Se connecter / S'enregistrer
Votre question

pages internet intempestives

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
15 Novembre 2008 11:12:24

salut a tous.

depuis quelques jours j ai des pages internet qui s ouvre continuellement et ca devient desagreable.
je vous envoi le rapport de hijack this.
en esperant un coup de main, merci....


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:11:48, on 15/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\documents and settings\administrateur.titanium\local settings\application data\sqgss.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {040CEA2D-217A-4339-AC6E-6B55548D8531} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: {449ecfc3-49d6-5c89-df54-ae5ffde41b44} - {44b14edf-f5ea-45fd-98c5-6d943cfce944} - C:\WINDOWS\system32\iudtqz.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9950772D-AF73-4AEA-80B6-C251EC40EA30} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [1c166a9b] rundll32.exe "C:\WINDOWS\system32\qrarjpnl.dll",b
O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [sqgss] "c:\documents and settings\administrateur.titanium\local settings\application data\sqgss.exe" sqgss
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O20 - AppInit_DLLs: iudtqz.dll
O20 - Winlogon Notify: efcDUmJB - efcDUmJB.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 5654 bytes

Autres pages sur : pages internet intempestives

a b 8 Sécurité
15 Novembre 2008 12:14:34

Bonjour,

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    15 Novembre 2008 15:31:53

    rapport de combofix

    ComboFix 08-11-13.01 - Administrateur 2008-11-15 15:18:07.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1577 [GMT 1:00]
    Lancé depuis: c:\documents and settings\Administrateur.TITANIUM\Bureau\ComboFix.exe
    * Un nouveau point de restauration a été créé
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\Administrateur.TITANIUM\Local Settings\Application Data\sqgss.dat
    c:\documents and settings\Administrateur.TITANIUM\Local Settings\Application Data\sqgss.exe
    c:\documents and settings\Administrateur.TITANIUM\Local Settings\Application Data\sqgss_nav.dat
    c:\documents and settings\Administrateur.TITANIUM\Local Settings\Application Data\sqgss_navps.dat
    c:\documents and settings\Administrateur\Application Data\m
    c:\documents and settings\Administrateur\Application Data\m\list.oct
    c:\documents and settings\Administrateur\Application Data\m\shared\(Whil)Kaspersky.Antivirus.For.Windows.Server.4.5.0.94.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\@PROMT_German-Russian_Internet_Translator_7.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\007 Spy Software 3.87.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\3D Shed & Shop Designer 2.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\811 Toolbar for Firefox 3.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Acid_Dreams_2.33.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Advanced SQL Query 2.03.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Age_of_Mythology_-_Blank_maps.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\AGUTA PAD Submitter 1.0 Patch.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Alien Countdown 4.2.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\AlphaLPD_3.0c.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\AMI GIF Transitions 2 2.0a.03.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Anti_Tracks_6.9.23_(Patch).zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Antivirus.kaspersky.+.NOD32.+.keys.&.passwords.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\AppAway 1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\ASX_Playlist_Buddy_3.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Atmosphere_Lite_6.0_[Key+Serial].zip
    c:\documents and settings\Administrateur\Application Data\m\shared\AutoDWG_DWG2Image_Converter_3.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\AVG.Antivirus.Pro_Network_Plus.Firewall.v7.0.344a618_key.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Babimals 1.01.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Barcode_Label_Workshop_Standard_Edition_6.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Berkeley DB 4.4.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\BlazingTools_Instant_Source_1.45.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Calendar Mine 2.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\CD & DVD Burner & Grabber Core 4.05.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\CDR_Tools_Front_End_1.4.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Chapmaker 1.51.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Club_Football_2005_Ajax_demo.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Costume_Vision_1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Crack_Panda_Platinum_Internet_Security_v.8.05.00+codigo_acti.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\CSAutoDoc_1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\DefPrin_1.72.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Desktop Macros 2.10.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\DesktopRTA 1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Discstarter_1.2.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Easy File Protector 4.82.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\EasyEclipse Plugin Warrior 1.2.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Ebstra-2bi_2BI.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Echo 1.00.0025.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Elvis_1.5.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\EMCO Remote Desktop Professional 2.0 Cracked.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\English-French_@promt_Internet_Translator_7.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\EnvisionAide_4.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Evolution_1.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Expired_Domain_Sniffer_3.3_[Cracked].zip
    c:\documents and settings\Administrateur\Application Data\m\shared\ezForm_Filler_1.0.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Far_Cry_MP_King_of_the_Hill_map_2.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\FEP-Private_Hero_1.0.0.1_[Key].zip
    c:\documents and settings\Administrateur\Application Data\m\shared\File Ace 1.04.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\File_Grabber.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Freaky_Burn_1.00.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\G-ColorPicker_1.01.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\GoodOK iPod Converter 6.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\GoSuRF Browser 2.76.705.8238 Beta.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\GrandBackup Ultimate 1.2 build 418 [Key+Serial].zip
    c:\documents and settings\Administrateur\Application Data\m\shared\HallowFear_Screensaver_2.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\HD_PowerBall_Lotto_Keeper_1.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\HyperCoder_Standard_Edition_1.1.0_[With_Crack].zip
    c:\documents and settings\Administrateur\Application Data\m\shared\iByte_1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Ideal_Body_Weight_Calculator_1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Ie_Minder_1.0_[Patch].zip
