-03-29 14:47 --------- d-----w C:\Documents and Settings\Alexis\Application Data\FarStone
2008-03-29 14:44 --------- d-----w C:\Program Files\FarStone
2008-03-29 14:42 --------- d-----w C:\Program Files\temp
2008-03-28 18:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-28 06:47 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-03-28 06:47 --------- d-----w C:\Documents and Settings\Alexis\Application Data\DAEMON Tools
2008-03-26 15:52 --------- d-----w C:\Program Files\EasyPHP 2.0b1
2008-03-24 10:42 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-03-24 10:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-03-24 10:42 --------- d-----w C:\Documents and Settings\Alexis\Application Data\TuneUp Software
2008-03-23 20:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\iolo
2008-03-23 20:39 --------- d-----w C:\Documents and Settings\Alexis\Application Data\iolo
2008-03-23 19:55 --------- d-----w C:\Program Files\DupeEliminator
2008-03-23 19:47 --------- d-----w C:\Program Files\RomStation
2008-03-16 11:33 57,344 ----a-w C:\Documents and Settings\Alexis\lametritonus.dll
2008-03-16 11:33 162,304 ----a-w C:\Documents and Settings\Alexis\lame_enc.dll
2008-03-09 11:27 772 ----a-w C:\Documents and Settings\Alexis\Application Data\wklnhst.dat
2008-03-07 17:46 461 ----a-w C:\Documents and Settings\Alexis\Jscript.reg
2007-12-24 18:57 4,532,651 ----a-w C:\Program Files\EasyWMVDemo.dmg
2007-12-24 17:56 54,330,664 ----a-w C:\Program Files\iTunesSetup.exe
2007-09-29 10:23 498,552 ----a-w C:\Program Files\setup.exe
2007-06-13 13:22 22,040 ---ha-w C:\Documents and Settings\Xavier\Application Data\addon.dat
2007-06-13 13:22 22,040 ---h--w C:\Documents and Settings\Perrine\Application Data\addon.dat
2007-05-14 18:11 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-05-05 19:01 16,590,480 ----a-w C:\Program Files\jre-1_5_0_10-windows-i586-p-s.exe
2007-05-05 18:31 6,943,028 ----a-w C:\Program Files\installpro.exe
2007-04-19 10:50 53,062 ----a-w C:\Program Files\__def.rip2
2007-04-19 10:46 493 ----a-w C:\Program Files\versions.xml
2007-04-19 10:44 19,473,146 ----a-w C:\Program Files\RI4M_v501d_setup.exe
2007-03-07 17:19 295 ----a-w C:\Program Files\iepatch.reg
2007-03-02 12:06 8,344,627 ----a-w C:\Program Files\sfs6int.exe
2007-02-23 09:23 535,512 ----a-w C:\Program Files\pllangs.exe
2006-10-26 17:33 0 ----a-w C:\Documents and Settings\Perrine\Application Data\wklnhst.dat
2006-10-21 19:20 0 ----a-w C:\Documents and Settings\Xavier\Application Data\wklnhst.dat
2006-03-20 13:47 0 ----a-w C:\Documents and Settings\Alexis\CONFIG.SYS
2006-03-20 13:47 0 ----a-w C:\Documents and Settings\Alexis\AUTOEXEC.BAT
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2008-02-16 13:49 11,270 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-12-17 13:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll
.

((((((((((((((((((((((((((((( snapshot@2008-05-23_19.55.56.64 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-23 17:40:15 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-23 19:11:06 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-23 19:13:16 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_a04.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Switcher.exe"="C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2006-02-14 13:11 176128]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2005-12-13 23:43 217088]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-03-14 20:10 116328]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 14:34 64512]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 15:07 49263]
"WD Button Manager"="WDBtnMgr.exe" [2008-01-31 19:26 364544 C:\WINDOWS\system32\WDBtnMgr.exe]
"ISUSPM"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 18:34 213936]
"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 18:38 583048]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-11-17 13:47 118784]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 14:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"gnowmebk"= {36A732A7-0590-4960-975B-D846C72DA9EC} - C:\WINDOWS\gnowmebk.dll [ ]
"pxgdslro"= {B76C1C4D-BDEE-4F5B-804C-C10BAF9DF47B} - C:\WINDOWS\pxgdslro.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2005-05-20 18:42 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"vidc.DIV3"= DivXc32.dll
"vidc.yv12"= yv12vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Alexis^Menu Démarrer^Programmes^Démarrage^Memeo AutoSync Launcher.lnk]
backup=C:\WINDOWS\pss\Memeo AutoSync Launcher.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Alexis^Menu Démarrer^Programmes^Démarrage^WD Anywhere Backup Launcher.lnk]
backup=C:\WINDOWS\pss\WD Anywhere Backup Launcher.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Orbit.lnk]
backup=C:\WINDOWS\pss\Orbit.lnkCommon Startup
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Orbit.lnk

