PROBLEME AVEC SYSTEME32
Dernière réponse : dans Sécurité
Bonjour a tous,
voilà quand j'allume mon pc le message suivant s affiche
c:windows/systeme32/bmclbmhw.dll
depuis je ne peut plus ouvir internet explorer et bien d'autre aplication car j'ai souvent des message d'erreur qui oblige a fermer les aplications en cou, type de message deja vu :
rundll32.exe
iexplorer.exe
hopwuschd2.exe
cordbg.exe
j'ai mis plusieur logiciel de reparation sans succes, une aide serait la bien venue
Merci
Franck
voilà quand j'allume mon pc le message suivant s affiche
c:windows/systeme32/bmclbmhw.dll
depuis je ne peut plus ouvir internet explorer et bien d'autre aplication car j'ai souvent des message d'erreur qui oblige a fermer les aplications en cou, type de message deja vu :
rundll32.exe
iexplorer.exe
hopwuschd2.exe
cordbg.exe
j'ai mis plusieur logiciel de reparation sans succes, une aide serait la bien venue
Merci
Franck
Autres pages sur : probleme systeme32
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Hijackthis
Dézippe le dans un dossier sur ton bureau.
Double clique sur celui-ci.
Puis "Do a system scan and save a logfile" et poste le rapport.
Tuto HiJackThis
Télécharge Hijackthis
Dézippe le dans un dossier sur ton bureau.
Double clique sur celui-ci.
Puis "Do a system scan and save a logfile" et poste le rapport.
Tuto HiJackThis
j ai finalement reussi :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32:09, on 07/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\MSI\Core Center\CoreCenter.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\AlertModule\AlertModule.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\PROGRA~1\Grisoft\AVG7\avgvv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SearchPageURL.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\bmclbmhw.dll",sitypnow
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
O4 - HKCU\..\Run: [WinTouch] C:\Documents and Settings\Franck.TITANIUM\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\AMBULANCIER POUR LA VIE Web hottest videos personal player.exe
O4 - Global Startup: CoreCenter.lnk = C:\Program Files\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?5e4d935dfc6f45449fac17090094ded9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?5e4d935dfc6f45449fac17090094ded9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
--
End of file - 12348 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32:09, on 07/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\MSI\Core Center\CoreCenter.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\AlertModule\AlertModule.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\PROGRA~1\Grisoft\AVG7\avgvv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SearchPageURL.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\bmclbmhw.dll",sitypnow
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
O4 - HKCU\..\Run: [WinTouch] C:\Documents and Settings\Franck.TITANIUM\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\AMBULANCIER POUR LA VIE Web hottest videos personal player.exe
O4 - Global Startup: CoreCenter.lnk = C:\Program Files\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?5e4d935dfc6f45449fac17090094ded9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?5e4d935dfc6f45449fac17090094ded9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
--
End of file - 12348 bytes
Infection Vundo :
Fais ces manips dans l’ordre :
1/ Télécharge VundoFix.exe :
Double-clique VundoFix.exe .
Clique sur Scan for Vundo.
Lorsque le scan est complété, clique sur le bouton Remove Vundo.
Ensuite clique sur YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
Tu auras un message comme quoi l’ordinateur va s’éteindre, fais ok
Poste le rapport qui se trouve dans C:\vundofix.txt
2/ Télécharge Combofix (par sUBs) sur ton Bureau. (Tuto)
Double clique combofix.exe.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
Le rapport se trouve ici : C:\Combofix.txt
3/ Poste un nouveau rapport HiJackThis (en ayant renommé HiJackthis.exe en scanner.exe)
Fais ces manips dans l’ordre :
1/ Télécharge VundoFix.exe :
Double-clique VundoFix.exe .
Clique sur Scan for Vundo.
Lorsque le scan est complété, clique sur le bouton Remove Vundo.