    c:\documents and settings\Administrateur\Application Data\m\shared\ImageQuery_1.4.4.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Imobis_R2_1.5.4.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Jetboat_Superchamps_2.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Journal_Macro_1.84.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Kingthon_Arcade_Collection_1.30.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\LeaguePad_4.0.3.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Living Cell 3D Screensaver 1.4.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Logic_Protect_6.0_[KeyGen].zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Mafia_1.1_patch.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\MakeDocJr Editor 1.0.2.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\markNewestVersion 1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Math ActiveX 1.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Microsoft HealthVault Connection Center 1.2 Beta.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Microsoft IIS 6.0 Resource Kit Tools 1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Mind_Twister_1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Mixere_1.0.83.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Multi Translate 1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\MyProBB 1.30.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\NOD32_2.51.30_PL_vitaminka_upload_by_Stefel.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\OdysseySuite_SBE_4.0.729.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Offbeat_Server_-_Developer_Edition_1.0.0p.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\OKey_v3.01_[With_Crack].zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Pamela for Skype Basic Version 3.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\PanaVue_ImageAssembler_3.5.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Parley_1.2_(Serial).zip
    c:\documents and settings\Administrateur\Application Data\m\shared\PC Mark 2002.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\PDF_Maker_Class_.NET_3.2_With_Crack.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Personal_Anti-Phishing_Sidebar_0.6.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Pool_Shark_1.80.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Portable_EditPad_Pro_6.2.2.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\PPWIZARD - HTML Preprocessor 08.071.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Private_Pix_2.93.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Queen_Hynde_3.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Question_Writer_-_Personal_Edition_2.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\QuickMessenger_v3.2.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\QuizMaster_4.1.2_build_363.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\RealConcept_Privacy_Bar_1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Refined Elliot Trader 1.0.9.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Remora_USB_File_Guard_Pro_1.9.0.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Rozmic_Firewall_1.2.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\RvAlgo_Prof_2.11.6.3_(Key).zip
    c:\documents and settings\Administrateur\Application Data\m\shared\SafeKuvert 1.0.1.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Save-It 2.2.01.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\SeaStorm_3D_Screensaver_1.51_[Key].zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Simply_School_US_3.0.1_(KeyGen).zip
    c:\documents and settings\Administrateur\Application Data\m\shared\SonicFolder 1.5.1.3.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\SoundNet 1.1.13.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\SQL Log Rescue 1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Strange_Adventures_in_Infinite_Space_Even_Stranger_Adventures_in_Infinite_Space_mod.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Studionics_1.0_beta_[Key].zip
    c:\documents and settings\Administrateur\Application Data\m\shared\SwapKeys_1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Symantec.Norton.Ghost.2003.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\TablePlanner_2.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Theme_Calendar_-_Motivational_Quotes_1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\ThumbTweak_1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\TickerShop_for_Amazon_2.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\TOEFL Secrets Study Guide.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\TscExcelExport 3.7.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\UserGate Proxy Server 4.1 KeyGen.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Voice Insert ActiveX SDK 3.1.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Voodoo Chat Server 14p2.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Watchdog_-_O_-_Matic_5.00_build_1078_[Key].zip
    c:\documents and settings\Administrateur\Application Data\m\shared\WebTV Denial of Service Vulnerability Patch (Windows Me) (MS00-074).zip
    c:\documents and settings\Administrateur\Application Data\m\shared\WinaXe Windows X Server 7.4 (Key).zip
    c:\documents and settings\Administrateur\Application Data\m\shared\Wireless_Sales_for_Pocket_PC_1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\XPcop 1.0.zip
    c:\documents and settings\Administrateur\Application Data\m\shared\XTS_keylogger_2.01_(KeyGen).zip
    c:\documents and settings\Administrateur\Application Data\m\shared\YASA_DVD_to_3GP_Converter_2.6.82.2847.zip
    c:\documents and settings\Administrateur\Application Data\m\srvlist.oct
    c:\documents and settings\Administrateur\Application Data\ShoppingReport
    c:\documents and settings\Administrateur\Application Data\ShoppingReport\cs\Config.xml
    c:\documents and settings\Administrateur\Application Data\ShoppingReport\cs\db\Aliases.dbs
    c:\documents and settings\Administrateur\Application Data\ShoppingReport\cs\db\Sites.dbs
    c:\documents and settings\Administrateur\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
    c:\documents and settings\Administrateur\Application Data\ShoppingReport\cs\report\aggr_storage.xml
    c:\documents and settings\Administrateur\Application Data\ShoppingReport\cs\report\send_storage.xml
    c:\documents and settings\Administrateur\Application Data\ShoppingReport\cs\res1\WhiteList.dbs
    c:\documents and settings\Administrateur\Local Settings\Application Data\dfmjf.dat
    c:\documents and settings\Administrateur\Local Settings\Application Data\dfmjf_nav.dat
    c:\documents and settings\Administrateur\Local Settings\Application Data\dfmjf_navps.dat
    c:\documents and settings\Administrateur\Local Settings\Application Data\lovmsisf.dat
    c:\documents and settings\Administrateur\Local Settings\Application Data\lovmsisf_nav.dat
    c:\documents and settings\Administrateur\Local Settings\Application Data\lovmsisf_navps.dat
    c:\documents and settings\P1\Application Data\DriveCleaner 2006 Free
    c:\documents and settings\P1\Application Data\DriveCleaner 2006 Free\Logs\update.log
    c:\documents and settings\P1\Favoris\Online Security Guide.lnk
    c:\install\install.exe
    c:\program files\INSTALL.LOG
    c:\windows\system32\abdMmnpo.ini
    c:\windows\system32\abdMmnpo.ini2
    c:\windows\system32\cvoupmdj.dll
    c:\windows\system32\drivers\downld
    c:\windows\system32\iudtqz.dll
    c:\windows\system32\lnpjrarq.ini
    c:\windows\system32\qrarjpnl.dll
    c:\windows\system32\sgbvugba.ini
    c:\windows\system32\ymgessnt.ini