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Privoxy.lnk]
backup=C:\WINDOWS\pss\Privoxy.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\54a58e5f]
--a------ 2004-08-10 14:00 33792 C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcctMgr]
C:\Program Files\Norton Password Manager\AcctMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
--a------ 2008-01-30 20:36 2476408 C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2006-10-23 01:48 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
--a------ 2007-06-08 10:18 2321600 C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-10 14:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
--a------ 2007-12-23 01:03 916240 C:\Program Files\Eraser\eraser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2008-04-26 00:13 29744 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2004-02-12 14:38 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
--a------ 2004-03-23 10:05 172032 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
--a------ 2004-02-20 15:12 32768 C:\Program Files\Sony\ISB Utility\ISBMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 10:36 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
--a------ 2007-02-08 01:12 488984 C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
--a------ 2007-02-08 01:13 774168 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon]
--a------ 2002-03-14 17:46 45056 C:\WINDOWS\system32\ico.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0]
C:\Program Files\Norton Ghost\Agent\GhostTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2004-08-10 14:00 33792 C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDService.exe]
-ra------ 2004-07-06 15:15 40960 C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a------ 2008-02-26 03:23 443968 C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SFS6]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
--a------ 2003-09-29 17:00 155648 C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 Agent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 File Redirection Starter]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 HotKeys]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 PasswordManagerFFAutoFill]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-04-06 19:38 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp MemOptimizer]
--a------ 2008-03-03 10:41 197888 C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOCameraUtility]
--a------ 2005-12-27 14:58 69632 C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 14:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMConsole.exe]
--a------ 2005-12-21 13:26 339968 C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--------- 2006-11-03 10:59 204288 C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 14:50 122880 C:\Program Files\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"usnjsvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 1

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"=
"C:\\Program Files\\Sony\\VAIO Media 5.0\\Vc.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 SSFS0BB8;Spy Sweeper File System Filer Driver: 0BB8;C:\WINDOWS\system32\Drivers\SSFS0BB8.SYS [2007-07-19 22:42]
R1 PrivateDisk;PrivateDisk;C:\WINDOWS\system32\Drivers\PrivateDiskM.sys [2004-07-06 15:07]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 18:55]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-10 14:00]
R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys [2007-01-24 14:46]
S0 gdxwdm;GDXWDM;C:\WINDOWS\system32\DRIVERS\GDXWDM.sys []
S3 AdWatchDrv;AW Realtime Driver;C:\WINDOWS\system32\drivers\AWRTPD.sys [2007-07-11 14:37]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 16:18]
S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-01-24 19:53]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-26 00:13]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [2005-07-14 20:10]
S3 SonyImgF;Sony Image Conversion Filter Driver;C:\WINDOWS\system32\DRIVERS\SonyImgF.sys [2005-12-27 08:22]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 18:23]
S3 tap0801;TAP-Win32 Adapter V8;C:\WINDOWS\system32\DRIVERS\tap0801.sys [2006-03-27 17:03]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-24 12:42]
S4 AutoSyncService;Memeo AutoSync service;"C:\Program Files\Memeo\AutoSync\MemeoService.exe" [2007-07-06 18:28]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - COMHOST
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-20 15:01:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-23 19:00:01 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
"2008-05-23 18:16:17 C:\WINDOWS\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-05-22 15:18:36 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-05-23 18:32:32 C:\WINDOWS\Tasks\User_Feed_Synchronization-{84670574-7F27-4867-93B0-670B7ECFB683}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-23 21:11:54
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPROXY.EXE
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Share

Ok

Copie le texte ci-dessous :

File::
C:\WINDOWS\system32\ecmbutuk.ini
C:\WINDOWS\BM5796bdc3.xml
C:\WINDOWS\system32\tmp.reg
C:\term.bat

Folder::
C:\VundoFix Backups
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons
C:\Documents and Settings\Incomplete\FTACHJK44J4ZXNUO3GN5VBRWRYDOELFZ
C:\Documents and Settings\Incomplete\JOR2K44V4QZDISGCTFQFUEX33JGWWBGR
C:\Documents and Settings\Incomplete\CLWYQCLC7UG35RQEH2ARY3AOKITA55DD
C:\Program Files\temp

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.­gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

puis fais ce que je t´ai indiqué au post 3

donc post le rapport de combofix, celui de malwarebytes et un nouveau rapport hijack this

