rundll erreur chargement.... le module spécifié est introuvable! - Sécurité - Virus
Ceci répond-il à votre question ? Oui | Non
Se connecter | Inscription
 

Ajouter une réponse



 Mot :   Pseudo :  
 
Bas de page
Auteur
 Sujet : rundll erreur chargement.... le module spécifié est introuvable!
 
pierrounne
Profil : IDNaute
Plus d'informations
n°308798
12-05-2008 à 11:47:15

bonjour!

voila mon probleme depuis peu lorsque je demarre mon pc un message d'erreur apparait :
erreur de chergement de :C\WINDOWS\systeme32\{7a51d676-86dd-b9ca-ac01-5aa042bfc65c}.dll

en cherchant sur internet j'ai vu que cela etait un virus mais mon antivirus na rien detecter que me conseiller vous pour resoudre se probleme

Liens

Angeldark
Profil : Helper
Plus d'informations
n°308841
12-05-2008 à 14:12:33

Bonjour,

Télécharge puis installe HijackThis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser HijackThis v2.0.2


---------------
Prévention & Protection|Les logiciels gratuits|L'homme du FLCCF
pierrounne
Profil : IDNaute
Plus d'informations
n°308894
12-05-2008 à 16:10:29

Logfile of HijackThis v1.99.1
Scan saved at 11:39:22, on 12/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\WINDOWS\system32\Pmxmiced.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\DOCUME~1\PIERRE~1\LOCALS~1\Temp\Rar$EX00.469\VisualToolTip.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\PopKiller\PopKiller.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Photodex\ProShow\ScsiAccess.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.google.com/smal [...] bd=1080109
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/ [...] l=fr&s=gen
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/ [...] l=fr&s=gen
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://partnerpage.google.com/smal [...] bd=1080109
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: rightonadz browser optimizer - {78f3afe5-af5a-0f8e-31ca-abf595a84364} - C:\WINDOWS\system32\{7a51d676-86dd-b9ca-ac01-5aa042bfc65c}.dll (file missing)
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: adssite - {f3a5caf9-d523-5008-59de-80368d91302a} - C:\WINDOWS\system32\nsd60.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [mcinfo_1203429411] C:\DOCUME~1\PIERRE~1\LOCALS~1\Temp\mcinfo_1203429411.exe /insfin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\{7a51d676-86dd-b9ca-ac01-5aa042bfc65c}.dll" DllInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [VisualTooltip] C:\DOCUME~1\PIERRE~1\LOCALS~1\Temp\Rar$EX00.469\VisualToolTip.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [PopKiller] "C:\Program Files\PopKiller\PopKiller.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Download Link Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_file.htm
O8 - Extra context menu item: Download List Of Files Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_list.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Subscribe To RSS/Podcast Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_rss.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.co [...] 8199136031
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow\ScsiAccess.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe

Angeldark
Profil : Helper
Plus d'informations
n°308902
12-05-2008 à 17:07:21

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM


---------------
Prévention & Protection|Les logiciels gratuits|L'homme du FLCCF
pierrounne
Profil : IDNaute
Plus d'informations
n°308931
12-05-2008 à 19:47:23

Malwarebytes' Anti-Malware 1.12
Version de la base de données: 742

Type de recherche: Examen complet (C:\|F:\|G:\|H:\|I:\|)
Eléments examinés: 146545
Temps écoulé: 1 hour(s), 45 minute(s), 55 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adssite (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rightonadz (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spa_start (Adware.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\3wPlayer (Trojan.Downloader) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\adssite-remove.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\{7a51d676-86dd-b9ca-ac01-5aa042bfc65c}.dll-uninst.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rundll32.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.

pierrounne
Profil : IDNaute
Plus d'informations
n°308932
12-05-2008 à 19:47:53

merci le message d'erreur ne s'affiche plus !!!

Angeldark
Profil : Helper
Plus d'informations
n°308935
12-05-2008 à 20:05:34

Reposte un rapport Hijackthis :)


---------------
Prévention & Protection|Les logiciels gratuits|L'homme du FLCCF
pierrounne
Profil : IDNaute
Plus d'informations
n°309048
13-05-2008 à 18:49:03

Logfile of HijackThis v1.99.1
Scan saved at 18:48:26, on 13/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\Pmxmiced.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\DOCUME~1\PIERRE~1\LOCALS~1\Temp\Rar$EX00.469\VisualToolTip.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\PopKiller\PopKiller.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Photodex\ProShow\ScsiAccess.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.google.com/smal [...] bd=1080109
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/ [...] l=fr&s=gen
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/ [...] l=fr&s=gen
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://partnerpage.google.com/smal [...] bd=1080109
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: rightonadz browser optimizer - {78f3afe5-af5a-0f8e-31ca-abf595a84364} - C:\WINDOWS\system32\{7a51d676-86dd-b9ca-ac01-5aa042bfc65c}.dll (file missing)
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: adssite - {f3a5caf9-d523-5008-59de-80368d91302a} - C:\WINDOWS\system32\nsd60.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [mcinfo_1203429411] C:\DOCUME~1\PIERRE~1\LOCALS~1\Temp\mcinfo_1203429411.exe /insfin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [VisualTooltip] C:\DOCUME~1\PIERRE~1\LOCALS~1\Temp\Rar$EX00.469\VisualToolTip.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [PopKiller] "C:\Program Files\PopKiller\PopKiller.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Download Link Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_file.htm
O8 - Extra context menu item: Download List Of Files Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_list.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Subscribe To RSS/Podcast Using DownloadStudio... - C:\Program Files\Conceiva\DownloadStudio\ds_rss.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.co [...] 8199136031
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow\ScsiAccess.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe

Angeldark
Profil : Helper
Plus d'informations
n°309050
13-05-2008 à 18:51:21

Pas terminé :)

Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) !

  • Télécharge ComboFix (sUBs) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.


AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer


---------------
Prévention & Protection|Les logiciels gratuits|L'homme du FLCCF
pierrounne
Profil : IDNaute
Plus d'informations
n°309199
14-05-2008 à 12:58:30

ComboFix 08-05-12.1 - pierre brocart 2008-05-14 12:49:34.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1459 [GMT 2:00]
Endroit: C:\Documents and Settings\pierre brocart\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\pierre brocart\Local Settings\Application Data\vajzfrmce.dat
C:\Documents and Settings\pierre brocart\Local Settings\Application Data\vajzfrmce_nav.dat
C:\Documents and Settings\pierre brocart\Local Settings\Application Data\vajzfrmce_navps.dat
C:\Program Files\Adssite Games Collection
C:\Program Files\Adssite Games Collection\BattlesOfHelicopters.exe
C:\Program Files\Adssite Games Collection\BobAndBill.exe
C:\Program Files\Adssite Games Collection\CrazyBlocks.exe
C:\Program Files\Adssite Games Collection\Lines.exe
C:\Program Files\Adssite Games Collection\uninstall.exe
C:\Program Files\Adssite Games Collection\VideoPool.exe
C:\WINDOWS\system32\nsd60.dll
C:\WINDOWS\system32\rightonadz-uninst.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-14 to 2008-05-14 ))))))))))))))))))))))))))))))))))))
.