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-15 au 2008-11-15 ))))))))))))))))))))))))))))))))))))
    .

    2008-11-15 09:59 . 2008-11-15 09:59 <REP> d-------- c:\program files\Trend Micro
    2008-11-15 09:26 . 2008-11-15 09:27 33 --a------ c:\windows\CMSurround.ini
    2008-11-14 17:05 . 2008-11-14 17:05 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Grisoft
    2008-11-14 17:05 . 2008-11-14 17:05 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Application Data\Grisoft
    2008-11-14 17:05 . 2007-05-30 13:10 10,872 --a------ c:\windows\system32\drivers\AvgAsCln.sys
    2008-11-14 16:58 . 2008-11-14 17:04 <REP> d-------- c:\program files\Fighters
    2008-11-14 16:58 . 2008-11-14 16:58 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Fighters
    2008-11-14 16:52 . 2008-11-14 18:48 <REP> d-a------ c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
    2008-11-14 15:18 . 2008-11-14 15:19 <REP> d-------- c:\program files\Dell Photo AIO Printer 922
    2008-11-10 17:07 . 2004-08-03 23:08 26,496 --a--c--- c:\windows\system32\dllcache\usbstor.sys
    2008-11-10 09:09 . 2008-11-14 15:22 572 --a------ c:\windows\dellstat.ini
    2008-11-10 09:08 . 2001-08-23 17:47 87,040 --a------ c:\windows\system32\wiafbdrv.dll
    2008-11-10 09:08 . 2001-08-23 17:47 87,040 --a--c--- c:\windows\system32\dllcache\wiafbdrv.dll
    2008-11-10 09:08 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
    2008-11-10 09:08 . 2004-08-03 22:58 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
    2008-11-10 09:06 . 2008-11-14 16:28 <REP> d-------- c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}
    2008-11-10 09:06 . 2008-11-10 09:06 <REP> d-------- C:\Dell922
    2008-11-09 22:24 . 2008-11-09 22:24 <REP> dr-h----- c:\documents and settings\Administrateur.TITANIUM\Application Data\SecuROM
    2008-11-09 22:21 . 2008-11-15 11:40 107,888 --a------ c:\windows\system32\CmdLineExt.dll
    2008-11-09 22:18 . 2008-11-09 22:18 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
    2008-11-09 22:18 . 2008-11-09 22:18 22,328 --a------ c:\documents and settings\Administrateur.TITANIUM\Application Data\PnkBstrK.sys
    2008-11-09 22:17 . 2008-11-09 22:17 2,250,024 --a------ c:\windows\system32\pbsvc.exe
    2008-11-09 22:17 . 2008-11-09 22:18 107,832 --a------ c:\windows\system32\PnkBstrB.exe
    2008-11-09 22:17 . 2008-11-09 22:17 66,872 --a------ c:\windows\system32\PnkBstrA.exe
    2008-11-09 21:36 . 2008-11-09 21:36 <REP> d-------- c:\program files\VirtualDJ
    2008-11-09 21:25 . 2008-11-09 21:25 <REP> d-------- c:\program files\wmp 11
    2008-11-09 21:08 . 2008-11-09 21:08 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Application Data\OpenOffice.org
    2008-11-09 21:06 . 2008-11-09 21:06 <REP> d-------- c:\program files\OpenOffice.org 3
    2008-11-09 21:06 . 2008-11-09 21:06 <REP> d-------- c:\program files\JRE
    2008-11-09 21:06 . 2008-06-10 02:32 73,728 --a------ c:\windows\system32\javacpl.cpl
    2008-11-09 20:57 . 2008-11-09 20:57 45 ---h----- c:\windows\ddis2471.dat
    2008-11-09 20:56 . 2008-11-09 20:57 <REP> d-------- c:\program files\PhotoFiltre Studio
    2008-11-09 20:32 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll
    2008-11-09 20:19 . 2008-09-21 12:06 31,232 --a------ c:\windows\system\vdremote.dll
    2008-11-09 20:19 . 2008-09-21 12:06 25,088 --a------ c:\windows\system\vdsvrlnk.dll
    2008-11-09 20:12 . 2008-11-09 20:12 7,680 --ahs---- c:\windows\Thumbs.db
    2008-11-09 20:12 . 2008-11-10 13:32 116 --a------ c:\windows\NeroDigital.ini
    2008-11-09 20:10 . 2008-11-15 09:24 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Application Data\uTorrent
    2008-11-09 20:00 . 2008-11-09 20:00 0 --a------ c:\windows\nsreg.dat
    2008-11-09 19:51 . 2008-11-09 19:58 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Contacts
    2008-11-09 19:43 . 2008-11-15 09:35 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\WLInstaller
    2008-11-09 19:34 . 2007-07-30 19:19 43,352 --a------ c:\windows\system32\wups2.dll
    2008-11-09 19:34 . 2007-07-30 19:19 38,232 --a------ c:\windows\system32\wucltui.dll.mui
    2008-11-09 19:34 . 2007-07-30 19:20 30,040 --a------ c:\windows\system32\wuaucpl.cpl.mui
    2008-11-09 19:34 . 2007-07-30 19:19 30,040 --a------ c:\windows\system32\wuapi.dll.mui
    2008-11-09 19:34 . 2007-07-30 19:18 21,336 --a------ c:\windows\system32\wuaueng.dll.mui
    2008-11-09 19:33 . 2008-11-09 19:33 <REP> d---s---- c:\documents and settings\Administrateur.TITANIUM\UserData
    2008-11-09 19:29 . 2008-11-09 19:29 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\GRETECH
    2008-11-09 19:29 . 2008-11-09 19:29 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Application Data\GRETECH
    2008-11-09 19:20 . 2008-11-09 19:20 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Application Data\AdobeUM
    2008-11-09 19:09 . 2008-11-09 19:10 242 --a------ c:\windows\BricoPackFoldersDelete.cmd
    2008-11-09 18:58 . 2008-11-09 19:10 2,359,350 --a------ c:\windows\BricoPack Wallpaper.bmp
    2008-11-09 18:58 . 2008-11-09 19:10 64,610 --a------ c:\windows\BricoPackUninst.cmd
    2008-11-09 18:42 . 2008-07-29 13:33 446,464 --a------ c:\windows\system32\nvunrm.exe
    2008-11-09 18:42 . 2008-07-29 13:30 6,045 --a------ c:\windows\system32\nvnrm.nvu
    2008-11-09 18:42 . 2008-07-08 01:45 4,984 --a------ c:\windows\system32\drivers\nvphy.bin
    2008-11-09 18:32 . 2008-10-07 13:33 201,157 --a------ c:\windows\system32\nvapps.nvb
    2008-11-09 18:32 . 2008-07-10 04:07 7,143 --a------ c:\windows\system32\nvide.nvu
    2008-11-09 18:21 . 2008-11-09 18:21 <REP> d-------- c:\documents and settings\ADMINI~1~TIT\LOCALS~1
    2008-11-09 18:21 . 2008-11-09 18:21 <REP> d-------- c:\documents and settings\ADMINI~1~TIT
    2008-11-09 18:14 . 2008-10-07 13:33 453,152 --a------ c:\windows\system32\nvudisp.exe
    2008-11-09 18:14 . 2008-11-15 15:22 195,368 --a------ c:\windows\system32\nvapps.xml
    2008-11-09 18:14 . 2008-10-07 13:33 18,477 --a------ c:\windows\system32\nvdisp.nvu
    2008-11-09 18:13 . 2008-10-02 10:07 453,152 --a------ c:\windows\system32\NVUNINST.EXE
    2008-11-09 18:06 . 2008-11-09 18:06 <REP> d-------- c:\program files\PCI Audio Applications
    2008-11-09 18:06 . 1998-11-13 13:16 308,224 --a------ c:\windows\IsUn040c.exe
    2008-11-09 18:06 . 2001-09-28 04:20 73,728 --------- c:\windows\system\CMedia.dll
    2008-11-09 18:06 . 2004-08-03 23:08 10,624 --a------ c:\windows\system32\drivers\gameenum.sys
    2008-11-09 18:06 . 2004-08-03 23:08 10,624 --a--c--- c:\windows\system32\dllcache\gameenum.sys
    2008-11-09 18:06 . 2008-11-09 18:16 4,346 --a------ c:\windows\mixerdef.ini
    2008-11-09 18:05 . 2008-11-09 18:05 <REP> d-------- c:\program files\C-Media
    2008-11-09 18:05 . 2008-11-09 18:05 <REP> d-------- C:\CMP-SOUNDCARD20_XP_NT_DRIVER
    2008-11-09 18:05 . 2001-10-22 11:24 1,216,512 --a------ c:\windows\mixer.exe
    2008-11-09 18:05 . 2001-01-11 08:02 794,624 --a--c--- c:\windows\system32\dllcache\a3d.dll
    2008-11-09 18:05 . 2001-01-11 08:02 794,624 --a------ c:\windows\system32\Audio3D.dll
    2008-11-09 18:05 . 2001-01-11 08:02 794,624 --a------ c:\windows\system32\a3d.dll