@+
Le meilleur moyen de faire tourner la tête à une femme, c'est de lui dire qu'elle a un joli profil

OK cela risque de prendre un peu de temps (malwarebytes met un certain temps). Donc n'hésite pas a revenir si tu part. Merci pour tout

Oui je sais ca va etre long...
je vais m´absenter a un moment, samedi soir oblige, mais je repasserais, et puis je pars pas de suite...
Le meilleur moyen de faire tourner la tête à une femme, c'est de lui dire qu'elle a un joli profil

Re voici les rapports attendu
J'espère que tu es toujours la,

ComboFix 08-05-21.3 - Alexis 2008-05-24 18:46:08.4 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.420 [GMT 2:00]
Endroit: C:\Documents and Settings\Alexis\Bureau\Reparation\ComboFix.exe
Command switches used :: C:\Documents and Settings\Alexis\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color

FILE ::
C:\term.bat
C:\WINDOWS\BM5796bdc3.xml
C:\WINDOWS\system32\ecmbutuk.ini
C:\WINDOWS\system32\tmp.reg
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Alexis\Application Data\inst.exe
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\360Share Pro.lnk
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\CCleaner.lnk
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\DVDFab Platinum 4.lnk
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\FairUse Wizard 2.lnk
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\FreeCommander.lnk
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\Orbit.lnk
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\Spybot - Search & Destroy.lnk
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\SpywareBlaster.lnk
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\Tag&Rename.lnk
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\TuneUp Utilities 2008 (2).lnk
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\Windows Live Messenger .lnk
C:\Documents and Settings\Alexis\Application Data\TmpRecentIcons\WinSCP.lnk
C:\Documents and Settings\Incomplete\CLWYQCLC7UG35RQEH2ARY3AOKITA55DD
C:\Documents and Settings\Incomplete\CLWYQCLC7UG35RQEH2ARY3AOKITA55DD\.datIndiana.Jones.And.The.Kingdom.Of.The.Crystal.Skull.FRENCH.CAM.XVID.CaRNaGE.Upload (Steph53)..avi
C:\Documents and Settings\Incomplete\CLWYQCLC7UG35RQEH2ARY3AOKITA55DD\Indiana.Jones.And.The.Kingdom.Of.The.Crystal.Skull.FRENCH.CAM.XVID.CaRNaGE.Upload (Steph53)..avi
C:\Documents and Settings\Incomplete\FTACHJK44J4ZXNUO3GN5VBRWRYDOELFZ
C:\Documents and Settings\Incomplete\FTACHJK44J4ZXNUO3GN5VBRWRYDOELFZ\.datsbpro
C:\Documents and Settings\Incomplete\FTACHJK44J4ZXNUO3GN5VBRWRYDOELFZ\sbpro\sbpro.exe
C:\Documents and Settings\Incomplete\FTACHJK44J4ZXNUO3GN5VBRWRYDOELFZ\sbpro\snd-spyblockerpro2.x.universalpatch\file_id.diz
C:\Documents and Settings\Incomplete\FTACHJK44J4ZXNUO3GN5VBRWRYDOELFZ\sbpro\snd-spyblockerpro2.x.universalpatch\RegInfo.txt
C:\Documents and Settings\Incomplete\FTACHJK44J4ZXNUO3GN5VBRWRYDOELFZ\sbpro\snd-spyblockerpro2.x.universalpatch\snd.nfo
C:\Documents and Settings\Incomplete\FTACHJK44J4ZXNUO3GN5VBRWRYDOELFZ\sbpro\snd-spyblockerpro2.x.universalpatch\SpyBlocker Pro 2.x Patch.exe
C:\Documents and Settings\Incomplete\JOR2K44V4QZDISGCTFQFUEX33JGWWBGR
C:\Documents and Settings\Incomplete\JOR2K44V4QZDISGCTFQFUEX33JGWWBGR\.datIndiana.Jones.And.The.Kingdom.Of.The.Crystal.Skull.FRENCH.CAM.XviD-CaRNaGe
C:\Documents and Settings\Incomplete\JOR2K44V4QZDISGCTFQFUEX33JGWWBGR\Indiana.Jones.And.The.Kingdom.Of.The.Crystal.Skull.FRENCH.CAM.XviD-CaRNaGe\carnage-indy4.avi
C:\Documents and Settings\Incomplete\JOR2K44V4QZDISGCTFQFUEX33JGWWBGR\Indiana.Jones.And.The.Kingdom.Of.The.Crystal.Skull.FRENCH.CAM.XviD-CaRNaGe\carnage-indy4.nfo
C:\Documents and Settings\Incomplete\JOR2K44V4QZDISGCTFQFUEX33JGWWBGR\Indiana.Jones.And.The.Kingdom.Of.The.Crystal.Skull.FRENCH.CAM.XviD-CaRNaGe\Sample\carnage-indy4-sample.avi
C:\Program Files\temp
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\[u]0/ux0409.ini
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\1033.mst
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\about.bmp
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\About_RC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\Building_RC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\BuildProcess_RC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\BuildVCD_RC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\BuildVCDFromCD_RC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\Chttpdownload_RC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\Common_RC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\Create_RC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\DcsplnRC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\ESD\evalbg.bmp
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\Eula.rtf
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\Eval_rc.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\fsExFnRC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\fsmesrc.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\FsVcdCntntRc.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\GDIErrorRC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\gdtask_RC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\IsoGenRc.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\LiveUpdate_RC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\logo.bmp
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\Mgr.CHM
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\MGR_RC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\RcacheRC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\Readme.txt
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\Reseller\evalbg.bmp
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\taskmap.bmp
