Privacy_danger - Sécurité - Virus
  

FORUM Infos-du-Net

»

Sécurité - Virus

»

Privacy_danger

 
 


Sujet auquel vous répondez
Sujet : Privacy_danger
corbou Un grand merci déjà pour l'aide apportée.
Il est vraiment très agréable d'avoir des personnes compétentes pour aider les internautes à se désenmêler de la sorte !
 
Voici le rapport donné par Combofix :
 
ComboFix 08-01-29.3 - Corinne 2008-01-29 20:10:55.2 - NTFSx86
Microsoft Windows XP Professionnel  5.1.2600.2.1252.1.1036.18.360 [GMT 1:00]
Endroit: C:\Documents and Settings\Corinne\Bureau\ComboFix.exe
 
[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.
 
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
E:\Autorun.inf
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\WINDOWS\ampkfst.dll
C:\WINDOWS\dat.txt
C:\WINDOWS\dxpvqlmtqn.dll
C:\WINDOWS\privacy_danger
C:\WINDOWS\privacy_danger\images\capt.gif
C:\WINDOWS\privacy_danger\images\danger.jpg
C:\WINDOWS\privacy_danger\images\down.gif
C:\WINDOWS\privacy_danger\images\spacer.gif
C:\WINDOWS\privacy_danger\index.htm
C:\WINDOWS\rs.txt
C:\WINDOWS\search_res.txt
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\Cache
E:\Autorun.inf
 
.
(((((((((((((((((((((((((((((   Fichiers créés 2007-12-28 to 2008-01-29  ))))))))))))))))))))))))))))))))))))
.
 