    2008-11-09 18:05 . 2000-10-20 12:28 765,952 --a------ c:\windows\system\crlds3d.dll
    2008-11-09 18:05 . 2001-10-30 13:01 280,782 --a------ c:\windows\system32\drivers\cmaudio.sys
    2008-11-09 18:05 . 2001-10-22 11:01 122,880 --a------ c:\windows\cmuninst.exe
    2008-11-09 18:05 . 2001-10-22 11:02 122,880 --a------ c:\windows\cmuninst.dat
    2008-11-09 18:05 . 2001-10-16 11:00 28,672 --a------ c:\windows\system32\cmnprop.dll
    2008-11-09 18:05 . 2008-11-09 18:16 171 --a------ c:\windows\CMISETUP.INI
    2008-11-09 18:05 . 2008-11-09 18:16 26 --a------ c:\windows\CMCDPLAY.INI
    2008-11-09 18:02 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
    2008-11-09 17:59 . 2006-10-16 16:10 23,856 --a------ c:\windows\system32\spupdsvc.exe
    2008-11-09 17:56 . 2007-07-19 18:14 3,727,720 --a------ c:\windows\system32\d3dx9_35.dll
    2008-11-09 17:56 . 2008-11-09 17:56 664 --a------ c:\windows\system32\d3d9caps.dat
    2008-11-09 17:53 . 2008-11-15 09:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\ma-config.com
    2008-11-09 17:28 . 2004-08-03 23:15 145,792 --a------ c:\windows\system32\drivers\portcls.sys
    2008-11-09 17:28 . 2004-08-03 23:15 145,792 --a--c--- c:\windows\system32\dllcache\portcls.sys
    2008-11-09 17:28 . 2004-08-04 00:55 130,048 --a------ c:\windows\system32\ksproxy.ax
    2008-11-09 17:28 . 2004-08-04 00:55 130,048 --a--c--- c:\windows\system32\dllcache\ksproxy.ax
    2008-11-09 17:28 . 2004-08-04 01:54 77,312 --a------ c:\windows\system32\usbui.dll
    2008-11-09 17:28 . 2004-08-03 23:08 60,288 --a------ c:\windows\system32\drivers\drmk.sys
    2008-11-09 17:28 . 2004-08-03 23:08 60,288 --a--c--- c:\windows\system32\dllcache\drmk.sys
    2008-11-09 17:28 . 2004-08-04 01:39 58,496 --a------ c:\windows\system32\drivers\redbook.sys
    2008-11-09 17:28 . 2001-08-17 22:46 6,400 --a------ c:\windows\system32\drivers\enum1394.sys
    2008-11-09 17:28 . 2004-08-04 00:54 4,096 --a------ c:\windows\system32\ksuser.dll
    2008-11-09 17:28 . 2004-08-04 00:54 4,096 --a--c--- c:\windows\system32\dllcache\ksuser.dll
    2008-11-09 17:28 . 2001-08-17 23:00 2,944 --a------ c:\windows\system32\drivers\msmpu401.sys
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d--h----- c:\documents and settings\Default User.WINDOWS\Voisinage réseau
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d--h----- c:\documents and settings\Default User.WINDOWS\Voisinage d'impression
    2008-11-09 17:25 . 2008-11-09 16:30 <REP> d--h----- c:\documents and settings\Default User.WINDOWS\Modèles
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d-------- c:\documents and settings\Default User.WINDOWS\Mes documents
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> dr------- c:\documents and settings\Default User.WINDOWS\Menu Démarrer
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d-------- c:\documents and settings\Default User.WINDOWS\Favoris
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d-------- c:\documents and settings\Default User.WINDOWS\Bureau
    2008-11-09 17:25 . 2008-11-09 16:34 <REP> d--h----- c:\documents and settings\Default User.WINDOWS
    2008-11-09 17:25 . 2008-11-09 21:07 <REP> d--h----- c:\documents and settings\All Users.WINDOWS\Modèles
    2008-11-09 17:25 . 2008-11-09 16:36 <REP> dr------- c:\documents and settings\All Users.WINDOWS\Menu Démarrer
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Favoris
    2008-11-09 17:25 . 2008-11-09 16:31 <REP> dr------- c:\documents and settings\All Users.WINDOWS\Documents
    2008-11-09 17:25 . 2008-11-14 17:08 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Bureau
    2008-11-09 17:24 . 2008-11-09 16:36 1,340 --a------ c:\windows\system32\$winnt$.inf
    2008-11-09 16:54 . 2005-06-01 05:04 408,064 -ra------ c:\windows\system32\drivers\O4501U.sys
    2008-11-09 16:43 . 2004-08-05 13:00 221,184 --a------ c:\windows\system32\wmpns.dll
    2008-11-09 16:42 . 2008-11-09 16:42 <REP> d-------- c:\program files\Satsuki Decodeur Pack
    2008-11-09 16:42 . 2008-11-09 16:42 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\DVD Shrink
    2008-11-09 16:41 . 2004-08-23 15:38 <REP> d-------- c:\program files\WINAMP
    2008-11-09 16:41 . 2004-03-03 20:30 125,184 --------- c:\windows\system32\drivers\imagesrv.sys
    2008-11-09 16:41 . 2004-03-03 20:30 5,504 --------- c:\windows\system32\drivers\imagedrv.sys
    2008-11-09 16:40 . 2008-11-09 16:40 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\MSN Messenger 6.2.0137
    2008-11-09 16:40 . 2004-07-20 16:24 1,568,768 --------- c:\windows\system32\ImagX7.dll
    2008-11-09 16:40 . 2004-07-20 16:24 476,320 --------- c:\windows\system32\ImagXpr7.dll
    2008-11-09 16:40 . 2004-07-20 16:24 471,040 --------- c:\windows\system32\ImagXRA7.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-11-15 08:25 --------- d-----w c:\program files\ma-config.com
    2008-11-14 18:47 --------- d-----w c:\program files\eMule
    2008-11-14 17:52 --------- d-----w c:\program files\dl_Cats
    2008-11-09 20:06 --------- d-----w c:\program files\Java
    2008-11-09 19:52 --------- d-----w c:\program files\Azureus
    2008-11-09 19:50 --------- d-----w c:\program files\Microsoft LifeCam
    2008-11-09 19:28 --------- d-----w c:\program files\VideoCap
    2008-11-09 19:24 --------- d-----w c:\program files\CamStudio
    2008-11-09 17:58 219,648 ----a-w c:\windows\system32\uxtheme.dll
    2008-11-09 17:49 --------- d-----w c:\program files\MSN Messenger
    2008-11-09 16:47 --------- d-----w c:\program files\FlashGet
    2008-11-09 14:26 --------- d-----w c:\program files\directx
    2008-11-05 15:50 22,328 -c--a-w c:\documents and settings\Administrateur\Application Data\PnkBstrK.sys
    2008-11-05 15:46 --------- d--h--w c:\program files\InstallShield Installation Information
    2008-11-05 07:17 --------- d-----w c:\documents and settings\Administrateur\Application Data\Apple Computer
    2008-11-04 22:05 --------- d-----w c:\program files\DivX
    2008-11-04 21:54 --------- d-----w c:\program files\Combined Community Codec Pack
    2008-11-04 09:56 --------- d-----w c:\program files\GRETECH
    2008-10-30 16:12 --------- d-----w c:\documents and settings\Administrateur\Application Data\Azureus
    2008-10-25 09:03 --------- d-----w c:\documents and settings\Administrateur\Application Data\OpenOffice.org2
    2008-10-24 17:43 --------- d-----w c:\program files\Google
    2008-10-20 01:30 --------- d-----w c:\program files\Steinberg
    2008-10-20 00:02 --------- d-----w c:\program files\Fichiers communs\Adobe
    2008-10-19 23:40 --------- d-----w c:\program files\eoRezo
    2008-10-08 12:35 --------- d-----w c:\program files\FLAC
    2008-10-02 11:06 --------- d-----w c:\program files\Windows Media Connect 2
    2008-10-01 16:08 --------- d-----w c:\program files\Windows Live
    2008-09-23 21:01 3,532 ----a-w C:\drmHeader.bin
    2008-08-20 17:35 453,152 ----a-w c:\windows\system32\nvusmb.exe
    2008-08-20 17:35 122,880 ----a-w c:\windows\system32\NVCOSMB.DLL
    2008-03-04 22:23 22,328 -c--a-w c:\documents and settings\P1\Application Data\PnkBstrK.sys
    .