Ensuite clique sur YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
Tu auras un message comme quoi l’ordinateur va s’éteindre, fais ok
Poste le rapport qui se trouve dans C:\vundofix.txt
2/ Télécharge Combofix (par sUBs) sur ton Bureau. (Tuto)
Double clique combofix.exe.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
Le rapport se trouve ici : C:\Combofix.txt
3/ Poste un nouveau rapport HiJackThis (en ayant renommé HiJackthis.exe en scanner.exe)
ComboFix 07-10-07.2 - Franck 2007-10-08 22:10:40.1 - NTFSx86 MINIMAL
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.298 [GMT 2:00]
Running from: C:\Documents and Settings\Franck.TITANIUM\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\check_LSA7.txt
C:\Documents and Settings\Franck.TITANIUM\Application Data\WinTouch
C:\Documents and Settings\Franck.TITANIUM\Application Data\WinTouch\wintouch.cfg
C:\Documents and Settings\Franck.TITANIUM\Application Data\WinTouch\WinTouch.exe
C:\install\install.exe
C:\Program Files\Fichiers communs\Yazzle1122OinUninstaller.exe
C:\Program Files\Insider
C:\Program Files\WinAble
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\ayadd.bak1
C:\WINDOWS\system32\ayadd.bak1
C:\WINDOWS\system32\ayadd.ini
C:\WINDOWS\system32\ayadd.ini
C:\WINDOWS\system32\cdeeg.bak1
C:\WINDOWS\system32\cdeeg.bak2
C:\WINDOWS\system32\cdeeg.ini
C:\WINDOWS\system32\ddaya.dll
C:\WINDOWS\system32\install.exe
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\jjllm.ini
C:\WINDOWS\system32\jjllm.ini
C:\WINDOWS\system32\mlljj.dll
C:\WINDOWS\system32\vgvswrox.dll
.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-08 to 2007-10-08 ))))))))))))))))))))))))))))))))))))
.
2007-10-08 22:09 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-08 18:46 <REP> d-------- C:\Program Files\Navilog1
2007-10-08 00:00 <REP> d-------- C:\VundoFix Backups
2007-10-07 23:38 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2007-10-07 23:38 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2007-10-07 23:38 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2007-10-07 23:38 <REP> d-------- C:\Program Files\Defenza
2007-10-07 22:09 1,156 --a------ C:\WINDOWS\mozver.dat
2007-10-07 19:08 <REP> d-------- C:\Program Files\Trend Micro
2007-10-07 17:32 <REP> d-------- C:\Program Files\CCleaner
2007-10-07 16:17 <REP> d-------- C:\WINDOWS\pss
2007-10-07 15:24 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-10-07 15:04 6,058,496 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-10-07 15:04 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-10-07 15:04 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-10-07 15:04 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-10-07 15:04 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-10-07 15:04 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-10-07 15:04 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-10-07 14:46 <REP> d-------- C:\Program Files\RegCure
2007-10-06 02:50 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\Talkback
2007-10-06 01:15 9,216 --a------ C:\WINDOWS\system32\avgwlntf.dll
2007-10-06 01:14 110,592 --a------ C:\WINDOWS\system32\avgfwafu.dll
2007-10-06 00:06 82,248 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-10-06 00:06 57,672 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-10-06 00:06 40,264 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-10-06 00:06 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-10-06 00:05 <REP> d-------- C:\Program Files\Spyware Doctor
2007-10-06 00:05 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\PC Tools
2007-10-06 00:02 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-10-06 00:02 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-10-06 00:00 <REP> d-------- C:\Program Files\Picasa2
2007-10-05 22:35 249 --a------ C:\Documents and Settings\Franck.TITANIUM\6755.bat
2007-10-05 19:24 <REP> d-------- C:\WINDOWS\system32\AlertModule
2007-10-05 19:23 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2007-10-05 19:22 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2007-10-05 14:37 <REP> d-------- C:\Program Files\Securitoo
2007-10-03 21:39 249 --a------ C:\Documents and Settings\Franck.TITANIUM\8203.bat
2007-10-03 21:38 36,352 --a------ C:\WINDOWS\system32\iifgdcc.dll
2007-10-03 21:37 32,768 --a------ C:\Documents and Settings\Franck.TITANIUM\winlogo.exe
2007-09-30 23:43 <REP> d-------- C:\WINDOWS\?icrosoft
2007-09-30 23:43 <REP> d-------- C:\Program Files\??crosoft
2007-09-30 23:40 <REP> d-------- C:\Program Files\?icrosoft
2007-09-30 23:40 <REP> d-------- C:\Program Files\?asks
2007-09-30 23:39 <REP> d-------- C:\WINDOWS\system32\A?pPatch
2007-09-30 23:39 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ppPatch
2007-09-30 23:39 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??sks
2007-09-30 23:38 <REP> dr--s---- C:\WINDOWS\a?sembly
2007-09-30 23:38 <REP> d---s---- C:\WINDOWS\system32\?icrosoft
2007-09-30 23:38 <REP> d-------- C:\WINDOWS\system32\?icrosoft.NET
2007-09-30 23:36 <REP> d---s---- C:\WINDOWS\system32\M?crosoft
2007-09-30 23:36 <REP> d---s---- C:\WINDOWS\??sks
2007-09-30 23:36 <REP> d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft
2007-09-30 23:36 <REP> d-------- C:\WINDOWS\system32\?asks
2007-09-30 23:36 <REP> d-------- C:\Program Files\A?pPatch
2007-09-30 23:36 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??pPatch
2007-09-30 23:35 <REP> d---s---- C:\WINDOWS\?asks
2007-09-30 23:35 <REP> d-------- C:\WINDOWS\system32\??stem32
2007-09-30 23:35 <REP> d-------- C:\Program Files\??sks
2007-09-30 23:34 <REP> d-------- C:\WINDOWS\system32\?ecurity
2007-09-30 23:34 <REP> d-------- C:\WINDOWS\?icrosoft.NET
2007-09-30 23:34 <REP> d-------- C:\Program Files\??pPatch
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\s?stem32
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\s?curity
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\M?crosoft.NET
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\F?nts
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?racle
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??stem32
2007-09-30 23:33 <REP> dr--s---- C:\WINDOWS\?ssembly
2007-09-30 23:33 <REP> d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\M?crosoft
2007-09-30 23:33 <REP> d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft
2007-09-30 23:33 <REP> d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft
2007-09-30 23:33 <REP> d-------- C:\WINDOWS\system32\T?sks
2007-09-30 23:33 <REP> d-------- C:\WINDOWS\system32\??stem
2007-09-30 23:33 <REP> d-------- C:\WINDOWS\s?stem32
2007-09-30 23:33 <REP> d-------- C:\WINDOWS\M?crosoft
2007-09-30 23:33 <REP> d-------- C:\Program Files\?ymantec
2007-09-30 23:33 <REP> d-------- C:\Program Files\??crosoft.NET
2007-09-30 23:33 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\S?mantec
2007-09-30 23:33 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?asks
2007-09-30 23:33 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??stem
2007-09-30 23:32 <REP> d-------- C:\Program Files\?ystem
2007-09-30 23:32 <REP> d-------- C:\Program Files\?icrosoft.NET
2007-09-30 23:32 <REP> d-------- C:\Program Files\??crosoft.NET
2007-09-30 23:32 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\s?stem
2007-09-30 23:32 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\A?pPatch
2007-09-30 23:32 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ssembly
2007-09-30 23:32 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft.NET
2007-09-30 23:32 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??pPatch
2007-09-30 23:31 <REP> d-------- C:\Program Files\?ymbols
2007-09-30 23:31 <REP> d-------- C:\Program Files\?ssembly
2007-09-30 23:31 <REP> d-------- C:\Program Files\?racle
2007-09-30 23:31 <REP> d-------- C:\Program Files\?icrosoft
2007-09-30 23:31 <REP> d-------- C:\Program Files\?asks
2007-09-30 23:31 <REP> d-------- C:\Program Files\??sks
2007-09-30 23:31 <REP> d-------- C:\Program Files\??pPatch
2007-09-30 23:31 <REP> d-------- C:\Program Files\??crosoft
2007-09-30 23:31 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\a?sembly
2007-09-30 23:31 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ppPatch
2007-09-30 23:31 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft.NET
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-08 22:37 --------- d-------- C:\Program Files\Wanadoo
2007-10-08 14:39 --------- d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2007-10-07 23:38 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-10-06 14:24 --------- d-------- C:\Program Files\AntivirusFirewall
2007-10-05 21:47 25214 --a------ C:\Program Files\B.ico
2007-10-05 21:47 25214 --a------ C:\Program Files\A.ico
2007-10-05 21:45 --------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
2007-10-05 20:22 --------- d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-10-04 17:13 7168 --ahs---- C:\Program Files\Thumbs.db
2007-10-02 22:55 --------- d-------- C:\Program Files\Google
2007-10-01 22:28 --------- d-------- C:\Program Files\eMule
2007-09-30 23:43 --------- d-------- C:\Program Files\Common Files
2007-09-30 23:36 --------- d-------- C:\Program Files\??pPatch
2007-09-30 23:36 --------- d-------- C:\Program Files\??pPatch
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?racle
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?racle
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??stem32
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??curity
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft.NET
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft.NET
2007-09-30 23:33 --------- d-------- C:\Program Files\?ymantec
2007-09-30 23:32 --------- d-------- C:\Program Files\?ystem
2007-09-30 23:32 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ssembly
2007-09-30 23:32 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??stem
2007-09-30 23:32 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??pPatch
2007-09-30 23:32 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??pPatch
2007-09-30 23:31 --------- d-------- C:\Program Files\?ymbols
2007-09-30 23:31 --------- d-------- C:\Program Files\?ssembly
2007-09-30 23:31 --------- d-------- C:\Program Files\?racle
2007-09-30 23:31 --------- d-------- C:\Program Files\?racle
2007-09-30 23:31 --------- d-------- C:\Program Files\?icrosoft
2007-09-30 23:31 --------- d-------- C:\Program Files\?icrosoft
2007-09-30 23:31 --------- d-------- C:\Program Files\?asks
2007-09-30 23:31 --------- d-------- C:\Program Files\?asks
2007-09-30 23:31 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ppPatch
2007-09-30 23:31 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ppPatch
2007-09-30 23:31 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft.NET
2007-09-30 23:31 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft.NET
2007-09-30 23:31 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??sembly
2007-09-30 23:30 --------- d-------- C:\Program Files\??stem32
2007-09-30 23:30 --------- d-------- C:\Program Files\??sks
2007-09-30 23:30 --------- d-------- C:\Program Files\??sks
2007-09-30 23:30 --------- d-------- C:\Program Files\??mbols
2007-09-30 23:30 --------- d-------- C:\Program Files\??curity
2007-09-30 23:30 --------- d-------- C:\Program Files\??crosoft
2007-09-30 23:30 --------- d-------- C:\Program Files\??crosoft
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ystem
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ymbols
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?asks
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?asks
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??sks
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??sks
2007-09-30 23:29 --------- d-------- C:\Program Files\?ystem32
2007-09-30 23:29 --------- d-------- C:\Program Files\?ppPatch
2007-09-30 23:29 --------- d-------- C:\Program Files\?ppPatch
2007-09-30 23:29 --------- d-------- C:\Program Files\?ecurity
2007-09-30 23:29 --------- d-------- C:\Program Files\??stem
2007-09-30 23:29 --------- d-------- C:\Program Files\??sembly
2007-09-30 23:29 --------- d-------- C:\Program Files\??mantec
2007-09-30 23:29 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ystem32
2007-09-30 23:29 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ecurity
2007-09-30 23:29 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??mbols
2007-08-13 18:54 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2007-08-13 18:54 156160 --a------ C:\WINDOWS\system32\msls31.dll
2007-08-13 18:45 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2007-08-13 18:44 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2007-08-13 18:39 71680 --a------ C:\WINDOWS\system32\admparse.dll
2007-08-13 18:39 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2007-08-13 18:36 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2007-08-13 18:32 45568 --a------ C:\WINDOWS\system32\mshta.exe
2007-08-13 18:01 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2007-08-11 15:58 --------- d-------- C:\Documents and Settings\All Users\Application Data\Skyline
2007-08-11 15:52 --------- d-------- C:\Program Files\Skyline
2007-08-05 21:24 --------- d-------- C:\Program Files\?dobe
2007-08-05 21:24 --------- d-------- C:\Program Files\?dobe
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-16 01:59 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?dobe
2007-07-16 01:59 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?dobe
2007-07-15 15:46 --------- d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft
2007-07-15 15:46 --------- d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft
2007-07-15 15:46 --------- d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft
2007-07-15 15:46 --------- d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft
2005-07-10 12:56 --------- d-------- C:\Program Files\?icrosoft.NET
2005-07-10 12:56 --------- d-------- C:\Program Files\?icrosoft.NET
2005-07-10 12:56 --------- d-------- C:\Program Files\??crosoft.NET
2005-07-10 12:56 --------- d-------- C:\Program Files\??crosoft.NET
2005-07-10 01:03 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ymantec
2005-07-10 01:03 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??mantec
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26ECE649-A067-4860-986B-897892988D8F}]
C:\WINDOWS\system32\geedc.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BF370B13-0249-4452-AB47-30FD78092402}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 12:20 C:\WINDOWS\SOUNDMAN.EXE]
"LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2004-09-23 14:19]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-12 21:10]
"Ulead AutoDetector"="C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe" [2003-11-19 13:03]
"Controleur de calendrier pour Ulead Photo Express"="C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe" [2004-01-12 20:40]
"Aide Memoire Votre Budget"="" []
"ConvEuro MA"="" []
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 13:38]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 12:00]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 00:14]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-16 12:07]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2003-12-13 02:50]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-24 13:23]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-08-14 17:02]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-06 01:14]
"PCDAS"="C:\Program Files\Defenza\pcd-as.exe" [2006-12-15 10:47]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:54]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-07-26 19:14]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 16:20]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-21 13:17]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{178D4E6A-BA5A-4ECB-8521-F7B8393FDB97}"= C:\WINDOWS\system32\iifgdcc.dll [2007-10-03 21:38 36352]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2007-10-06 01:15 9216 C:\WINDOWS\system32\avgwlntf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifgdcc]
iifgdcc.dll 2007-10-03 21:38 36352 C:\WINDOWS\system32\iifgdcc.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkkifd]
jkkkifd.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"="C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\\WINDOWS\\system32\\pmkhf
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
R1 DcCam;Kodak Camera Proxy;C:\WINDOWS\system32\DRIVERS\DcCam.sys
R2 DCFS2K;Kodak DCFS2K Driver;C:\WINDOWS\system32\drivers\dcfs2k.sys
R2 Dev_UNIDRV;Dev_UNIDRV;\??\C:\WINDOWS\system32\Drivers\UNIDRV.SYS
R3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys
R3 PCAlertDriver;PCAlertDriver;\??\C:\Program Files\MSI\Core Center\NTGLM7X.sys
R3 RushTopDevice;RushTopDevice;\??\C:\Program Files\MSI\Core Center\RushTop.sys
S1 Exportit;Exportit;C:\WINDOWS\system32\DRIVERS\exportit.sys
S3 DcFpoint;DcFpoint;C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
S3 DcLps;Legacy Polling Service;C:\WINDOWS\system32\DRIVERS\DcLps.sys
S3 DcPTP;dcptp;C:\WINDOWS\system32\DRIVERS\DcPTP.sys
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se2Eunic.sys
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\sscdbus.sys
S3 sscdmdfl;SAMSUNG CDMA Modem Filter;C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
S3 sscdmdm;SAMSUNG CDMA Modem Drivers;C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7ccde93-6551-11dc-a91f-0008d3085179}]
AutoRun\command- .\Recycled\Driveinfo.exe
Open\Command- .\Recycled\Driveinfo.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-10-08 20:18:27 C:\WINDOWS\Tasks\RegCure Program Check.job"
"2007-10-07 12:46:17 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2007-10-08 19:18:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-08 22:19:33
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-08 22:41:34 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-10-08 22:41
.
--- E O F ---
pour le moment plus de probleme exepte avec internet explorer
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.298 [GMT 2:00]
Running from: C:\Documents and Settings\Franck.TITANIUM\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\check_LSA7.txt
C:\Documents and Settings\Franck.TITANIUM\Application Data\WinTouch
C:\Documents and Settings\Franck.TITANIUM\Application Data\WinTouch\wintouch.cfg
C:\Documents and Settings\Franck.TITANIUM\Application Data\WinTouch\WinTouch.exe
C:\install\install.exe
C:\Program Files\Fichiers communs\Yazzle1122OinUninstaller.exe
C:\Program Files\Insider
C:\Program Files\WinAble
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\ayadd.bak1
C:\WINDOWS\system32\ayadd.bak1
C:\WINDOWS\system32\ayadd.ini
C:\WINDOWS\system32\ayadd.ini
C:\WINDOWS\system32\cdeeg.bak1
C:\WINDOWS\system32\cdeeg.bak2
C:\WINDOWS\system32\cdeeg.ini
C:\WINDOWS\system32\ddaya.dll
C:\WINDOWS\system32\install.exe
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\jjllm.ini
C:\WINDOWS\system32\jjllm.ini
C:\WINDOWS\system32\mlljj.dll
C:\WINDOWS\system32\vgvswrox.dll
.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-08 to 2007-10-08 ))))))))))))))))))))))))))))))))))))
.
2007-10-08 22:09 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-08 18:46 <REP> d-------- C:\Program Files\Navilog1
2007-10-08 00:00 <REP> d-------- C:\VundoFix Backups
2007-10-07 23:38 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2007-10-07 23:38 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2007-10-07 23:38 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2007-10-07 23:38 <REP> d-------- C:\Program Files\Defenza
2007-10-07 22:09 1,156 --a------ C:\WINDOWS\mozver.dat
2007-10-07 19:08 <REP> d-------- C:\Program Files\Trend Micro
2007-10-07 17:32 <REP> d-------- C:\Program Files\CCleaner
2007-10-07 16:17 <REP> d-------- C:\WINDOWS\pss
2007-10-07 15:24 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-10-07 15:04 6,058,496 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-10-07 15:04 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-10-07 15:04 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-10-07 15:04 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-10-07 15:04 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-10-07 15:04 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-10-07 15:04 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-10-07 14:46 <REP> d-------- C:\Program Files\RegCure
2007-10-06 02:50 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\Talkback
2007-10-06 01:15 9,216 --a------ C:\WINDOWS\system32\avgwlntf.dll
2007-10-06 01:14 110,592 --a------ C:\WINDOWS\system32\avgfwafu.dll
2007-10-06 00:06 82,248 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-10-06 00:06 57,672 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-10-06 00:06 40,264 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-10-06 00:06 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-10-06 00:05 <REP> d-------- C:\Program Files\Spyware Doctor
2007-10-06 00:05 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\PC Tools
2007-10-06 00:02 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-10-06 00:02 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-10-06 00:00 <REP> d-------- C:\Program Files\Picasa2
2007-10-05 22:35 249 --a------ C:\Documents and Settings\Franck.TITANIUM\6755.bat
2007-10-05 19:24 <REP> d-------- C:\WINDOWS\system32\AlertModule
2007-10-05 19:23 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2007-10-05 19:22 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2007-10-05 14:37 <REP> d-------- C:\Program Files\Securitoo
2007-10-03 21:39 249 --a------ C:\Documents and Settings\Franck.TITANIUM\8203.bat
2007-10-03 21:38 36,352 --a------ C:\WINDOWS\system32\iifgdcc.dll
2007-10-03 21:37 32,768 --a------ C:\Documents and Settings\Franck.TITANIUM\winlogo.exe
2007-09-30 23:43 <REP> d-------- C:\WINDOWS\?icrosoft
2007-09-30 23:43 <REP> d-------- C:\Program Files\??crosoft
2007-09-30 23:40 <REP> d-------- C:\Program Files\?icrosoft
2007-09-30 23:40 <REP> d-------- C:\Program Files\?asks
2007-09-30 23:39 <REP> d-------- C:\WINDOWS\system32\A?pPatch
2007-09-30 23:39 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ppPatch
2007-09-30 23:39 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??sks
2007-09-30 23:38 <REP> dr--s---- C:\WINDOWS\a?sembly
2007-09-30 23:38 <REP> d---s---- C:\WINDOWS\system32\?icrosoft
2007-09-30 23:38 <REP> d-------- C:\WINDOWS\system32\?icrosoft.NET
2007-09-30 23:36 <REP> d---s---- C:\WINDOWS\system32\M?crosoft
2007-09-30 23:36 <REP> d---s---- C:\WINDOWS\??sks
2007-09-30 23:36 <REP> d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft
2007-09-30 23:36 <REP> d-------- C:\WINDOWS\system32\?asks
2007-09-30 23:36 <REP> d-------- C:\Program Files\A?pPatch
2007-09-30 23:36 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??pPatch
2007-09-30 23:35 <REP> d---s---- C:\WINDOWS\?asks
2007-09-30 23:35 <REP> d-------- C:\WINDOWS\system32\??stem32
2007-09-30 23:35 <REP> d-------- C:\Program Files\??sks
2007-09-30 23:34 <REP> d-------- C:\WINDOWS\system32\?ecurity
2007-09-30 23:34 <REP> d-------- C:\WINDOWS\?icrosoft.NET
2007-09-30 23:34 <REP> d-------- C:\Program Files\??pPatch
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\s?stem32
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\s?curity
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\M?crosoft.NET
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\F?nts
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?racle
2007-09-30 23:34 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??stem32
2007-09-30 23:33 <REP> dr--s---- C:\WINDOWS\?ssembly
2007-09-30 23:33 <REP> d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\M?crosoft
2007-09-30 23:33 <REP> d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft
2007-09-30 23:33 <REP> d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft
2007-09-30 23:33 <REP> d-------- C:\WINDOWS\system32\T?sks
2007-09-30 23:33 <REP> d-------- C:\WINDOWS\system32\??stem
2007-09-30 23:33 <REP> d-------- C:\WINDOWS\s?stem32
2007-09-30 23:33 <REP> d-------- C:\WINDOWS\M?crosoft
2007-09-30 23:33 <REP> d-------- C:\Program Files\?ymantec
2007-09-30 23:33 <REP> d-------- C:\Program Files\??crosoft.NET
2007-09-30 23:33 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\S?mantec
2007-09-30 23:33 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?asks
2007-09-30 23:33 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??stem
2007-09-30 23:32 <REP> d-------- C:\Program Files\?ystem
2007-09-30 23:32 <REP> d-------- C:\Program Files\?icrosoft.NET
2007-09-30 23:32 <REP> d-------- C:\Program Files\??crosoft.NET
2007-09-30 23:32 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\s?stem
2007-09-30 23:32 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\A?pPatch
2007-09-30 23:32 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ssembly
2007-09-30 23:32 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft.NET
2007-09-30 23:32 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??pPatch
2007-09-30 23:31 <REP> d-------- C:\Program Files\?ymbols
2007-09-30 23:31 <REP> d-------- C:\Program Files\?ssembly
2007-09-30 23:31 <REP> d-------- C:\Program Files\?racle
2007-09-30 23:31 <REP> d-------- C:\Program Files\?icrosoft
2007-09-30 23:31 <REP> d-------- C:\Program Files\?asks
2007-09-30 23:31 <REP> d-------- C:\Program Files\??sks
2007-09-30 23:31 <REP> d-------- C:\Program Files\??pPatch
2007-09-30 23:31 <REP> d-------- C:\Program Files\??crosoft
2007-09-30 23:31 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\a?sembly
2007-09-30 23:31 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ppPatch
2007-09-30 23:31 <REP> d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft.NET
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-08 22:37 --------- d-------- C:\Program Files\Wanadoo
2007-10-08 14:39 --------- d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2007-10-07 23:38 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-10-06 14:24 --------- d-------- C:\Program Files\AntivirusFirewall
2007-10-05 21:47 25214 --a------ C:\Program Files\B.ico
2007-10-05 21:47 25214 --a------ C:\Program Files\A.ico
2007-10-05 21:45 --------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
2007-10-05 20:22 --------- d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-10-04 17:13 7168 --ahs---- C:\Program Files\Thumbs.db
2007-10-02 22:55 --------- d-------- C:\Program Files\Google
2007-10-01 22:28 --------- d-------- C:\Program Files\eMule
2007-09-30 23:43 --------- d-------- C:\Program Files\Common Files
2007-09-30 23:36 --------- d-------- C:\Program Files\??pPatch
2007-09-30 23:36 --------- d-------- C:\Program Files\??pPatch
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?racle
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?racle
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??stem32
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??curity
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft.NET
2007-09-30 23:34 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft.NET
2007-09-30 23:33 --------- d-------- C:\Program Files\?ymantec
2007-09-30 23:32 --------- d-------- C:\Program Files\?ystem
2007-09-30 23:32 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ssembly
2007-09-30 23:32 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??stem
2007-09-30 23:32 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??pPatch
2007-09-30 23:32 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??pPatch
2007-09-30 23:31 --------- d-------- C:\Program Files\?ymbols
2007-09-30 23:31 --------- d-------- C:\Program Files\?ssembly
2007-09-30 23:31 --------- d-------- C:\Program Files\?racle
2007-09-30 23:31 --------- d-------- C:\Program Files\?racle
2007-09-30 23:31 --------- d-------- C:\Program Files\?icrosoft
2007-09-30 23:31 --------- d-------- C:\Program Files\?icrosoft
2007-09-30 23:31 --------- d-------- C:\Program Files\?asks
2007-09-30 23:31 --------- d-------- C:\Program Files\?asks
2007-09-30 23:31 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ppPatch
2007-09-30 23:31 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ppPatch
2007-09-30 23:31 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft.NET
2007-09-30 23:31 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft.NET
2007-09-30 23:31 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??sembly
2007-09-30 23:30 --------- d-------- C:\Program Files\??stem32
2007-09-30 23:30 --------- d-------- C:\Program Files\??sks
2007-09-30 23:30 --------- d-------- C:\Program Files\??sks
2007-09-30 23:30 --------- d-------- C:\Program Files\??mbols
2007-09-30 23:30 --------- d-------- C:\Program Files\??curity
2007-09-30 23:30 --------- d-------- C:\Program Files\??crosoft
2007-09-30 23:30 --------- d-------- C:\Program Files\??crosoft
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ystem
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ymbols
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?asks
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?asks
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??sks
2007-09-30 23:30 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??sks
2007-09-30 23:29 --------- d-------- C:\Program Files\?ystem32
2007-09-30 23:29 --------- d-------- C:\Program Files\?ppPatch
2007-09-30 23:29 --------- d-------- C:\Program Files\?ppPatch
2007-09-30 23:29 --------- d-------- C:\Program Files\?ecurity
2007-09-30 23:29 --------- d-------- C:\Program Files\??stem
2007-09-30 23:29 --------- d-------- C:\Program Files\??sembly
2007-09-30 23:29 --------- d-------- C:\Program Files\??mantec
2007-09-30 23:29 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ystem32
2007-09-30 23:29 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ecurity
2007-09-30 23:29 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??mbols
2007-08-13 18:54 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2007-08-13 18:54 156160 --a------ C:\WINDOWS\system32\msls31.dll
2007-08-13 18:45 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2007-08-13 18:44 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2007-08-13 18:39 71680 --a------ C:\WINDOWS\system32\admparse.dll
2007-08-13 18:39 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2007-08-13 18:36 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2007-08-13 18:32 45568 --a------ C:\WINDOWS\system32\mshta.exe
2007-08-13 18:01 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2007-08-11 15:58 --------- d-------- C:\Documents and Settings\All Users\Application Data\Skyline
2007-08-11 15:52 --------- d-------- C:\Program Files\Skyline
2007-08-05 21:24 --------- d-------- C:\Program Files\?dobe
2007-08-05 21:24 --------- d-------- C:\Program Files\?dobe
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-16 01:59 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?dobe
2007-07-16 01:59 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?dobe
2007-07-15 15:46 --------- d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft
2007-07-15 15:46 --------- d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\?icrosoft
2007-07-15 15:46 --------- d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft
2007-07-15 15:46 --------- d---s---- C:\Documents and Settings\Franck.TITANIUM\Application Data\??crosoft
2005-07-10 12:56 --------- d-------- C:\Program Files\?icrosoft.NET
2005-07-10 12:56 --------- d-------- C:\Program Files\?icrosoft.NET
2005-07-10 12:56 --------- d-------- C:\Program Files\??crosoft.NET
2005-07-10 12:56 --------- d-------- C:\Program Files\??crosoft.NET
2005-07-10 01:03 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\?ymantec
2005-07-10 01:03 --------- d-------- C:\Documents and Settings\Franck.TITANIUM\Application Data\??mantec
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26ECE649-A067-4860-986B-897892988D8F}]
C:\WINDOWS\system32\geedc.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BF370B13-0249-4452-AB47-30FD78092402}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 12:20 C:\WINDOWS\SOUNDMAN.EXE]
"LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2004-09-23 14:19]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-12 21:10]
"Ulead AutoDetector"="C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe" [2003-11-19 13:03]
"Controleur de calendrier pour Ulead Photo Express"="C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe" [2004-01-12 20:40]
"Aide Memoire Votre Budget"="" []
"ConvEuro MA"="" []
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 13:38]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 12:00]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 00:14]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-16 12:07]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2003-12-13 02:50]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-24 13:23]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-08-14 17:02]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-06 01:14]
"PCDAS"="C:\Program Files\Defenza\pcd-as.exe" [2006-12-15 10:47]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:54]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-07-26 19:14]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 16:20]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-21 13:17]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{178D4E6A-BA5A-4ECB-8521-F7B8393FDB97}"= C:\WINDOWS\system32\iifgdcc.dll [2007-10-03 21:38 36352]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2007-10-06 01:15 9216 C:\WINDOWS\system32\avgwlntf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifgdcc]
iifgdcc.dll 2007-10-03 21:38 36352 C:\WINDOWS\system32\iifgdcc.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkkifd]
jkkkifd.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"="C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\\WINDOWS\\system32\\pmkhf
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
R1 DcCam;Kodak Camera Proxy;C:\WINDOWS\system32\DRIVERS\DcCam.sys
R2 DCFS2K;Kodak DCFS2K Driver;C:\WINDOWS\system32\drivers\dcfs2k.sys
R2 Dev_UNIDRV;Dev_UNIDRV;\??\C:\WINDOWS\system32\Drivers\UNIDRV.SYS
R3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys
R3 PCAlertDriver;PCAlertDriver;\??\C:\Program Files\MSI\Core Center\NTGLM7X.sys
R3 RushTopDevice;RushTopDevice;\??\C:\Program Files\MSI\Core Center\RushTop.sys
S1 Exportit;Exportit;C:\WINDOWS\system32\DRIVERS\exportit.sys
S3 DcFpoint;DcFpoint;C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
S3 DcLps;Legacy Polling Service;C:\WINDOWS\system32\DRIVERS\DcLps.sys
S3 DcPTP;dcptp;C:\WINDOWS\system32\DRIVERS\DcPTP.sys
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se2Eunic.sys
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\sscdbus.sys
S3 sscdmdfl;SAMSUNG CDMA Modem Filter;C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
S3 sscdmdm;SAMSUNG CDMA Modem Drivers;C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7ccde93-6551-11dc-a91f-0008d3085179}]
AutoRun\command- .\Recycled\Driveinfo.exe
Open\Command- .\Recycled\Driveinfo.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-10-08 20:18:27 C:\WINDOWS\Tasks\RegCure Program Check.job"
"2007-10-07 12:46:17 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2007-10-08 19:18:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-08 22:19:33
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-08 22:41:34 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-10-08 22:41
.
--- E O F ---
pour le moment plus de probleme exepte avec internet explorer
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumDes pages internet s ouvrent toutes seules
- ForumWindows xp lent au démarrage
- ForumWindows xp partage securité virus
- ForumSécurité de windows mail
- ForumVirus worm win32 netbooster
- ForumFaire disparaître la fenetre sécurité windows
- ForumC windows system32 services exe
- ForumSpyware secure, alerte windows securite
- ForumAffichage publicite et sites internet non voulus
- ForumFenetre publicitaire intempestive windows 7
- Voir plus