2008-01-27 14:04 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-27 14:04 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-01-27 14:04 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-27 14:04 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-01-27 14:04 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-27 14:04 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-26 20:05 . 2008-01-27 14:45 <REP> d-------- C:\Program Files\Everest Poker
2008-01-26 19:27 . 2008-01-26 19:27 <REP> d-------- C:\Program Files\Zattoo
2008-01-25 06:18 . 2008-01-25 06:18 <REP> d-------- C:\Documents and Settings\Corinne\Application Data\HP
2008-01-23 16:22 . 2008-01-23 19:08 <REP> d-------- C:\Program Files\hp deskjet 970c series
2008-01-21 10:18 . 2008-01-21 12:38 <REP> d-------- C:\Program Files\Yahoo!
2008-01-21 10:18 . 2008-01-21 10:19 <REP> d-------- C:\Program Files\CCleaner
2008-01-19 16:06 . 2008-01-19 16:06 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2008-01-19 11:25 . 2008-01-24 07:09 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-19 11:25 . 2008-01-19 11:25 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-18 21:12 . 2008-01-18 21:13 <REP> d-------- C:\Program Files\OpenOffice.org 2.3
2008-01-18 21:10 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-01-13 19:58 . 2008-01-26 23:09 2,538 --a--c--- C:\rollback.ini
2008-01-13 19:11 . 2008-01-13 19:11 <REP> d-------- C:\Program Files\SonicWallES
2008-01-11 16:54 . 2008-01-13 19:47 <REP> d-------- C:\Documents and Settings\Corinne\Application Data\MailFrontier
2008-01-11 16:47 . 2008-01-29 12:43 11,504,672 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-11 16:47 . 2008-01-29 12:43 124,100 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-01-11 16:40 . 2008-01-13 19:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-01-11 16:40 . 2007-12-13 19:27 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-01-11 16:40 . 2007-12-13 19:27 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2008-01-11 16:40 . 2007-12-13 19:27 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
2008-01-11 16:40 . 2007-12-13 19:27 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
2008-01-11 16:40 . 2007-12-13 19:27 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
2008-01-11 16:40 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2008-01-11 16:40 . 2008-01-28 17:04 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-01-11 13:09 . 2008-01-29 19:59 <REP> d-------- C:\WINDOWS\Internet Logs
2008-01-11 11:44 . 2008-01-11 11:44 <REP> d-------- C:\WTablet
2008-01-10 13:55 . 2008-01-10 13:55 <REP> d-------- C:\Program Files\Fichiers communs\Ankiro
2008-01-10 13:54 . 2008-01-29 11:57 <REP> d-------- C:\Program Files\SPAMfighter
2008-01-10 13:54 . 2008-01-10 13:54 <REP> d-------- C:\Program Files\Fichiers communs\Application
2008-01-10 12:32 . 2008-01-10 12:32 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-01-08 22:20 . 2008-01-08 22:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-01-08 22:18 . 2008-01-08 22:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-01-08 22:18 . 2007-03-08 05:20 49,920 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-01-08 22:18 . 2007-03-08 05:20 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-01-08 22:17 . 2007-03-30 16:07 267,864 -ra------ C:\WINDOWS\system32\hpzids01.dll
2008-01-08 22:17 . 2007-03-28 14:01 117,760 --a------ C:\WINDOWS\system32\hpzll5ha.dll
2008-01-08 22:17 . 2007-03-08 05:20 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-01-08 22:16 . 2007-03-17 17:11 675,840 -ra------ C:\WINDOWS\system32\hpowiax3.dll
2008-01-08 22:16 . 2007-03-17 17:11 569,344 -ra------ C:\WINDOWS\system32\hpotscl3.dll
2008-01-08 22:16 . 2007-03-08 05:20 364,544 -ra------ C:\WINDOWS\system32\hppldcoi.dll
2008-01-08 22:16 . 2007-03-08 05:20 309,760 -ra------ C:\WINDOWS\system32\difxapi.dll
2008-01-08 22:16 . 2007-03-17 17:11 303,104 -ra------ C:\WINDOWS\system32\hpovst10.dll
2008-01-08 21:16 . 2008-01-08 21:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2008-01-08 21:15 . 2008-01-08 21:15 <REP> d-------- C:\Documents and Settings\Corinne\Application Data\HPAppData
2008-01-08 21:13 . 2008-01-08 21:13 <REP> d-------- C:\Program Files\Fichiers communs\HP
2008-01-08 21:13 . 2008-01-08 21:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-01-08 21:13 . 2008-01-08 21:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-01-08 21:12 . 2008-01-08 21:12 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2008-01-08 21:08 . 2008-01-08 22:19 160,398 --a------ C:\WINDOWS\hpoins14.dat
2008-01-08 21:08 . 2007-06-06 00:07 2,000 --------- C:\WINDOWS\hpomdl14.dat
2008-01-08 09:34 . 2008-01-08 09:34 <REP> d-------- C:\liste
2008-01-08 09:34 . 2008-01-08 09:34 <REP> d-------- C:\langue
2008-01-08 09:34 . 2008-01-08 09:34 <REP> d-------- C:\infos
2008-01-08 09:34 . 2008-01-08 09:34 <REP> d-------- C:\icones
2008-01-08 09:34 . 2008-01-08 09:34 247 --a--c--- C:\dict.ini
2008-01-06 17:53 . 2008-01-06 17:54 <REP> d-------- C:\Program Files\Dictionnaire
2008-01-06 17:15 . 2008-01-06 17:15 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-01-06 17:15 . 2008-01-06 17:15 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-01-06 17:12 . 2008-01-06 17:15 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-06 17:12 . 2008-01-06 17:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-05 16:08 . 2007-11-13 12:31 204,288 --a------ C:\WINDOWS\system32\M-AudioTaskBarIcon.exe
2008-01-05 16:07 . 2008-01-05 16:07 <REP> d-------- C:\Program Files\M-Audio
2008-01-05 16:07 . 2007-11-14 16:20 424,456 --a------ C:\WINDOWS\system32\ma_cmidn.dll
2008-01-05 16:07 . 2006-08-16 07:24 82,944 --a------ C:\WINDOWS\system32\USBMN1X1.DLL
2008-01-05 16:07 . 2007-11-14 16:20 31,752 --a------ C:\WINDOWS\system32\drivers\ma_cmidi.sys
2008-01-05 16:07 . 2006-08-16 07:24 22,208 --a------ C:\WINDOWS\system32\drivers\USBMN1X1.SYS
2008-01-05 16:07 . 2007-11-14 16:20 20,936 --a------ C:\WINDOWS\system32\drivers\usb22ldr.sys
2008-01-05 16:07 . 2007-11-14 16:20 20,168 --a------ C:\WINDOWS\system32\drivers\USB11LDR.SYS
2008-01-05 16:04 . 2008-01-05 16:04 <REP> d-------- C:\Documents and Settings\Corinne\Application Data\InstallShield
2008-01-05 14:11 . 2008-01-05 15:59 <REP> d-------- C:\Program Files\M-Audio Midisport 1x1
2008-01-04 23:58 . 2008-01-05 20:40 <REP> d-------- C:\Program Files\Melody Assistant
2008-01-04 23:58 . 2008-01-05 18:58 <REP> d-------- C:\Documents and Settings\Corinne\Application Data\ACAMPREF
2008-01-04 23:47 . 1998-02-06 21:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-01-02 11:28 . 2008-01-02 11:28 <REP> d-------- C:\WINDOWS\DNW5ENW5ENW5ENW5
2008-01-02 11:28 . 2008-01-02 11:28 <REP> d-------- C:\WINDOWS\7HQZ8HQZ8HQZ8HQZ
 