    ------- Sigcheck -------

    2004-08-04 01:54 694784 f6ad4c0f992b3b51c044ad74d9e2e854 c:\windows\system32\wininet.dll
    2004-08-04 01:54 694784 f6ad4c0f992b3b51c044ad74d9e2e854 c:\windows\system32\dllcache\wininet.dll

    2004-08-18 10:22 359040 27a5959c94ee173a063ca06bd14f021a c:\windows\system32\drivers\tcpip.sys

    2004-08-22 23:35 978432 9f3b76c8cf787449a47f05abab4e13e6 c:\windows\explorer.exe
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
    "VX1000"="c:\windows\vVX1000.exe" [2006-06-30 707376]
    "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2006-06-30 269104]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
    "Dell Photo AIO Printer 922"="c:\program files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2005-04-22 290816]
    "DLBTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2004-11-09 69632]
    "!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
    "C-Media Mixer"="Mixer.exe" [2001-10-22 c:\windows\mixer.exe]
    "nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=iudtqz.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.divxa32"= msaud32_divx.acm

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\eMule\\emule.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
    "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
    "d:\\programme file\\Far Cry 2\\bin\\FarCry2.exe"=
    "d:\\programme file\\Far Cry 2\\bin\\FC2Launcher.exe"=
    "d:\\programme file\\Far Cry 2\\bin\\FC2Editor.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrB.exe"=
    "c:\\WINDOWS\\system32\\dlbtcoms.exe"=
    "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\DLBTPSWX.EXE"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "135:TCP"= 135:TCP:TCP Port 135
    "5000:TCP"= 5000:TCP:TCP Port 5000
    "5001:TCP"= 5001:TCP:TCP Port 5001
    "5002:TCP"= 5002:TCP:TCP Port 5002
    "5003:TCP"= 5003:TCP:TCP Port 5003
    "5004:TCP"= 5004:TCP:TCP Port 5004
    "5005:TCP"= 5005:TCP:TCP Port 5005
    "5006:TCP"= 5006:TCP:TCP Port 5006
    "5007:TCP"= 5007:TCP:TCP Port 5007
    "5008:TCP"= 5008:TCP:TCP Port 5008
    "5009:TCP"= 5009:TCP:TCP Port 5009
    "5010:TCP"= 5010:TCP:TCP Port 5010
    "5011:TCP"= 5011:TCP:TCP Port 5011
    "5012:TCP"= 5012:TCP:TCP Port 5012
    "5013:TCP"= 5013:TCP:TCP Port 5013
    "5014:TCP"= 5014:TCP:TCP Port 5014
    "5015:TCP"= 5015:TCP:TCP Port 5015
    "5016:TCP"= 5016:TCP:TCP Port 5016
    "5017:TCP"= 5017:TCP:TCP Port 5017
    "5018:TCP"= 5018:TCP:TCP Port 5018
    "5019:TCP"= 5019:TCP:TCP Port 5019
    "5020:TCP"= 5020:TCP:TCP Port 5020

    R0 nvgts;nvgts;c:\windows\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-19 78416]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R2 MSCamSvc;MSCamSvc;c:\program files\Microsoft LifeCam\MSCamSvc.exe [2006-06-30 187184]
    R3 VX1000;VX-1000;c:\windows\system32\DRIVERS\VX1000.sys [2006-06-30 1965872]
    S3 WN4501HLFZZ(Technology Corporation);802.11g Wireless USB Adapter(Technology Corporation);c:\windows\system32\DRIVERS\O4501U.sys [2005-06-01 408064]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    BHO-{040CEA2D-217A-4339-AC6E-6B55548D8531} - (no file)
    BHO-{44b14edf-f5ea-45fd-98c5-6d943cfce944} - c:\windows\system32\iudtqz.dll
    BHO-{9950772D-AF73-4AEA-80B6-C251EC40EA30} - (no file)
    HKCU-Run-sqgss - c:\documents and settings\administrateur.titanium\local settings\application data\sqgss.exe
    HKLM-Run-1c166a9b - c:\windows\system32\qrarjpnl.dll
    ShellExecuteHooks-{9950772D-AF73-4AEA-80B6-C251EC40EA30} - (no file)
    Notify-efcDUmJB - efcDUmJB.dll


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - c:\documents and settings\Administrateur.TITANIUM\Application Data\Mozilla\Firefox\Profiles\g4gjen4b.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/
    FF -: plugin - c:\program files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-15 15:22:11
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\windows\system32\rundll32.exe
    c:\program files\Dell Photo AIO Printer 922\dlbtbmon.exe
    c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    c:\windows\system32\nvsvc32.exe
    c:\windows\system32\PnkBstrA.exe
    c:\windows\system32\PnkBstrB.exe
    c:\program files\Alwil Software\Avast4\ashMaiSv.exe
    c:\windows\system32\wscntfy.exe
    c:\program files\Alwil Software\Avast4\ashWebSv.exe
    .
    **************************************************************************
    .
    Heure de fin: 2008-11-15 15:24:44 - La machine a redémarré
    ComboFix-quarantined-files.txt 2008-11-15 14:24:40

    Avant-CF: 10 026 467 328 octets libres
    Après-CF: 10,943,827,968 octets libres

    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /usepmtimer

    461
    Contenus similaires
    a b 8 Sécurité
    15 Novembre 2008 16:01:40

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    15 Novembre 2008 17:00:41

    je te remerci de me repondre aussi vite...
    ca fait plaisir !!!
    au fait, c est grave ?
    voilà le rapport de malwarebyte's

    Malwarebytes' Anti-Malware 1.30
    Version de la base de données: 1400
    Windows 5.1.2600 Service Pack 2

    15/11/2008 16:52:24
    mbam-log-2008-11-15 (16-52-24).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 141390
    Temps écoulé: 21 minute(s), 37 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 4
    Fichier(s) infecté(s): 16

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Documents and Settings\P1\Local Settings\Application Data\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\P1\Local Settings\Application Data\Live_TV\RadioPlayer (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\P1\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
    C:\Documents and Settings\P1\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Qoobox\Quarantine\C\WINDOWS\system32\cvoupmdj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\iudtqz.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\qrarjpnl.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{CC75C806-45B6-4550-A1A0-BC14AEAECFE0}\RP32\A0007570.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{CC75C806-45B6-4550-A1A0-BC14AEAECFE0}\RP32\A0007571.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{CC75C806-45B6-4550-A1A0-BC14AEAECFE0}\RP32\A0007572.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{CC75C806-45B6-4550-A1A0-BC14AEAECFE0}\RP32\A0007573.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{CC75C806-45B6-4550-A1A0-BC14AEAECFE0}\RP32\A0007575.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{CC75C806-45B6-4550-A1A0-BC14AEAECFE0}\RP32\A0007576.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{CC75C806-45B6-4550-A1A0-BC14AEAECFE0}\RP32\A0007577.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{CC75C806-45B6-4550-A1A0-BC14AEAECFE0}\RP32\A0007578.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{CC75C806-45B6-4550-A1A0-BC14AEAECFE0}\RP37\A0007906.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{CC75C806-45B6-4550-A1A0-BC14AEAECFE0}\RP37\A0007907.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{CC75C806-45B6-4550-A1A0-BC14AEAECFE0}\RP37\A0007909.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\P1\Local Settings\Application Data\Live_TV\Error.Log (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk (Rogue.Link) -> Quarantined and deleted successfully.
    a b 8 Sécurité
    15 Novembre 2008 18:32:52

    Refais un scan Combofix.
    15 Novembre 2008 19:00:46

    j ai refais le scan combofix, cidessous le rapport...