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\VCDPROPRC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\VCkNFSExRC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\VGDShlRc.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\WebRegRC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\409\XDriveRC.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\About.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\atl.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Building.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\BuildProcess.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\BuildVCD.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\BuildVCDFromCD.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\CHttpDownload.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\COMCTL32.DLL
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Create.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\DcSpln.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Drivers\Win2kXP\gdxwdm.sys
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Drivers\WinNT\gdxwdm.sys
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Drivers\WinNT2KXP\SmartCdx.sys
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\DxpApp.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\EJECT.AVI
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\ESD\Eval.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\farstone.avi
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\FarTCP.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\FSCFL.Sys
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\FsGetVcdInfo.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\fsGExFn.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\FsLodLib.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\fsmesbox.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\FSRunCmd.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\FsVcdCntnt.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\GCDPlayx.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\GDExtend.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\GDIErrorEx.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\GDrive.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\gdtask.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\hhupd.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\INF\Win2k\gdxwdm.inf
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\INF\Win9x\GDXWDM.inf
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\INF\WINNTXP\gdxwdm.inf
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\INSERT.AVI
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Iosubsys\cdio32ex.vxd
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Iosubsys\gdxwdm.mpd
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Iosubsys\SmartCd.vxd
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\IsoGen.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\LiveUpdate.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\LogDLL.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Logo.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\LUForEx.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\LUFSCFL.sys
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\MGR.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\MGR.ico
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\mm10.cab
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\MM77.cab
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\msvcp60.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\NFList.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\OLEAUT32.DLL
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\asycfilt.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\comcat.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\comct232.ocx
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\comctl32.ocx
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\mfc42.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\mscomctl.ocx
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\msvcirt.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\msvcp60.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\msvcrt.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\oleaut32.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\olepro32.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Redist\MS\System\stdole2.tlb
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\REFRESH.DLL
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Refresh32.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Reg_GD.dat
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\REGSVR32.EXE
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Reseller\Eval.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\ResUnist.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Setup.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\SndFmt.sav
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\TreeList.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\VCDPROP.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\VCkNFSEx.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\VDExtend.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\VDFiles.cab
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\VGDShell.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\vssver.scc
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\WebReg.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\Win9x\rcache.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\WinNT\comctl32.dll
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\WinNT\Rcache.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\WMFASetup.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Files\WNASPI32.DLL
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\GameDrive.msi
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\gdpro.cab
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\instmsia.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\instmsiw.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\isscript.msi
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\logo.bmp
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\setup.exe
C:\Program Files\temp\GD711_ESD_03053118_ENGLISH_UNITEDSTATES\Setup.ini
C:\term.bat
C:\WINDOWS\system32\tmp.reg

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-24 to 2008-05-24 ))))))))))))))))))))))))))))))))))))
.

2008-05-24 18:30 . 2008-05-24 18:30 <REP> d-------- C:\Program Files\Sunbelt Software
2008-05-24 16:54 . 2008-05-24 16:54 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-24 16:54 . 2008-05-24 16:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-24 16:54 . 2008-05-24 16:54 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Malwarebytes
2008-05-24 16:54 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-24 16:54 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-24 15:11 . 2008-05-24 15:11 1,223 --a------ C:\WINDOWS\Inv.cmp
2008-05-24 13:42 . 2008-05-24 13:42 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Grisoft
2008-05-24 13:41 . 2008-05-24 13:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-24 13:41 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-05-24 12:01 . 2008-05-24 18:27 <REP> d-------- C:\Program Files\Fichiers communs\Agnitum Shared
2008-05-24 12:01 . 2008-05-24 12:01 <REP> d-------- C:\Program Files\Agnitum
2008-05-24 10:03 . 2008-05-24 10:05 <REP> d-------- C:\Program Files\Panda Security
2008-05-23 19:56 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-05-23 18:50 . 2008-05-23 19:57 0 --a------ C:\WINDOWS\system32\tmp.MSNFix
2008-05-23 18:49 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-05-23 18:49 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-05-23 18:49 . 2008-05-15 23:22 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-05-23 18:49 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-05-23 18:49 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-05-23 18:49 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-05-23 18:49 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-05-23 18:36 . 2008-05-23 19:22 <REP> d-------- C:\Program Files\Navilog1
2008-05-23 18:10 . 2008-05-23 18:10 <REP> d-------- C:\Program Files\Trend Micro
2008-05-22 21:12 . 2008-05-22 21:12 0 --a------ C:\WINDOWS\pestpatrol5.INI
2008-05-22 21:04 . 2008-05-22 21:04 <REP> d-------- C:\Program Files\CA
2008-05-22 20:58 . 2008-05-22 20:58 <REP> d-------- C:\Documents and Settings\Alexis\Total Uninstall 4.8.0.562 Multilingual
2008-05-22 20:57 . 2008-05-22 21:16 17,706,611 --a------ C:\Documents and Settings\Alexis\Agnitum Outpost Firewall Pro v4.0.1025.zip
2008-05-22 19:37 . 2008-05-24 15:33 3,616 --a------ C:\WINDOWS\system32\PerfStringBackup.TMP
2008-05-22 19:33 . 2008-05-24 18:09 <REP> d-------- C:\WINDOWS\system32\CatRoot2
2008-05-22 19:31 . 2008-05-24 15:29 2,148 --a------ C:\WINDOWS\system32\wpa.dbl
2008-05-21 20:09 . 2008-05-21 20:09 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\DVDFab
2008-05-21 19:31 . 2008-05-24 11:13 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Vso
2008-05-21 19:31 . 2008-05-21 19:31 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-05-21 19:31 . 2008-05-24 11:13 47,360 --a------ C:\Documents and Settings\Alexis\Application Data\pcouffin.sys
2008-05-21 19:29 . 2008-05-21 19:29 <REP> d-------- C:\Documents and Settings\Alexis\DVDFab Platinium 4.0.5.5 Full-Ghosthunter
2008-05-18 18:42 . 2008-05-18 18:42 <REP> d-------- C:\Program Files\Nero
2008-05-10 12:27 . 2008-05-10 12:27 <REP> d--hs---- C:\found.000
2008-05-08 10:40 . 2008-05-08 10:40 <REP> d-------- C:\Program Files\TagRename
2008-05-08 10:11 . 2008-05-08 10:11 495,104 --a------ C:\WINDOWS\system32\mp3tsshx.dll
2008-05-08 10:08 . 2008-05-08 10:08 <REP> d-------- C:\Program Files\Media Tagger
2008-05-07 17:56 . 2005-02-22 12:36 765,952 --a------ C:\WINDOWS\system32\CDDBUI.dll
2008-05-07 17:56 . 2005-02-22 12:37 589,824 --a------ C:\WINDOWS\system32\CDDBControl.dll
2008-05-07 17:56 . 2006-09-05 08:49 503,808 --a------ C:\WINDOWS\system32\MLAG2.ocx
2008-05-07 17:56 . 2000-12-05 20:00 415,176 --a------ C:\WINDOWS\system32\COMCT332.OCX
2008-05-07 17:56 . 2001-07-09 02:18 141,408 --a------ C:\WINDOWS\system32\dXPSystm.dll
2008-05-07 17:56 . 2004-03-09 01:00 132,880 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-05-07 17:56 . 1998-06-17 20:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-05-07 16:50 . 2008-05-07 16:50 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\AQUATRA
2008-05-04 11:32 . 2008-05-04 11:32 <REP> d-------- C:\WINDOWS\IP Changer
2008-05-04 09:19 . 2008-05-04 09:19 <REP> d-------- C:\WINDOWS\Caps
2008-05-03 10:38 . 2008-05-03 10:38 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-05-02 18:56 . 2007-07-19 22:42 20,280 --a------ C:\WINDOWS\system32\drivers\SSFS0BB8.sys
2008-05-01 20:36 . 2008-05-01 20:36 0 --a------ C:\WINDOWS\system32\SBRC.dat
2008-05-01 20:36 . 2008-05-01 20:36 0 --a------ C:\WINDOWS\system32\SBFC.dat
2008-05-01 20:32 . 2008-05-01 20:32 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Sunbelt Software
2008-04-27 14:40 . 2008-04-27 14:40 <REP> d-------- C:\WINDOWS\system32\Akamai Technologies
2008-04-27 12:08 . 2008-05-04 11:34 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\tor
2008-04-27 12:07 . 2008-04-27 12:07 <REP> d-------- C:\Program Files\Vidalia Bundle
2008-04-27 12:07 . 2008-05-04 11:35 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Vidalia

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-24 14:43 --------- d-----w C:\Program Files\QuickTime
2008-05-24 13:36 --------- d-----w C:\Program Files\FreeCommander
2008-05-24 09:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-05-24 08:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-05-23 19:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-05-23 17:30 --------- d-----w C:\Program Files\Google
2008-05-23 17:00 --------- d-----w C:\Program Files\Conduit
2008-05-22 19:28 6,584 ----a-w C:\Documents and Settings\Incomplete\downloads.dat
2008-05-22 18:55 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-05-22 16:40 --------- d-----w C:\Documents and Settings\Alexis\Application Data\Orbit
2008-05-21 19:05 --------- d-----w C:\Program Files\Notepad++
2008-05-21 19:05 --------- d-----w C:\Documents and Settings\Alexis\Application Data\Notepad++
2008-05-21 18:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\UniversalisV13
2008-05-10 11:50 --------- d-----w C:\Program Files\Opera
2008-05-10 11:36 --------- d-----w C:\Program Files\Audible
2008-05-10 08:45 --------- d-----w C:\Documents and Settings\Perrine\Application Data\Orbit
2008-05-09 06:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-02 10:04 --------- d-----w C:\Program Files\LimeWire
2008-04-29 11:10 --------- d-----w C:\Program Files\Creative
2008-04-28 17:53 --------- d-----w C:\Program Files\ScanSoft
2008-04-28 17:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-04-25 16:04 --------- d-----w C:\Program Files\Apple Software Update
2008-04-20 11:56 --------- d-----w C:\Program Files\iTunes
2008-04-20 11:56 --------- d-----w C:\Program Files\iPod
2008-04-11 19:08 --------- d-----w C:\Program Files\Picasa2
2008-04-08 17:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-04-08 17:32 --------- d-----w C:\Documents and Settings\Alexis\Application Data\TechSmith
2008-04-08 16:15 --------- d-----w C:\Program Files\TechSmith
2008-04-08 16:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\TechSmith
2008-04-08 16:14 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-31 15:55 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-03-29 14:59 --------- d-----w C:\Program Files\Activision
2008-03-29 14:47 --------- d-----w C:\Documents and Settings\Alexis\Application Data\FarStone
2008-03-29 14:44 5,501 ----a-w C:\WINDOWS\system32\dptlcg32.dll
2008-03-29 14:44 --------- d-----w C:\Program Files\FarStone
2008-03-28 18:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-28 06:47 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-03-28 06:47 --------- d-----w C:\Documents and Settings\Alexis\Application Data\DAEMON Tools
2008-03-26 15:52 --------- d-----w C:\Program Files\EasyPHP 2.0b1
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-24 10:42 307,968 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-03-24 10:42 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-03-24 10:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-03-24 10:42 --------- d-----w C:\Documents and Settings\Alexis\Application Data\TuneUp Software
2008-03-23 20:39 74,703 ----a-w C:\WINDOWS\system32\mfc45.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-16 11:33 57,344 ----a-w C:\Documents and Settings\Alexis\lametritonus.dll
2008-03-16 11:33 162,304 ----a-w C:\Documents and Settings\Alexis\lame_enc.dll
2008-03-09 11:27 772 ----a-w C:\Documents and Settings\Alexis\Application Data\wklnhst.dat
2008-03-07 17:46 461 ----a-w C:\Documents and Settings\Alexis\Jscript.reg
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-27 12:15 28,416 ----a-w C:\WINDOWS\system32\uxtuneup.dll
2007-12-24 18:57 4,532,651 ----a-w C:\Program Files\EasyWMVDemo.dmg
2007-12-24 17:56 54,330,664 ----a-w C:\Program Files\iTunesSetup.exe
2007-05-14 18:11 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-05-05 19:01 16,590,480 ----a-w C:\Program Files\jre-1_5_0_10-windows-i586-p-s.exe
2007-05-05 18:31 6,943,028 ----a-w C:\Program Files\installpro.exe
2007-04-19 10:50 53,062 ----a-w C:\Program Files\__def.rip2
2007-04-19 10:46 493 ----a-w C:\Program Files\versions.xml
2007-04-19 10:44 19,473,146 ----a-w C:\Program Files\RI4M_v501d_setup.exe
2007-03-07 17:19 295 ----a-w C:\Program Files\iepatch.reg
2007-03-02 12:06 8,344,627 ----a-w C:\Program Files\sfs6int.exe
2007-02-23 09:23 535,512 ----a-w C:\Program Files\pllangs.exe
2006-10-26 17:33 0 ----a-w C:\Documents and Settings\Perrine\Application Data\wklnhst.dat
2006-10-21 19:20 0 ----a-w C:\Documents and Settings\Xavier WINDAL\Application Data\wklnhst.dat
2006-03-20 13:47 0 ----a-w C:\Documents and Settings\Alexis\CONFIG.SYS
2006-03-20 13:47 0 ----a-w C:\Documents and Settings\Alexis\AUTOEXEC.BAT
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2008-02-16 13:49 11,270 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-12-17 13:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll
.

((((((((((((((((((((((((((((( snapshot@2008-05-23_19.55.56.64 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-23 17:40:15 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-24 13:26:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2007-07-18 11:49:56 12,592 ----a-w C:\WINDOWS\Downloaded Program Files\libcomm.dll
+ 2008-05-24 16:30:41 18,718 ----a-r C:\WINDOWS\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\ARPPRODUCTICON.exe
+ 2008-05-24 16:30:41 18,718 ----a-r C:\WINDOWS\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut1_E659E0EE10E649B7869660F38D0EB174.exe
+ 2008-05-24 16:30:41 18,718 ----a-r C:\WINDOWS\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe
+ 2007-04-26 08:21:30 302,000 ----a-w C:\WINDOWS\system32\drivers\fwdrv.sys
+ 2007-04-26 08:21:34 72,624 ----a-w C:\WINDOWS\system32\drivers\khips.sys
+ 2008-05-24 13:42:03 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_520.dat
+ 2008-05-24 13:27:56 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_8f0.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2005-12-13 23:43 217088]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-03-14 20:10 116328]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 14:34 64512]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 15:07 49263]
"WD Button Manager"="WDBtnMgr.exe" [2008-01-31 19:26 364544 C:\WINDOWS\system32\WDBtnMgr.exe]
"ISUSPM"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 18:34 213936]
"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 18:38 583048]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-11-17 13:47 118784]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"OutpostFeedBack"="C:\PROGRA~1\Agnitum\OUTPOS~1.0\feedback.exe" [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2005-05-20 18:42 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\google\google~1\goec62~1.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"vidc.DIV3"= DivXc32.dll
"vidc.yv12"= yv12vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Alexis^Menu Démarrer^Programmes^Démarrage^Memeo AutoSync Launcher.lnk]
backup=C:\WINDOWS\pss\Memeo AutoSync Launcher.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Alexis^Menu Démarrer^Programmes^Démarrage^WD Anywhere Backup Launcher.lnk]
backup=C:\WINDOWS\pss\WD Anywhere Backup Launcher.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Orbit.lnk]
backup=C:\WINDOWS\pss\Orbit.lnkCommon Startup
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Orbit.lnk

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Privoxy.lnk]
backup=C:\WINDOWS\pss\Privoxy.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\54a58e5f]
--a------ 2004-08-10 14:00 33792 C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcctMgr]
C:\Program Files\Norton Password Manager\AcctMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
--a------ 2008-01-30 20:36 2476408 C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2005-06-23 21:33 57344 C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2006-10-23 01:48 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
--a------ 2007-06-08 10:18 2321600 C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-10 14:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
--a------ 2007-12-23 01:03 916240 C:\Program Files\Eraser\eraser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2008-04-26 00:13 29744 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2004-02-12 14:38 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
--a------ 2004-03-23 10:05 172032 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
--a------ 2004-02-20 15:12 32768 C:\Program Files\Sony\ISB Utility\ISBMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 10:36 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
--a------ 2007-02-08 01:12 488984 C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
--a------ 2007-02-08 01:13 774168 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon]
--a------ 2002-03-14 17:46 45056 C:\WINDOWS\system32\ico.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0]
C:\Program Files\Norton Ghost\Agent\GhostTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2004-08-10 14:00 33792 C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDService.exe]
-ra------ 2004-07-06 15:15 40960 C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a------ 2008-02-26 03:23 443968 C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SFS6]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
--a------ 2003-09-29 17:00 155648 C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 Agent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 File Redirection Starter]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 HotKeys]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSS2007 PasswordManagerFFAutoFill]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-04-06 19:38 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp MemOptimizer]
--a------ 2008-03-03 10:41 197888 C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOCameraUtility]
--a------ 2005-12-27 14:58 69632 C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 14:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMConsole.exe]
--a------ 2005-12-21 13:26 339968 C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--------- 2006-11-03 10:59 204288 C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 14:50 122880 C:\Program Files\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"usnjsvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"=
"C:\\Program Files\\Sony\\VAIO Media 5.0\\Vc.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 SSFS0BB8;Spy Sweeper File System Filer Driver: 0BB8;C:\WINDOWS\system32\Drivers\SSFS0BB8.SYS [2007-07-19 22:42]
R1 PrivateDisk;PrivateDisk;C:\WINDOWS\system32\Drivers\PrivateDiskM.sys [2004-07-06 15:07]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 18:55]
R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys [2007-01-24 14:46]
R4 VFILT;Outpost Firewall Kernel Driver;C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\2000\FILTNT.SYS []
S0 gdxwdm;GDXWDM;C:\WINDOWS\system32\DRIVERS\GDXWDM.sys []
S3 AdWatchDrv;AW Realtime Driver;C:\WINDOWS\system32\drivers\AWRTPD.sys [2007-07-11 14:37]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 16:18]
S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-01-24 19:53]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-26 00:13]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [2005-07-14 20:10]
S3 SonyImgF;Sony Image Conversion Filter Driver;C:\WINDOWS\system32\DRIVERS\SonyImgF.sys [2005-12-27 08:22]
S3 tap0801;TAP-Win32 Adapter V8;C:\WINDOWS\system32\DRIVERS\tap0801.sys [2006-03-27 17:03]
S4 AutoSyncService;Memeo AutoSync service;"C:\Program Files\Memeo\AutoSync\MemeoService.exe" [2007-07-06 18:28]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - ARP.DLL
*Newly Created Service* - COMHOST
*Newly Created Service* - IPFILTERDRIVER
*Newly Created Service* - SECRET.DLL
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-20 15:01:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-24 16:00:02 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
"2008-05-24 15:00:05 C:\WINDOWS\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-05-22 15:18:36 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-05-23 18:32:32 C:\WINDOWS\Tasks\User_Feed_Synchronization-{84670574-7F27-4867-93B0-670B7ECFB683}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-24 18:53:31
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-24 18:59:31
ComboFix-quarantined-files.txt 2008-05-24 16:59:15
ComboFix2.txt 2008-05-24 07:50:11
ComboFix3.txt 2008-05-23 19:22:00
ComboFix4.txt 2008-05-23 17:56:13

Pre-Run: 8,130,658,304 octets libres
Post-Run: 8,070,238,208 octets libres

525 --- E O F --- 2008-05-16 04:48:39


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:02:49, on 24/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll
O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll
O3 - Toolbar: Google Bloc-notes - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [OutpostFeedBack] C:\PROGRA~1\Agnitum\OUTPOS~1.0\feedback.exe /dump:os_startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Page à noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll/gn_menu1.html
O8 - Extra context menu item: À noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--995133581.dll/gn_menu2.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O20 - AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
End of file - 15291 bytes



Malwarebytes' Anti-Malware 1.12
Version de la base de données: 783

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 158089
Temps écoulé: 1 hour(s), 19 minute(s), 12 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gktxaspm.bdwg (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gktxaspm.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\e405.e405mgr (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss

Ok

je voie que tu as kerio

ne voudrais tu pas desinstaller norton pour le remplacer par antivir, pour effectuer un scan ?

@+
Le meilleur moyen de faire tourner la tête à une femme, c'est de lui dire qu'elle a un joli profil

Euh non norton je l'ai payé et il me rest 480 jours
ta pa une autre solution?
Norton est si pouri que ca?

Oui j´ai une autre solution ;-)

mais norton il craind.

regarde ceci pour preuve :

http://www.matbe.com/articles/lire/81/comparatif-de-8-anti-v­irus/page34.php

bon les antivirus sont testé sans par feu et sans antispyware mais quand meme !

Fais un scan en ligne Kaspersky avec Internet Explorer :
http://webscanner.kaspersky.fr/
-> Click sur Démarrer Online-Scanner
-> Click maintenant sur J'accepte.
-> Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
-> Patiente pendant l'installation des Mises à jour.
-> Choisis par la suite l'analyse du Poste de travail.
-> Sauvegarde puis colle le rapport généré en fin d'analyse.

@+
Le meilleur moyen de faire tourner la tête à une femme, c'est de lui dire qu'elle a un joli profil