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 17:53 --------- d-----w C:\Documents and Settings\Corinne\Application Data\OpenOffice.org2
2008-01-29 17:49 --------- d-----w C:\Documents and Settings\Corinne\Application Data\WTablet
2008-01-27 19:46 136,192 ----a-w C:\WINDOWS\Internet Logs\xDB1E.tmp
2008-01-27 13:05 7,346 ----a-w C:\WINDOWS\system32\tmp.reg
2008-01-27 12:30 1,698,304 ----a-w C:\WINDOWS\Internet Logs\xDB1D.tmp
2008-01-27 12:29 146,944 ----a-w C:\WINDOWS\Internet Logs\xDB1C.tmp
2008-01-26 16:22 1,683,456 ----a-w C:\WINDOWS\Internet Logs\xDB1B.tmp
2008-01-25 18:29 1,678,848 ----a-w C:\WINDOWS\Internet Logs\xDB1A.tmp
2008-01-25 05:19 1,675,264 ----a-w C:\WINDOWS\Internet Logs\xDB19.tmp
2008-01-24 22:25 1,672,704 ----a-w C:\WINDOWS\Internet Logs\xDB18.tmp
2008-01-24 09:40 1,671,680 ----a-w C:\WINDOWS\Internet Logs\xDB17.tmp
2008-01-23 21:33 170,496 ----a-w C:\WINDOWS\Internet Logs\xDB16.tmp
2008-01-23 17:45 1,667,072 ----a-w C:\WINDOWS\Internet Logs\xDB15.tmp
2008-01-21 20:11 112,128 ----a-w C:\WINDOWS\Internet Logs\xDB13.tmp
2008-01-21 20:11 1,629,184 ----a-w C:\WINDOWS\Internet Logs\xDB14.tmp
2008-01-21 11:43 156,672 ----a-w C:\WINDOWS\Internet Logs\xDB11.tmp
2008-01-21 11:43 1,628,672 ----a-w C:\WINDOWS\Internet Logs\xDB12.tmp
2008-01-21 09:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-20 17:51 53,248 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp
2008-01-20 17:51 1,609,216 ----a-w C:\WINDOWS\Internet Logs\xDB10.tmp
2008-01-19 15:18 128,000 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp
2008-01-19 15:18 1,607,680 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp
2008-01-19 15:05 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-01-19 14:10 1,603,584 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp
2008-01-18 21:25 153,600 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp
2008-01-18 21:25 1,582,080 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp
2008-01-18 20:10 --------- d-----w C:\Program Files\Java
2008-01-18 19:59 --------- d-----w C:\Program Files\OpenOffice.org 2.1
2008-01-17 21:24 109,568 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp
2008-01-17 20:11 1,543,680 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
2008-01-17 16:53 273,408 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
2008-01-17 16:53 1,542,656 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
2008-01-16 18:33 1,538,048 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
2008-01-16 12:34 1,521,664 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
2008-01-15 05:26 520,704 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-01-13 18:41 1,363,456 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-01-11 16:00 153,600 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-01-10 11:39 --------- d-----w C:\Program Files\QuickTime
2008-01-08 20:16 --------- d-----w C:\Program Files\Hp
2008-01-08 20:16 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-06 16:12 --------- d-----w C:\Program Files\Windows Live
2008-01-05 15:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-02 15:18 --------- d-----w C:\Program Files\MSN Messenger
2008-01-02 15:18 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-18 11:27 --------- d-----w C:\Program Files\DivX
2007-12-13 18:27 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
2007-12-13 02:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-12-11 22:34 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-12-11 22:34 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-12-08 09:43 --------- d-----w C:\Documents and Settings\Corinne\Application Data\Canon
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-12-04 05:17 --------- d-----w C:\Program Files\Incomplete
2007-12-03 19:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2007-12-02 18:25 --------- d-----w C:\Program Files\LimeWire
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:28 728,576 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-11-04 11:04 2,868,700 ----a-w C:\WINDOWS\Screensaver SBB.scr
2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2004-07-29 01:19 175,104 ------w C:\Program Files\lame_enc.dll
2006-11-30 10:52 5 --sha-w C:\WINDOWS\system32\cbafcc_g.dll
.
 