    ComboFix 08-11-13.02 - Administrateur 2008-11-15 18:51:36.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1599 [GMT 1:00]
    Lancé depuis: c:\documents and settings\Administrateur.TITANIUM\Local Settings\Temporary Internet Files\Content.IE5\MCO9WE92\ComboFix.exe
    * Un nouveau point de restauration a été créé
    .

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-15 au 2008-11-15 ))))))))))))))))))))))))))))))))))))
    .

    2008-11-15 16:11 . 2008-11-15 16:11 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
    2008-11-15 16:11 . 2008-11-15 16:11 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
    2008-11-15 16:11 . 2008-11-15 16:11 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Application Data\Malwarebytes
    2008-11-15 16:11 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
    2008-11-15 16:11 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
    2008-11-15 09:59 . 2008-11-15 09:59 <REP> d-------- c:\program files\Trend Micro
    2008-11-15 09:26 . 2008-11-15 09:27 33 --a------ c:\windows\CMSurround.ini
    2008-11-14 17:05 . 2008-11-14 17:05 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Grisoft
    2008-11-14 17:05 . 2008-11-14 17:05 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Application Data\Grisoft
    2008-11-14 17:05 . 2007-05-30 13:10 10,872 --a------ c:\windows\system32\drivers\AvgAsCln.sys
    2008-11-14 16:58 . 2008-11-14 17:04 <REP> d-------- c:\program files\Fighters
    2008-11-14 16:58 . 2008-11-14 16:58 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Fighters
    2008-11-14 16:52 . 2008-11-14 18:48 <REP> d-a------ c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
    2008-11-14 15:18 . 2008-11-14 15:19 <REP> d-------- c:\program files\Dell Photo AIO Printer 922
    2008-11-10 17:07 . 2004-08-03 23:08 26,496 --a--c--- c:\windows\system32\dllcache\usbstor.sys
    2008-11-10 09:09 . 2008-11-14 15:22 572 --a------ c:\windows\dellstat.ini
    2008-11-10 09:08 . 2001-08-23 17:47 87,040 --a------ c:\windows\system32\wiafbdrv.dll
    2008-11-10 09:08 . 2001-08-23 17:47 87,040 --a--c--- c:\windows\system32\dllcache\wiafbdrv.dll
    2008-11-10 09:08 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
    2008-11-10 09:08 . 2004-08-03 22:58 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
    2008-11-10 09:06 . 2008-11-14 16:28 <REP> d-------- c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}
    2008-11-10 09:06 . 2008-11-10 09:06 <REP> d-------- C:\Dell922
    2008-11-09 22:24 . 2008-11-09 22:24 <REP> dr-h----- c:\documents and settings\Administrateur.TITANIUM\Application Data\SecuROM
    2008-11-09 22:21 . 2008-11-15 11:40 107,888 --a------ c:\windows\system32\CmdLineExt.dll
    2008-11-09 22:18 . 2008-11-09 22:18 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
    2008-11-09 22:18 . 2008-11-09 22:18 22,328 --a------ c:\documents and settings\Administrateur.TITANIUM\Application Data\PnkBstrK.sys
    2008-11-09 22:17 . 2008-11-09 22:17 2,250,024 --a------ c:\windows\system32\pbsvc.exe
    2008-11-09 22:17 . 2008-11-09 22:18 107,832 --a------ c:\windows\system32\PnkBstrB.exe
    2008-11-09 22:17 . 2008-11-09 22:17 66,872 --a------ c:\windows\system32\PnkBstrA.exe
    2008-11-09 21:36 . 2008-11-09 21:36 <REP> d-------- c:\program files\VirtualDJ
    2008-11-09 21:25 . 2008-11-09 21:25 <REP> d-------- c:\program files\wmp 11
    2008-11-09 21:08 . 2008-11-09 21:08 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Application Data\OpenOffice.org
    2008-11-09 21:06 . 2008-11-09 21:06 <REP> d-------- c:\program files\OpenOffice.org 3
    2008-11-09 21:06 . 2008-11-09 21:06 <REP> d-------- c:\program files\JRE
    2008-11-09 21:06 . 2008-06-10 02:32 73,728 --a------ c:\windows\system32\javacpl.cpl
    2008-11-09 20:57 . 2008-11-09 20:57 45 ---h----- c:\windows\ddis2471.dat
    2008-11-09 20:56 . 2008-11-09 20:57 <REP> d-------- c:\program files\PhotoFiltre Studio
    2008-11-09 20:32 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll
    2008-11-09 20:19 . 2008-09-21 12:06 31,232 --a------ c:\windows\system\vdremote.dll
    2008-11-09 20:19 . 2008-09-21 12:06 25,088 --a------ c:\windows\system\vdsvrlnk.dll
    2008-11-09 20:12 . 2008-11-09 20:12 7,680 --ahs---- c:\windows\Thumbs.db
    2008-11-09 20:12 . 2008-11-10 13:32 116 --a------ c:\windows\NeroDigital.ini
    2008-11-09 20:10 . 2008-11-15 09:24 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Application Data\uTorrent
    2008-11-09 20:00 . 2008-11-09 20:00 0 --a------ c:\windows\nsreg.dat
    2008-11-09 19:51 . 2008-11-09 19:58 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Contacts
    2008-11-09 19:43 . 2008-11-15 09:35 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\WLInstaller
    2008-11-09 19:34 . 2007-07-30 19:19 43,352 --a------ c:\windows\system32\wups2.dll
    2008-11-09 19:34 . 2007-07-30 19:19 38,232 --a------ c:\windows\system32\wucltui.dll.mui
    2008-11-09 19:34 . 2007-07-30 19:20 30,040 --a------ c:\windows\system32\wuaucpl.cpl.mui
    2008-11-09 19:34 . 2007-07-30 19:19 30,040 --a------ c:\windows\system32\wuapi.dll.mui
    2008-11-09 19:34 . 2007-07-30 19:18 21,336 --a------ c:\windows\system32\wuaueng.dll.mui
    2008-11-09 19:33 . 2008-11-09 19:33 <REP> d---s---- c:\documents and settings\Administrateur.TITANIUM\UserData
    2008-11-09 19:29 . 2008-11-09 19:29 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\GRETECH
    2008-11-09 19:29 . 2008-11-09 19:29 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Application Data\GRETECH
    2008-11-09 19:20 . 2008-11-09 19:20 <REP> d-------- c:\documents and settings\Administrateur.TITANIUM\Application Data\AdobeUM
    2008-11-09 19:09 . 2008-11-09 19:10 242 --a------ c:\windows\BricoPackFoldersDelete.cmd
    2008-11-09 18:58 . 2008-11-09 19:10 2,359,350 --a------ c:\windows\BricoPack Wallpaper.bmp
    2008-11-09 18:58 . 2008-11-09 19:10 64,610 --a------ c:\windows\BricoPackUninst.cmd
    2008-11-09 18:42 . 2008-07-29 13:33 446,464 --a------ c:\windows\system32\nvunrm.exe
    2008-11-09 18:42 . 2008-07-29 13:30 6,045 --a------ c:\windows\system32\nvnrm.nvu
    2008-11-09 18:42 . 2008-07-08 01:45 4,984 --a------ c:\windows\system32\drivers\nvphy.bin
    2008-11-09 18:32 . 2008-10-07 13:33 201,157 --a------ c:\windows\system32\nvapps.nvb
    2008-11-09 18:32 . 2008-07-10 04:07 7,143 --a------ c:\windows\system32\nvide.nvu
    2008-11-09 18:21 . 2008-11-09 18:21 <REP> d-------- c:\documents and settings\ADMINI~1~TIT\LOCALS~1
    2008-11-09 18:21 . 2008-11-09 18:21 <REP> d-------- c:\documents and settings\ADMINI~1~TIT
    2008-11-09 18:14 . 2008-10-07 13:33 453,152 --a------ c:\windows\system32\nvudisp.exe
    2008-11-09 18:14 . 2008-11-15 16:56 195,368 --a------ c:\windows\system32\nvapps.xml
    2008-11-09 18:14 . 2008-10-07 13:33 18,477 --a------ c:\windows\system32\nvdisp.nvu
    2008-11-09 18:13 . 2008-10-02 10:07 453,152 --a------ c:\windows\system32\NVUNINST.EXE
    2008-11-09 18:06 . 2008-11-09 18:06 <REP> d-------- c:\program files\PCI Audio Applications
    2008-11-09 18:06 . 1998-11-13 13:16 308,224 --a------ c:\windows\IsUn040c.exe
    2008-11-09 18:06 . 2001-09-28 04:20 73,728 --------- c:\windows\system\CMedia.dll
    2008-11-09 18:06 . 2004-08-03 23:08 10,624 --a------ c:\windows\system32\drivers\gameenum.sys