2008-05-14 06:53 . 2008-05-14 06:54 4,170,102 --a------ C:\bouche b‚e.avi.3GP
2008-05-14 06:52 . 2008-05-14 06:53 3,261,292 --a------ C:\seul ou accompagn‚.avi.3GP
2008-05-14 06:51 . 2008-05-14 06:52 2,938,680 --a------ C:\2.3GP
2008-05-14 06:50 . 2008-05-14 06:50 2,938,680 --a------ C:\video.mp4.3GP
2008-05-12 17:37 . 2008-05-12 17:37 <REP> d-a------ C:\Program Files\Malwarebytes' Anti-Malware
2008-05-12 17:37 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-12 17:37 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-12 11:38 . 2008-05-13 18:48 <REP> d-a------ C:\Program Files\hijack
2008-05-10 10:02 . 2008-05-10 10:02 <REP> d-a------ C:\Program Files\Avira
2008-05-09 20:52 . 2008-05-09 20:52 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-05-09 20:49 . 2008-05-09 20:49 <REP> d-a------ C:\Program Files\Messenger Plus! Live
2008-05-08 12:09 . 2008-05-10 16:36 <REP> d-a------ C:\Program Files\IVCsoft
2008-05-08 10:25 . 2008-05-08 10:25 <REP> d-------- C:\Program Files\Yahoo!
2008-05-07 13:27 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-05-07 13:27 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-05-07 13:27 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-05-07 13:27 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-05-07 13:27 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-05-07 13:27 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-05-07 13:27 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-05-07 13:27 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2008-05-06 17:42 . 2008-05-06 17:42 9,662 --a------ C:\WINDOWS\EPISME00.SWB
2008-05-04 18:32 . 2008-05-04 18:32 1 --a------ C:\Documents and Settings\pierre brocart\SI.bin
2008-05-04 18:15 . 2008-05-04 18:33 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\Ubisoft
2008-05-03 09:49 . 2008-05-03 09:51 <REP> d-a------ C:\Program Files\IcoFX 1.6
2008-04-27 17:17 . 2008-04-27 17:17 14,714,524 --a------ C:\don't slim.flv.MP4
2008-04-26 11:34 . 2008-04-26 11:34 449,896 --a------ C:\don't slim.flv.AVI
2008-04-24 14:20 . 2008-04-24 14:35 <REP> d-a------ C:\Program Files\American Conquest
2008-04-22 19:20 . 2008-04-22 19:20 4,128 --a------ C:\INFCACHE.1
2008-04-22 14:01 . 2008-04-22 14:02 <REP> d-------- C:\Program Files\Actual Transparent Window
2008-04-22 14:01 . 2008-04-22 14:01 <REP> d-------- C:\Documents and Settings\pierre brocart\Application Data\Actual Tools
2008-04-22 13:53 . 2008-04-22 13:53 <REP> d-a------ C:\Program Files\Vasilios Applications
2008-04-22 13:41 . 2008-04-22 13:41 <REP> d-a------ C:\Program Files\Recuva
2008-04-20 12:16 . 2008-04-20 12:16 <REP> d-a------ C:\Program Files\Lavasoft
2008-04-20 12:16 . 2008-04-20 12:16 <REP> d-a------ C:\Documents and Settings\pierre brocart\Application Data\Lavasoft
2008-04-20 12:13 . 2008-04-20 12:13 <REP> d-a------ C:\Documents and Settings\pierre brocart\Application Data\TuneUp Software
2008-04-20 12:13 . 2008-04-20 12:13 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-04-20 12:13 . 2007-05-16 09:41 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-04-20 12:12 . 2008-04-20 12:13 <REP> d-a------ C:\Program Files\TuneUp Utilities 2007
2008-04-20 12:12 . 2008-04-20 12:12 <REP> d-a------ C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-04-19 13:07 . 2008-04-19 13:07 <REP> d-------- C:\Documents and Settings\pierre brocart\WINDOWS
2008-04-17 10:58 . 2008-05-12 14:33 <REP> d-------- C:\JPG
2008-04-16 12:19 . 2008-04-16 12:19 <REP> d-------- C:\Intel
2008-04-16 12:14 . 2008-04-16 13:01 <REP> d-------- C:\Program Files\ma-config.com
2008-04-16 12:14 . 2008-04-16 13:07 <REP> d-------- C:\Documents and Settings\pierre brocart\Application Data\ma-config.com
2008-04-16 10:51 . 2008-05-09 17:43 <REP> d-------- C:\Program Files\eMule
2008-04-15 20:57 . 2008-04-15 20:58 5,276 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-04-15 20:36 . 2008-04-15 20:36 0 --a------ C:\studio.xnf
2008-04-15 20:24 . 2008-04-15 20:38 <REP> d-a-s---- C:\Program Files\WinOSX
2008-04-14 21:15 . 2008-04-14 21:17 <REP> d-------- C:\WINDOWS\system32\NtmsData
2008-04-14 19:54 . 2008-04-14 21:03 <REP> d-a------ C:\Program Files\nLite

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-11 12:51 --------- d-----w C:\Documents and Settings\pierre brocart\Application Data\Azureus
2008-05-10 07:57 --------- d---a-w C:\Documents and Settings\All Users\Application Data\way rdr ford mpeg
2008-05-08 10:06 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-05-08 09:30 --------- d-----w C:\Program Files\Electronic Arts
2008-05-08 08:26 --------- d-----w C:\Program Files\CCleaner
2008-05-05 15:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-04 16:33 --------- d---a-w C:\Program Files\Ubisoft
2008-05-04 16:14 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-04-26 08:20 --------- d-----w C:\Program Files\Gpotato.eu
2008-04-25 09:05 --------- d-----w C:\Program Files\Google
2008-04-23 10:32 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-04-20 12:13 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-04-20 10:34 --------- d---a-w C:\Program Files\GUILD WARS
2008-04-20 10:34 --------- d---a-w C:\Documents and Settings\pierre brocart\Application Data\SolidWorks
2008-04-19 15:45 --------- d-----w C:\Program Files\Azureus
2008-04-16 11:03 --------- d-----w C:\Program Files\Intel
2008-04-16 08:06 --------- d-----w C:\Documents and Settings\pierre brocart\Application Data\LimeWire
2008-04-15 18:58 70,927 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-04-13 10:36 --------- d---a-w C:\Program Files\a-squared Free
2008-04-12 13:43 --------- d---a-w C:\Program Files\SolidWorks
2008-04-12 13:42 --------- d---a-w C:\Program Files\Fichiers communs\SolidWorks Shared
2008-04-12 13:41 --------- d---a-w C:\Program Files\Fichiers communs\Bluebeam Software
2008-04-12 13:37 --------- d---a-w C:\Program Files\TweakNow RegCleaner Std
2008-04-12 13:33 --------- d-----w C:\Documents and Settings\pierre brocart\Application Data\Apple Computer
2008-04-12 13:18 --------- d-----w C:\Program Files\Safari
2008-04-12 13:16 --------- d-----w C:\Program Files\iTunes
2008-04-12 13:15 --------- d-----w C:\Program Files\QuickTime
2008-04-12 13:15 --------- d-----w C:\Program Files\iPod
2008-04-10 17:05 22,328 ----a-w C:\Documents and Settings\pierre brocart\Application Data\PnkBstrK.sys
2008-04-10 16:49 --------- d---a-w C:\Program Files\Activision
2008-04-10 16:08 --------- d---a-w C:\Program Files\Fichiers communs\Solidworks Data
2008-04-10 15:11 --------- d---a-w C:\Documents and Settings\pierre brocart\Application Data\DWGEditor
2008-04-03 15:05 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-04-03 15:04 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
2008-04-03 15:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-04-02 18:55 --------- d---a-w C:\Program Files\MSBuild
2008-04-02 18:52 --------- d---a-w C:\Program Files\Reference Assemblies
2008-04-01 13:54 --------- d---a-w C:\Program Files\Fichiers communs\Teleca Shared
2008-04-01 13:54 --------- d---a-w C:\Program Files\Fichiers communs\Sony Ericsson Shared
2008-04-01 13:54 --------- d---a-w C:\Documents and Settings\All Users\Application Data\Teleca
2008-04-01 13:54 --------- d-----w C:\Program Files\Sony Ericsson
2008-04-01 13:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-03-30 11:55 --------- d---a-w C:\Documents and Settings\pierre brocart\Application Data\Teleca
2008-03-30 11:36 --------- d---a-w C:\Documents and Settings\pierre brocart\Application Data\Sony Ericsson
2008-03-30 02:19 --------- d---a-w C:\Program Files\PopKiller
2008-03-29 08:01 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE
2008-03-27 05:53 --------- d-----w C:\Program Files\Java
2008-03-24 19:46 --------- d-----w C:\Documents and Settings\pierre brocart\Application Data\albumart
2008-03-24 19:43 --------- d---a-w C:\Program Files\UltraISO
2008-03-24 17:24 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-24 17:13 --------- d---a-w C:\Documents and Settings\pierre brocart\Application Data\Malwarebytes
2008-03-24 17:13 --------- d---a-w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-20 06:00 --------- d-----w C:\Program Files\Panicware
2008-03-18 15:40 --------- d---a-w C:\Program Files\ESET
2008-03-18 15:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-03-17 09:33 588,336 ----a-w C:\WINDOWS\system32\ncs2dmix.dll
2008-03-17 09:33 473,648 ----a-w C:\WINDOWS\system32\accesor.dll
2008-03-16 08:27 --------- d-----w C:\Program Files\Microsoft Works
2008-03-16 08:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-12 07:09 180,224 ----a-w C:\WINDOWS\system32\Ncs2Setp.dll
2008-03-12 07:01 1,301,040 ----a-w C:\WINDOWS\system32\ncscolib.dll
2008-03-03 08:36 145,968 ----a-w C:\WINDOWS\system32\ncs2instutility.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:35 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:35 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-16 09:32 704,512 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-16 09:32 704,512 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2008-02-16 09:32 694,272 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2008-02-16 09:32 499,200 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2008-02-16 09:32 1,778,688 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2008-02-15 20:06 669,184 ----a-w C:\WINDOWS\system32\pbsvc.exe
2008-02-15 09:07 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2008-02-11 06:43 47,360 ----a-w C:\Documents and Settings\pierre brocart\Application Data\pcouffin.sys
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-12-17 13:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll
2008-02-04 19:26 151,040 --sh--w C:\WINDOWS\system32\VistaUltm.dll
.

------- Sigcheck -------

2006-01-09 20:02 666112 5404e2ead19d7e2a5c4086015062343c C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\wininet.dll
2007-08-22 14:57 669696 4f6a45b54d26708e2c2bf2c43d83edea C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\wininet.dll
2007-08-22 15:13 663040 18048557aa56de4b1955fdf7a21f9b24 C:\WINDOWS\$NtUninstallKB939653$\wininet.dll
2007-08-22 14:57 669696 4f6a45b54d26708e2c2bf2c43d83edea C:\WINDOWS\$NtUninstallKB942615$\wininet.dll
2007-10-11 07:59 704512 dc9c8413f0f233909b88e3500e66b571 C:\WINDOWS\$NtUninstallKB944533$\wininet.dll
2007-12-07 02:47 704512 456f6f2eeaa0d975581e745c6ecfd140 C:\WINDOWS\$NtUninstallKB947864$\wininet.dll
2008-02-16 11:32 704512 adb5762b2c6007095db1dc20e956bc4f C:\WINDOWS\system32\wininet.dll
2008-02-16 11:32 704512 adb5762b2c6007095db1dc20e956bc4f C:\WINDOWS\system32\dllcache\wininet.dll

2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78f3afe5-af5a-0f8e-31ca-abf595a84364}]
C:\WINDOWS\system32\{7a51d676-86dd-b9ca-ac01-5aa042bfc65c}.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 11:23 202544]
"RocketDock"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-19 00:05 630784]
"PopKiller"="C:\Program Files\PopKiller\PopKiller.exe" [2008-03-29 10:32 1987584]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2007-11-20 16:29 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-22 17:27 16132608 C:\WINDOWS\RTHDCPL.EXE]
"PMX Daemon"="ICO.EXE" [2006-11-08 17:01 49152 C:\WINDOWS\system32\ico.exe]
"ISUSPM Startup"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" [2005-08-11 16:30 249856]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30 81920]
"RoxWatchTray"="C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 13:22 221184]
"PDVDDXSrv"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 19:23 118784]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-06-20 19:14 142104]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-06-20 19:13 162584]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-06-20 19:14 138008]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 19:19 15872]
"nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920]
"RoxioDragToDisc"="C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 11:00 1116920]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 11:24 16384]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-10 10:04 262401]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"=
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Codemasters\\DiRT\\DiRT.exe"=
"C:\\Program Files\\CapCom\\Lost Planet Extreme Condition\\LostPlanetDx9.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\eMule\\emule.exe"=

R1 DLARTL_M;DLARTL_M;C:\WINDOWS\system32\Drivers\DLARTL_M.SYS [2006-08-11 12:35]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 11:23]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-05 14:00]
R3 pmxmouse;PMXMOUSE;C:\WINDO