(((((((((((((((((((((((((((((((((   Point de chargement Reg   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
2007-03-02 16:52 1298024 -ra------ C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_printenhancer.dll
 
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
2007-03-02 16:52 177768 -ra------ C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 09:00 15360]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-09-29 22:01 190024]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-24 13:22 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55 5674352]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 10:59 204288]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2007-11-22 17:10 787696]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 09:11 925696]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-05-06 14:06 716800]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43 45056]
"AccelerometerSysTrayApplet"="C:\WINDOWS\system32\AccelerometerSt.exe" [2006-01-16 22:01 53248]
"PTHOSTTR"="C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [2005-10-04 15:23 86016]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-08-31 05:20 122940]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-10 19:04 761945]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 16:45 507904]
"CognizanceTS"="C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 19:12 17920]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-01-15 14:22 131072]
"Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [2005-12-20 15:51 1187840]
"Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2006-01-23 16:11 802816]
"Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [2006-01-19 19:22 905216]
"WatchDog"="C:\Program Files\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 11:59 184320]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2005-10-27 13:51 241726]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-12-10 19:57 196608]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50 81920]
"ClocX"="C:\Program Files\ClocX\ClocX.exe" [2005-01-26 10:04 270336]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-10 10:15 1838592]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36 256576]
"JWOSetup"="JWOSetup.exe" [2006-05-15 15:21 86016 C:\WINDOWS\JWOSetup.exe]
"SMKRun"="C:\Program Files\JustWrite Office\ScreenMark.exe" [2006-05-11 16:43 32768]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56 286720]
"SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2008-01-02 17:03 308880]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-12-13 19:27 919016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-01-19 16:03 185896]
 
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 09:00 15360]
 
C:\Documents and Settings\Corinne\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216]
Webshots.lnk - C:\Program Files\Webshots\Launcher.exe [2006-08-30 21:31:53 45056]
 
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-05-15 01:19:50 217193]
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2006-01-18 14:25:02 581693]
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2006-06-06 18:44:44 184320]
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-06-06 11:10:02 394856]
 
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= file:///C:\WINDOWS\privacy_danger\index.htm
FriendlyName= Privacy Protection
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"ampkfst"= {634BC139-5035-4E1C-A6CD-CD10A0A58A3F} - C:\WINDOWS\ampkfst.dll [ ]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IfxWlxEN]
IfxWlxEN.dll 2005-08-19 14:52 389120 C:\WINDOWS\system32\IfxWlxEN.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll 2005-07-25 19:41 40960 C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL, C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL, C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
 
R1 PersonalSecureDrive;PersonalSecureDrive;C:\WINDOWS\system32\drivers\psd.sys [2005-10-25 19:10]
R2 ASChannel;Canal de communication local;C:\WINDOWS\System32\svchost.exe [2004-08-05 09:00]
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-05 14:00]
R2 SPAMfighter Update Service;SPAMfighter Update Service;"C:\Program Files\SPAMfighter\sfus.exe" [2008-01-02 17:03]
R3 GTIPCI21;GTIPCI21;C:\WINDOWS\system32\DRIVERS\gtipci21.sys [2005-05-31 11:46]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-06-10 14:26]
R3 wacommousefilter;Wacom Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2006-02-14 13:18]
R3 wacomvhid;Wacom Virtual Hid Driver;C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2006-02-14 13:19]
S3 G3GRSC;G3G R Smart Card;C:\WINDOWS\system32\DRIVERS\g3grsc.sys [2004-10-14 11:28]
S3 G3GRUMDM;G3G R USB Modem;C:\WINDOWS\system32\DRIVERS\g3grumdm.sys [2004-10-14 11:28]
S3 G3GRUSER;G3G R USB Serial;C:\WINDOWS\system32\DRIVERS\g3gruser.sys [2004-10-14 11:28]
S3 MA_CMIDI;M-Audio USB Driver;C:\WINDOWS\system32\drivers\ma_cmidi.sys [2007-11-14 16:20]
S3 USB22LDR;M-Audio USB MIDISPORT 2x2 Loader;C:\WINDOWS\system32\drivers\usb22ldr.sys [2007-11-14 16:20]
S3 W8100PCI;Marvell Libertas 802.11b/g Driver for Windows XP;C:\WINDOWS\system32\DRIVERS\mrv8k51.sys [2004-09-03 12:03]
S3 wtsmpadap;Sesam Virtual Adapter;C:\WINDOWS\system32\DRIVERS\wtsmpadap.sys [2004-10-22 11:06]
S3 WtSmpFlt;Sesam Adapter;C:\WINDOWS\system32\DRIVERS\wtsmpflt.sys [2004-10-22 11:08]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ    ASChannel
HPZ12 REG_MULTI_SZ    Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ    hpqcxs08 hpqddsvc
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{435b804c-59ef-11db-b6c0-0013022fdde6}]
\Shell\AutoRun\command - F:\start.exe
\Shell\FramaKey\command - F:\start.exe
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8a6451c4-8156-11db-b719-0013022fdde6}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1501602-101c-11dc-b8cc-0013022fdde6}]
\Shell\AutoRun\command - F:\start.exe
\Shell\FramaKey\command - F:\start.exe
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aac5f764-f647-11da-ac8f-0013022fdde6}]
\Shell\AutoRun\command - F:\start.exe
\Shell\FramaKey\command - F:\start.exe
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{deceec30-869a-11db-b725-0013022fdde6}]
\Shell\AutoRun\command - F:\start.exe
\Shell\FramaKey\command - F:\start.exe
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb89a703-6689-11db-b6d8-0016d4024e85}]
\Shell\AutoRun\command - F:\start.exe
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fcced28c-0e19-11dc-b8c6-0013022fdde6}]
\Shell\AutoRun\command - G:\start.exe
\Shell\FramaKey\command - G:\start.exe
 
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-21 07:00:29 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-05 15:30:20 C:\WINDOWS\Tasks\Spybot - Search & Destroy -  Scheduled Task.job"
- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
"2008-01-29 18:53:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
 
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-29 20:16:57
Windows 5.1.2600 Service Pack 2 NTFS
 
Balayage processus cachés ...
 
Balayage caché autostart entries ...
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????8j?????????|?`???? ?t?C?????????????xmC? ???8j?  
 
Balayage des fichiers cachés ...
 
Scan terminé avec succès  
Les fichiers cachés: 0  
 
**************************************************************************
.
Temps d'accomplissement: 2008-01-29 20:20:30
ComboFix-quarantined-files.txt  2008-01-29 19:20:23
.
2008-01-10 02:01:00 --- E O F ---  

Votre réponse
Nom d'utilisateur    Pour poster, vous devez être inscrit sur ce forum .... si ce n'est pas le cas, cliquez ici !
Le ton de votre message                        
                       
Votre réponse


Smilies
 
:pfff:
:ange:
:non:
:bounce:
:)
:(
:D
;)
:ouch:
:o
:??:
:p
:na:
:sarcastic:
:fou:
:pt1cable:
:lol:
:wahoo:
:kaola:
:love:
:heink:
:cry:
:whistle:
:sol:
:sleep:
:sweat:
:hello:
 

Liste des smilies perso
[b][i][u][strike][spoiler][fixed][cpp][url][email][img][flash]Insérer un code de video fourni[*]  
 
   [quote]
 
Options

 
Vous avez perdu votre mot de passe ?


Vue Rapide de la discussion
Angeldark Re,
 
Redémarre en mode sans échec
 
Lance SmitfraudFix.exe et choisis cette fois l'Option 2 et réponds oui à la ou les questions.
Sauvegarde le rapport sur ton Bureau.
 
Redémarre normalement.
 
Poste les rapports Hijackthis et SmitfraudFix.
corbou Voici le rapport demandé :
 
SmitFraudFix v2.274
 
Rapport fait à 22:02:28.00, 29.01.2008
Executé à partir de C:\Documents and Settings\Corinne\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
 
»»»»»»»»»»»»»»»»»»»»»»»» Process
 
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Program Files\ProtectTools\Embedded Security Software\SpTna.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTServs.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\AccelerometerSt.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\ClocX\ClocX.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\JustWrite Office\ScreenMark.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
 
»»»»»»»»»»»»»»»»»»»»»»»» hosts
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Corinne
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Corinne\Application Data
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Corinne\Favoris
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
 
 
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files  
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:\\WINDOWS\\privacy_danger\\index.htm"
"SubscribedURL"=""
"FriendlyName"="Privacy Protection"
 
 
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
 
IEDFix.exe by S!Ri
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
 
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
 
 
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL, C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL, C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL"
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
 
 
 
»»»»»»»»»»»»»»»»»»»»»»»» DNS
 
Description: Intel(R) PRO/Wireless 3945ABG Network Connection
DNS Server Search Order: 192.168.2.1
 
HKLM\SYSTEM\CCS\Services\Tcpip\..\{9E3A09DA-7DB0-43AB-81D4-E495E94CE804}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{9E3A09DA-7DB0-43AB-81D4-E495E94CE804}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{9E3A09DA-7DB0-43AB-81D4-E495E94CE804}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{CF23C5AB-994B-4F48-80E4-B3B4231C25E4}: NameServer=164.128.36.36,164.128.36.37
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
 
 
»»»»»»»»»»»»»»»»»»»»»»»» Fin
 
Angeldark Re,
 
Télécharge Smitfraudfix (de S!ri).
Enregistre-le sur ton bureau.
Lance SmitfraudFix.exe (le .exe peut ne pas apparaitre).
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.
 
**Si le lien ne fonctionne pas, clique ici**
corbou Un grand merci déjà pour l'aide apportée.
Il est vraiment très agréable d'avoir des personnes compétentes pour aider les internautes à se désenmêler de la sorte !
 
Voici le rapport donné par Combofix :
 
ComboFix 08-01-29.3 - Corinne 2008-01-29 20:10:55.2 - NTFSx86
Microsoft Windows XP Professionnel  5.1.2600.2.1252.1.1036.18.360 [GMT 1:00]
Endroit: C:\Documents and Settings\Corinne\Bureau\ComboFix.exe
 
[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.
 
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
E:\Autorun.inf
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\WINDOWS\ampkfst.dll
C:\WINDOWS\dat.txt
C:\WINDOWS\dxpvqlmtqn.dll
C:\WINDOWS\privacy_danger
C:\WINDOWS\privacy_danger\images\capt.gif
C:\WINDOWS\privacy_danger\images\danger.jpg
C:\WINDOWS\privacy_danger\images\down.gif
C:\WINDOWS\privacy_danger\images\spacer.gif
C:\WINDOWS\privacy_danger\index.htm
C:\WINDOWS\rs.txt
C:\WINDOWS\search_res.txt
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\Cache
E:\Autorun.inf
 
.
(((((((((((((((((((((((((((((   Fichiers créés 2007-12-28 to 2008-01-29  ))))))))))))))))))))))))))))))))))))
.
 
2008-01-27 14:04 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-27 14:04 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-01-27 14:04 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-27 14:04 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-01-27 14:04 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-27 14:04 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-26 20:05 . 2008-01-27 14:45 <REP> d-------- C:\Program Files\Everest Poker
2008-01-26 19:27 . 2008-01-26 19:27 <REP> d-------- C:\Program Files\Zattoo
2008-01-25 06:18 . 2008-01-25 06:18 <REP> d-------- C:\Documents and Settings\Corinne\Application Data\HP
2008-01-23 16:22 . 2008-01-23 19:08 <REP> d-------- C:\Program Files\hp deskjet 970c series
2008-01-21 10:18 . 2008-01-21 12:38 <REP> d-------- C:\Program Files\Yahoo!
2008-01-21 10:18 . 2008-01-21 10:19 <REP> d-------- C:\Program Files\CCleaner
2008-01-19 16:06 . 2008-01-19 16:06 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2008-01-19 11:25 . 2008-01-24 07:09 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-19 11:25 . 2008-01-19 11:25 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-18 21:12 . 2008-01-18 21:13 <REP> d-------- C:\Program Files\OpenOffice.org 2.3
2008-01-18 21:10 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-01-13 19:58 . 2008-01-26 23:09 2,538 --a--c--- C:\rollback.ini
2008-01-13 19:11 . 2008-01-13 19:11 <REP> d-------- C:\Program Files\SonicWallES
2008-01-11 16:54 . 2008-01-13 19:47 <REP> d-------- C:\Documents and Settings\Corinne\Application Data\MailFrontier
2008-01-11 16:47 . 2008-01-29 12:43 11,504,672 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-11 16:47 . 2008-01-29 12:43 124,100 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-01-11 16:40 . 2008-01-13 19:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-01-11 16:40 . 2007-12-13 19:27 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-01-11 16:40 . 2007-12-13 19:27 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2008-01-11 16:40 . 2007-12-13 19:27 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
2008-01-11 16:40 . 2007-12-13 19:27 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
2008-01-11 16:40 . 2007-12-13 19:27 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
2008-01-11 16:40 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2008-01-11 16:40 . 2008-01-28 17:04 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-01-11 13:09 . 2008-01-29 19:59 <REP> d-------- C:\WINDOWS\Internet Logs
2008-01-11 11:44 . 2008-01-11 11:44 <REP> d-------- C:\WTablet
2008-01-10 13:55 . 2008-01-10 13:55 <REP> d-------- C:\Program Files\Fichiers communs\Ankiro
2008-01-10 13:54 . 2008-01-29 11:57 <REP> d-------- C:\Program Files\SPAMfighter
2008-01-10 13:54 . 2008-01-10 13:54 <REP> d-------- C:\Program Files\Fichiers communs\Application
2008-01-10 12:32 . 2008-01-10 12:32 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-01-08 22:20 . 2008-01-08 22:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-01-08 22:18 . 2008-01-08 22:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-01-08 22:18 . 2007-03-08 05:20 49,920 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-01-08 22:18 . 2007-03-08 05:20 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-01-08 22:17 . 2007-03-30 16:07 267,864 -ra------ C:\WINDOWS\system32\hpzids01.dll
2008-01-08 22:17 . 2007-03-28 14:01 117,760 --a------ C:\WINDOWS\system32\hpzll5ha.dll
2008-01-08 22:17 . 2007-03-08 05:20 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-01-08 22:16 . 2007-03-17 17:11 675,840 -ra------ C:\WINDOWS\system32\hpowiax3.dll
2008-01-08 22:16 . 2007-03-17 17:11 569,344 -ra------ C:\WINDOWS\system32\hpotscl3.dll
2008-01-08 22:16 . 2007-03-08 05:20 364,544 -ra------ C:\WINDOWS\system32\hppldcoi.dll
2008-01-08 22:16 . 2007-03-08 05:20 309,760 -ra------ C:\WINDOWS\system32\difxapi.dll
2008-01-08 22:16 . 2007-03-17 17:11 303,104 -ra------ C:\WINDOWS\system32\hpovst10.dll
2008-01-08 21:16 . 2008-01-08 21:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2008-01-08 21:15 . 2008-01-08 21:15 <REP> d-------- C:\Documents and Settings\Corinne\Application Data\HPAppData
2008-01-08 21:13 . 2008-01-08 21:13 <REP> d-------- C:\Program Files\Fichiers communs\HP
2008-01-08 21:13 . 2008-01-08 21:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-01-08 21:13 . 2008-01-08 21:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-01-08 21:12 . 2008-01-08 21:12 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2008-01-08 21:08 . 2008-01-08 22:19 160,398 --a------ C:\WINDOWS\hpoins14.dat
2008-01-08 21:08 . 2007-06-06 00:07 2,000 --------- C:\WINDOWS\hpomdl14.dat
2008-01-08 09:34 . 2008-01-08 09:34 <REP> d-------- C:\liste
2008-01-08 09:34 . 2008-01-08 09:34 <REP> d-------- C:\langue
2008-01-08 09:34 . 2008-01-08 09:34 <REP> d-------- C:\infos
2008-01-08 09:34 . 2008-01-08 09:34 <REP> d-------- C:\icones
2008-01-08 09:34 . 2008-01-08 09:34 247 --a--c--- C:\dict.ini
2008-01-06 17:53 . 2008-01-06 17:54 <REP> d-------- C:\Program Files\Dictionnaire
2008-01-06 17:15 . 2008-01-06 17:15 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-01-06 17:15 . 2008-01-06 17:15 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-01-06 17:12 . 2008-01-06 17:15 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-06 17:12 . 2008-01-06 17:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-05 16:08 . 2007-11-13 12:31 204,288 --a------ C:\WINDOWS\system32\M-AudioTaskBarIcon.exe
2008-01-05 16:07 . 2008-01-05 16:07 <REP> d-------- C:\Program Files\M-Audio
2008-01-05 16:07 . 2007-11-14 16:20 424,456 --a------ C:\WINDOWS\system32\ma_cmidn.dll
2008-01-05 16:07 . 2006-08-16 07:24 82,944 --a------ C:\WINDOWS\system32\USBMN1X1.DLL
2008-01-05 16:07 . 2007-11-14 16:20 31,752 --a------ C:\WINDOWS\system32\drivers\ma_cmidi.sys
2008-01-05 16:07 . 2006-08-16 07:24 22,208 --a------ C:\WINDOWS\system32\drivers\USBMN1X1.SYS
2008-01-05 16:07 . 2007-11-14 16:20 20,936 --a------ C:\WINDOWS\system32\drivers\usb22ldr.sys
2008-01-05 16:07 . 2007-11-14 16:20 20,168 --a------ C:\WINDOWS\system32\drivers\USB11LDR.SYS
2008-01-05 16:04 . 2008-01-05 16:04 <REP> d-------- C:\Documents and Settings\Corinne\Application Data\InstallShield
2008-01-05 14:11 . 2008-01-05 15:59 <REP> d-------- C:\Program Files\M-Audio Midisport 1x1
2008-01-04 23:58 . 2008-01-05 20:40 <REP> d-------- C:\Program Files\Melody Assistant
2008-01-04 23:58 . 2008-01-05 18:58 <REP> d-------- C:\Documents and Settings\Corinne\Application Data\ACAMPREF
2008-01-04 23:47 . 1998-02-06 21:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-01-02 11:28 . 2008-01-02 11:28 <REP> d-------- C:\WINDOWS\DNW5ENW5ENW5ENW5
2008-01-02 11:28 . 2008-01-02 11:28 <REP> d-------- C:\WINDOWS\7HQZ8HQZ8HQZ8HQZ
 
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 17:53 --------- d-----w C:\Documents and Settings\Corinne\Application Data\OpenOffice.org2
2008-01-29 17:49 --------- d-----w C:\Documents and Settings\Corinne\Application Data\WTablet
2008-01-27 19:46 136,192 ----a-w C:\WINDOWS\Internet Logs\xDB1E.tmp
2008-01-27 13:05 7,346 ----a-w C:\WINDOWS\system32\tmp.reg
2008-01-27 12:30 1,698,304 ----a-w C:\WINDOWS\Internet Logs\xDB1D.tmp
2008-01-27 12:29 146,944 ----a-w C:\WINDOWS\Internet Logs\xDB1C.tmp
2008-01-26 16:22 1,683,456 ----a-w C:\WINDOWS\Internet Logs\xDB1B.tmp
2008-01-25 18:29 1,678,848 ----a-w C:\WINDOWS\Internet Logs\xDB1A.tmp
2008-01-25 05:19 1,675,264 ----a-w C:\WINDOWS\Internet Logs\xDB19.tmp
2008-01-24 22:25 1,672,704 ----a-w C:\WINDOWS\Internet Logs\xDB18.tmp
2008-01-24 09:40 1,671,680 ----a-w C:\WINDOWS\Internet Logs\xDB17.tmp
2008-01-23 21:33 170,496 ----a-w C:\WINDOWS\Internet Logs\xDB16.tmp
2008-01-23 17:45 1,667,072 ----a-w C:\WINDOWS\Internet Logs\xDB15.tmp
2008-01-21 20:11 112,128 ----a-w C:\WINDOWS\Internet Logs\xDB13.tmp
2008-01-21 20:11 1,629,184 ----a-w C:\WINDOWS\Internet Logs\xDB14.tmp
2008-01-21 11:43 156,672 ----a-w C:\WINDOWS\Internet Logs\xDB11.tmp
2008-01-21 11:43 1,628,672 ----a-w C:\WINDOWS\Internet Logs\xDB12.tmp
2008-01-21 09:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-20 17:51 53,248 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp
2008-01-20 17:51 1,609,216 ----a-w C:\WINDOWS\Internet Logs\xDB10.tmp
2008-01-19 15:18 128,000 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp
2008-01-19 15:18 1,607,680 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp
2008-01-19 15:05 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-01-19 14:10 1,603,584 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp
2008-01-18 21:25 153,600 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp
2008-01-18 21:25 1,582,080 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp
2008-01-18 20:10 --------- d-----w C:\Program Files\Java
2008-01-18 19:59 --------- d-----w C:\Program Files\OpenOffice.org 2.1
2008-01-17 21:24 109,568 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp
2008-01-17 20:11 1,543,680 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
2008-01-17 16:53 273,408 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
2008-01-17 16:53 1,542,656 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
2008-01-16 18:33 1,538,048 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
2008-01-16 12:34 1,521,664 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
2008-01-15 05:26 520,704 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-01-13 18:41 1,363,456 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-01-11 16:00 153,600 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-01-10 11:39 --------- d-----w C:\Program Files\QuickTime
2008-01-08 20:16 --------- d-----w C:\Program Files\Hp
2008-01-08 20:16 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-06 16:12 --------- d-----w C:\Program Files\Windows Live
2008-01-05 15:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-02 15:18 --------- d-----w C:\Program Files\MSN Messenger
2008-01-02 15:18 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-18 11:27 --------- d-----w C:\Program Files\DivX
2007-12-13 18:27 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
2007-12-13 02:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-12-11 22:34 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-12-11 22:34 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-12-08 09:43 --------- d-----w C:\Documents and Settings\Corinne\Application Data\Canon
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-12-04 05:17 --------- d-----w C:\Program Files\Incomplete
2007-12-03 19:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2007-12-02 18:25 --------- d-----w C:\Program Files\LimeWire
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:28 728,576 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-11-04 11:04 2,868,700 ----a-w C:\WINDOWS\Screensaver SBB.scr
2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2004-07-29 01:19 175,104 ------w C:\Program Files\lame_enc.dll
2006-11-30 10:52 5 --sha-w C:\WINDOWS\system32\cbafcc_g.dll
.
 
(((((((((((((((((((((((((((((((((   Point de chargement Reg   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
2007-03-02 16:52 1298024 -ra------ C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_printenhancer.dll
 
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
2007-03-02 16:52 177768 -ra------ C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 09:00 15360]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-09-29 22:01 190024]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-24 13:22 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55 5674352]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 10:59 204288]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2007-11-22 17:10 787696]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 09:11 925696]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-05-06 14:06 716800]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43 45056]
"AccelerometerSysTrayApplet"="C:\WINDOWS\system32\AccelerometerSt.exe" [2006-01-16 22:01 53248]
"PTHOSTTR"="C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [2005-10-04 15:23 86016]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-08-31 05:20 122940]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-10 19:04 761945]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 16:45 507904]
"CognizanceTS"="C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 19:12 17920]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-01-15 14:22 131072]
"Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [2005-12-20 15:51 1187840]
"Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2006-01-23 16:11 802816]
"Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [2006-01-19 19:22 905216]
"WatchDog"="C:\Program Files\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 11:59 184320]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2005-10-27 13:51 241726]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-12-10 19:57 196608]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50 81920]
"ClocX"="C:\Program Files\ClocX\ClocX.exe" [2005-01-26 10:04 270336]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-10 10:15 1838592]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36 256576]
"JWOSetup"="JWOSetup.exe" [2006-05-15 15:21 86016 C:\WINDOWS\JWOSetup.exe