    2008-11-09 18:06 . 2004-08-03 23:08 10,624 --a--c--- c:\windows\system32\dllcache\gameenum.sys
    2008-11-09 18:06 . 2008-11-09 18:16 4,346 --a------ c:\windows\mixerdef.ini
    2008-11-09 18:05 . 2008-11-09 18:05 <REP> d-------- c:\program files\C-Media
    2008-11-09 18:05 . 2008-11-09 18:05 <REP> d-------- C:\CMP-SOUNDCARD20_XP_NT_DRIVER
    2008-11-09 18:05 . 2001-10-22 11:24 1,216,512 --a------ c:\windows\mixer.exe
    2008-11-09 18:05 . 2001-01-11 08:02 794,624 --a--c--- c:\windows\system32\dllcache\a3d.dll
    2008-11-09 18:05 . 2001-01-11 08:02 794,624 --a------ c:\windows\system32\Audio3D.dll
    2008-11-09 18:05 . 2001-01-11 08:02 794,624 --a------ c:\windows\system32\a3d.dll
    2008-11-09 18:05 . 2000-10-20 12:28 765,952 --a------ c:\windows\system\crlds3d.dll
    2008-11-09 18:05 . 2001-10-30 13:01 280,782 --a------ c:\windows\system32\drivers\cmaudio.sys
    2008-11-09 18:05 . 2001-10-22 11:01 122,880 --a------ c:\windows\cmuninst.exe
    2008-11-09 18:05 . 2001-10-22 11:02 122,880 --a------ c:\windows\cmuninst.dat
    2008-11-09 18:05 . 2001-10-16 11:00 28,672 --a------ c:\windows\system32\cmnprop.dll
    2008-11-09 18:05 . 2008-11-09 18:16 171 --a------ c:\windows\CMISETUP.INI
    2008-11-09 18:05 . 2008-11-09 18:16 26 --a------ c:\windows\CMCDPLAY.INI
    2008-11-09 18:02 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
    2008-11-09 17:59 . 2006-10-16 16:10 23,856 --a------ c:\windows\system32\spupdsvc.exe
    2008-11-09 17:56 . 2007-07-19 18:14 3,727,720 --a------ c:\windows\system32\d3dx9_35.dll
    2008-11-09 17:56 . 2008-11-09 17:56 664 --a------ c:\windows\system32\d3d9caps.dat
    2008-11-09 17:53 . 2008-11-15 09:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\ma-config.com
    2008-11-09 17:28 . 2004-08-03 23:15 145,792 --a------ c:\windows\system32\drivers\portcls.sys
    2008-11-09 17:28 . 2004-08-03 23:15 145,792 --a--c--- c:\windows\system32\dllcache\portcls.sys
    2008-11-09 17:28 . 2004-08-04 00:55 130,048 --a------ c:\windows\system32\ksproxy.ax
    2008-11-09 17:28 . 2004-08-04 00:55 130,048 --a--c--- c:\windows\system32\dllcache\ksproxy.ax
    2008-11-09 17:28 . 2004-08-04 01:54 77,312 --a------ c:\windows\system32\usbui.dll
    2008-11-09 17:28 . 2004-08-03 23:08 60,288 --a------ c:\windows\system32\drivers\drmk.sys
    2008-11-09 17:28 . 2004-08-03 23:08 60,288 --a--c--- c:\windows\system32\dllcache\drmk.sys
    2008-11-09 17:28 . 2004-08-04 01:39 58,496 --a------ c:\windows\system32\drivers\redbook.sys
    2008-11-09 17:28 . 2001-08-17 22:46 6,400 --a------ c:\windows\system32\drivers\enum1394.sys
    2008-11-09 17:28 . 2004-08-04 00:54 4,096 --a------ c:\windows\system32\ksuser.dll
    2008-11-09 17:28 . 2004-08-04 00:54 4,096 --a--c--- c:\windows\system32\dllcache\ksuser.dll
    2008-11-09 17:28 . 2001-08-17 23:00 2,944 --a------ c:\windows\system32\drivers\msmpu401.sys
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d--h----- c:\documents and settings\Default User.WINDOWS\Voisinage réseau
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d--h----- c:\documents and settings\Default User.WINDOWS\Voisinage d'impression
    2008-11-09 17:25 . 2008-11-09 16:30 <REP> d--h----- c:\documents and settings\Default User.WINDOWS\Modèles
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d-------- c:\documents and settings\Default User.WINDOWS\Mes documents
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> dr------- c:\documents and settings\Default User.WINDOWS\Menu Démarrer
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d-------- c:\documents and settings\Default User.WINDOWS\Favoris
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d-------- c:\documents and settings\Default User.WINDOWS\Bureau
    2008-11-09 17:25 . 2008-11-09 16:34 <REP> d--h----- c:\documents and settings\Default User.WINDOWS
    2008-11-09 17:25 . 2008-11-09 21:07 <REP> d--h----- c:\documents and settings\All Users.WINDOWS\Modèles
    2008-11-09 17:25 . 2008-11-09 16:36 <REP> dr------- c:\documents and settings\All Users.WINDOWS\Menu Démarrer
    2008-11-09 17:25 . 2008-11-09 17:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Favoris
    2008-11-09 17:25 . 2008-11-09 16:31 <REP> dr------- c:\documents and settings\All Users.WINDOWS\Documents
    2008-11-09 17:25 . 2008-11-15 16:11 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Bureau
    2008-11-09 17:24 . 2008-11-09 16:36 1,340 --a------ c:\windows\system32\$winnt$.inf
    2008-11-09 16:54 . 2005-06-01 05:04 408,064 -ra------ c:\windows\system32\drivers\O4501U.sys
    2008-11-09 16:43 . 2004-08-05 13:00 221,184 --a------ c:\windows\system32\wmpns.dll
    2008-11-09 16:42 . 2008-11-09 16:42 <REP> d-------- c:\program files\Satsuki Decodeur Pack
    2008-11-09 16:42 . 2008-11-09 16:42 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\DVD Shrink
    2008-11-09 16:41 . 2004-08-23 15:38 <REP> d-------- c:\program files\WINAMP
    2008-11-09 16:41 . 2004-03-03 20:30 125,184 --------- c:\windows\system32\drivers\imagesrv.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-11-15 08:25 --------- d-----w c:\program files\ma-config.com
    2008-11-14 18:47 --------- d-----w c:\program files\eMule
    2008-11-14 17:52 --------- d-----w c:\program files\dl_Cats
    2008-11-09 20:06 --------- d-----w c:\program files\Java
    2008-11-09 19:52 --------- d-----w c:\program files\Azureus
    2008-11-09 19:50 --------- d-----w c:\program files\Microsoft LifeCam
    2008-11-09 19:28 --------- d-----w c:\program files\VideoCap
    2008-11-09 19:24 --------- d-----w c:\program files\CamStudio
    2008-11-09 17:58 219,648 ----a-w c:\windows\system32\uxtheme.dll
    2008-11-09 17:49 --------- d-----w c:\program files\MSN Messenger
    2008-11-09 16:47 --------- d-----w c:\program files\FlashGet
    2008-11-09 14:26 --------- d-----w c:\program files\directx
    2008-11-05 15:50 22,328 -c--a-w c:\documents and settings\Administrateur\Application Data\PnkBstrK.sys
    2008-11-05 15:46 --------- d--h--w c:\program files\InstallShield Installation Information
    2008-11-05 07:17 --------- d-----w c:\documents and settings\Administrateur\Application Data\Apple Computer
    2008-11-04 22:05 --------- d-----w c:\program files\DivX
    2008-11-04 21:54 --------- d-----w c:\program files\Combined Community Codec Pack
    2008-11-04 09:56 --------- d-----w c:\program files\GRETECH
    2008-10-30 16:12 --------- d-----w c:\documents and settings\Administrateur\Application Data\Azureus
    2008-10-25 09:03 --------- d-----w c:\documents and settings\Administrateur\Application Data\OpenOffice.org2
    2008-10-24 17:43 --------- d-----w c:\program files\Google
    2008-10-20 01:30 --------- d-----w c:\program files\Steinberg
    2008-10-20 00:02 --------- d-----w c:\program files\Fichiers communs\Adobe
    2008-10-19 23:40 --------- d-----w c:\program files\eoRezo
    2008-10-08 12:35 --------- d-----w c:\program files\FLAC
    2008-10-02 11:06 --------- d-----w c:\program files\Windows Media Connect 2
    2008-10-01 16:08 --------- d-----w c:\program files\Windows Live
    2008-09-23 21:01 3,532 ----a-w C:\drmHeader.bin
    2008-08-20 17:35 453,152 ----a-w c:\windows\system32\nvusmb.exe
    2008-08-20 17:35 122,880 ----a-w c:\windows\system32\NVCOSMB.DLL
    2008-03-04 22:23 22,328 -c--a-w c:\documents and settings\P1\Application Data\PnkBstrK.sys
    .

    ((((((((((((((((((((((((((((( snapshot@2008-11-15_15.24.18.60 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-11-15 15:56:10 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_60c.dat
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
    "VX1000"="c:\windows\vVX1000.exe" [2006-06-30 707376]
    "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2006-06-30 269104]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
    "Dell Photo AIO Printer 922"="c:\program files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2005-04-22 290816]
    "DLBTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2004-11-09 69632]
    "!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
    "C-Media Mixer"="Mixer.exe" [2001-10-22 c:\windows\mixer.exe]
    "nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=iudtqz.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.divxa32"= msaud32_divx.acm

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\eMule\\emule.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
    "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
    "d:\\programme file\\Far Cry 2\\bin\\FarCry2.exe"=
    "d:\\programme file\\Far Cry 2\\bin\\FC2Launcher.exe"=
    "d:\\programme file\\Far Cry 2\\bin\\FC2Editor.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrB.exe"=
    "c:\\WINDOWS\\system32\\dlbtcoms.exe"=
    "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\DLBTPSWX.EXE"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "135:TCP"= 135:TCP:TCP Port 135
    "5000:TCP"= 5000:TCP:TCP Port 5000
    "5001:TCP"= 5001:TCP:TCP Port 5001
    "5002:TCP"= 5002:TCP:TCP Port 5002
    "5003:TCP"= 5003:TCP:TCP Port 5003
    "5004:TCP"= 5004:TCP:TCP Port 5004
    "5005:TCP"= 5005:TCP:TCP Port 5005
    "5006:TCP"= 5006:TCP:TCP Port 5006
    "5007:TCP"= 5007:TCP:TCP Port 5007
    "5008:TCP"= 5008:TCP:TCP Port 5008
    "5009:TCP"= 5009:TCP:TCP Port 5009
    "5010:TCP"= 5010:TCP:TCP Port 5010
    "5011:TCP"= 5011:TCP:TCP Port 5011
    "5012:TCP"= 5012:TCP:TCP Port 5012
    "5013:TCP"= 5013:TCP:TCP Port 5013
    "5014:TCP"= 5014:TCP:TCP Port 5014
    "5015:TCP"= 5015:TCP:TCP Port 5015
    "5016:TCP"= 5016:TCP:TCP Port 5016
    "5017:TCP"= 5017:TCP:TCP Port 5017
    "5018:TCP"= 5018:TCP:TCP Port 5018
    "5019:TCP"= 5019:TCP:TCP Port 5019
    "5020:TCP"= 5020:TCP:TCP Port 5020

    R0 nvgts;nvgts;c:\windows\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-09 78416]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-09 20560]
    R2 MSCamSvc;MSCamSvc;"c:\program files\Microsoft LifeCam\MSCamSvc.exe" [2006-06-30 187184]
    R3 VX1000;VX-1000;c:\windows\system32\DRIVERS\VX1000.sys [2008-11-09 1965872]
    S3 WN4501HLFZZ(Technology Corporation);802.11g Wireless USB Adapter(Technology Corporation);c:\windows\system32\DRIVERS\O4501U.sys [2008-11-09 408064]
    .
    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - c:\documents and settings\Administrateur.TITANIUM\Application Data\Mozilla\Firefox\Profiles\g4gjen4b.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/
    FF -: plugin - c:\program files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-15 18:53:31
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-11-15 18:54:16
    ComboFix-quarantined-files.txt 2008-11-15 17:54:13

    Avant-CF: 10 979 926 016 octets libres
    Après-CF: 10,971,234,304 octets libres

    261
    a b 8 Sécurité
    16 Novembre 2008 16:43:45

    Ton pc se comporte mieux ?
    16 Novembre 2008 18:09:08

    oh oui, tout va bien, plus de fenetre qui s ouvre a tout va !
    je te remercie beaucoup....
    a b 8 Sécurité
    16 Novembre 2008 18:26:04

    Bon surf.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS