Se connecter / S'enregistrer
Votre question

bonjour, je recoit des pubs intempestives...

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Août 2007 21:25:23

bonjour,
Voila je recois des pubs intenpestives, qui passent à travers les anti pop up... et ca fait lagger mon pc...

voila le rapport hisjackthis:


Logfile of HijackThis v1.99.1
Scan saved at 21:21:53, on 20/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\MAXIME.GOMEZ\Mes documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zybwrvuzdtyqvlwqjdlt.com/PDXq1CiEt9k64_pEN4Y...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetelportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Safe Spam.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Stupidfind] C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\UPCORN~1\Bore Chin.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by127fd.bay127.hotmail.msn.com/activex/HMAtchmt....
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://fr.errorsafe.com/pages/scanner_fr/ErrorSafeScann...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe



Merci!

Autres pages sur : bonjour recoit pubs intempestives

a b 8 Sécurité
20 Août 2007 21:25:51

Bonjour,

Télécharge LopResearch.zip
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier LopResearch puis double-clique sur le Scan.bat.
Un rapport sera généré, poste son contenu ici.
20 Août 2007 21:30:55

c'est fait chef!



Rapport fait à 21:30:04,84 le 20/08/2007

Le volume dans le lecteur C s'appelle HP_PAVILION
Le num‚ro de s‚rie du volume est 00AE-96FB

R‚pertoire de C:\Documents and Settings\Administrateur\Application Data

18/10/2006 19:36 62 desktop.ini
18/10/2006 19:36 <REP> Apple Computer
18/10/2006 19:36 <REP> Identities
18/10/2006 19:36 <REP> Intervideo
18/10/2006 19:36 <REP> SampleView
18/10/2006 19:36 <REP> Microsoft
18/10/2006 19:36 <REP> Sun
18/10/2006 19:36 <REP> Symantec
18/10/2006 19:36 <REP> .
18/10/2006 19:36 <REP> ..
1 fichier(s) 62 octets
9 R‚p(s) 19526516736 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le num‚ro de s‚rie du volume est 00AE-96FB

R‚pertoire de C:\Documents and Settings\All Users\Application Data

03/08/2007 13:20 <REP> settings blue film frag
03/08/2007 13:20 <REP> Frag great bend logo
25/07/2007 10:42 <REP> PlayFirst
19/07/2007 22:53 <REP> PC Suite
19/07/2007 22:52 <REP> Downloaded Installations
26/06/2007 17:35 <REP> Microsoft Help
03/01/2007 18:29 <REP> Zylom
15/10/2006 14:18 <REP> Spybot - Search & Destroy
04/10/2006 20:18 <REP> Google
31/05/2006 15:26 <REP> UDL
27/10/2005 20:06 <REP> Windows Genuine Advantage
06/04/2005 19:44 <REP> Messenger Plus!
06/04/2005 19:40 <REP> WARN STUPID EACH STOP
27/12/2004 14:53 <REP> Viewpoint
27/12/2004 14:51 <REP> AOL
24/11/2004 01:56 <REP> ..
24/11/2004 01:56 <REP> .
01/01/2004 22:04 <REP> Symantec
01/01/2004 18:57 <REP> Motive
01/01/2004 18:44 <REP> QuickTime
01/01/2004 18:44 <REP> Apple Computer
01/01/2004 18:39 <REP> Adobe
01/01/2004 18:36 <REP> InterVideo
01/01/2004 16:51 <REP> Hewlett-Packard
01/01/2004 16:41 1410 hpzinstall.log
01/01/2004 15:59 62 desktop.ini
01/01/2004 15:59 <REP> Microsoft
01/01/2004 15:11 <REP> SBSI
2 fichier(s) 1472 octets
26 R‚p(s) 19526512640 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le num‚ro de s‚rie du volume est 00AE-96FB

R‚pertoire de C:\Documents and Settings\Default User\Application Data

27/12/2004 14:28 <REP> SampleView
27/12/2004 14:28 <REP> Apple Computer
27/12/2004 14:28 <REP> Intervideo
27/12/2004 14:28 <REP> Sun
27/12/2004 14:28 <REP> Symantec
24/11/2004 01:57 <REP> ..
24/11/2004 01:57 <REP> .
01/01/2004 15:59 62 desktop.ini
01/01/2004 15:59 <REP> Microsoft
01/01/2004 15:06 <REP> Identities
1 fichier(s) 62 octets
9 R‚p(s) 19526512640 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le num‚ro de s‚rie du volume est 00AE-96FB

R‚pertoire de C:\Documents and Settings\HP_PropriǸtaire\Application Data

21/12/2005 19:06 <REP> ..
21/12/2005 19:06 <REP> Macromedia
21/12/2005 19:06 <REP> .
0 fichier(s) 0 octets
3 R‚p(s) 19526512640 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le num‚ro de s‚rie du volume est 00AE-96FB

R‚pertoire de C:\Documents and Settings\HP_Propri‚taire\Application Data

25/07/2007 10:42 <REP> PlayFirst
21/07/2007 21:57 <REP> iWin
20/07/2007 08:44 <REP> PC Suite
07/03/2007 16:36 <REP> Gaijin Ent
22/01/2007 13:05 <REP> Mozilla
03/01/2007 18:29 <REP> Zylom
29/10/2006 10:36 <REP> Google
11/03/2006 17:33 <REP> MSNInstaller
05/01/2006 12:43 <REP> Help
31/10/2005 19:13 <REP> EA
07/09/2005 15:22 <REP> Sonic
07/09/2005 15:21 <REP> Leadertech
17/08/2005 22:38 <REP> Wildfire
17/08/2005 22:27 <REP> ArcSoft
16/08/2005 10:43 <REP> Up corn
24/06/2005 00:14 62 desktop.ini
24/06/2005 00:13 <REP> Apple Computer
24/06/2005 00:13 <REP> Identities
24/06/2005 00:13 <REP> Intervideo
24/06/2005 00:13 <REP> SampleView
24/06/2005 00:13 <REP> Microsoft
24/06/2005 00:13 <REP> ..
24/06/2005 00:13 <REP> .
24/06/2005 00:13 <REP> Sun
24/06/2005 00:13 <REP> Symantec
24/03/2005 09:38 <REP> ubi.com
09/03/2005 18:52 <REP> Motive
27/01/2005 21:40 <REP> AdobeUM
27/01/2005 21:40 <REP> Adobe
21/01/2005 15:39 <REP> Template
27/12/2004 15:01 <REP> Macromedia
27/12/2004 14:54 <REP> AOL
27/12/2004 14:53 <REP> You've Got Pictures Screensaver
1 fichier(s) 62 octets
32 R‚p(s) 19526508544 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le num‚ro de s‚rie du volume est 00AE-96FB

R‚pertoire de C:\Documents and Settings\MAXIME

Le volume dans le lecteur C s'appelle HP_PAVILION
Le num‚ro de s‚rie du volume est 00AE-96FB

R‚pertoire de C:\Documents and Settings\MAXIME.GOMEZ\Application Data

19/07/2007 23:05 <REP> Datalayer
19/07/2007 23:05 <REP> Nokia Multimedia Player
19/07/2007 23:04 59982 NMM-MetaData.db
19/07/2007 22:56 <REP> Nokia
19/07/2007 22:53 <REP> PC Suite
29/03/2007 19:29 <REP> Musicmatch
14/03/2007 19:23 <REP> Screenshot Sender
07/03/2007 18:18 <REP> Xfire
07/03/2007 18:09 <REP> InstallShield
25/12/2006 03:49 <REP> LALY2213
04/11/2006 17:34 <REP> Help
23/10/2006 13:45 <REP> Smart Panel
18/10/2006 19:22 98 Sskuknwrd.dll
18/10/2006 19:16 566229 Sskknwrd.dll
27/09/2006 18:29 <REP> Google
25/09/2006 18:15 <REP> Mozilla
16/09/2006 12:41 <REP> AOL
16/08/2006 19:47 <REP> teamspeak2
20/05/2006 11:48 <REP> Okay Thunk
18/09/2005 00:08 <REP> Sonic
18/09/2005 00:08 <REP> Leadertech
31/07/2005 19:01 <REP> La Bataille pour la Terre du Milieu
02/07/2005 02:07 <REP> ArcSoft
30/06/2005 19:31 <REP> AdobeUM
30/06/2005 19:30 <REP> Adobe
29/06/2005 22:20 <REP> Up corn
25/06/2005 22:46 <REP> Template
24/06/2005 00:47 <REP> Macromedia
24/06/2005 00:21 62 desktop.ini
24/06/2005 00:21 <REP> Identities
24/06/2005 00:21 <REP> Apple Computer
24/06/2005 00:21 <REP> Intervideo
24/06/2005 00:21 <REP> Microsoft
24/06/2005 00:21 <REP> SampleView
24/06/2005 00:21 <REP> ..
24/06/2005 00:21 <REP> Sun
24/06/2005 00:21 <REP> .
24/06/2005 00:21 <REP> Symantec
4 fichier(s) 626371 octets
34 R‚p(s) 19526508544 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le num‚ro de s‚rie du volume est 00AE-96FB

R‚pertoire de C:\Documents and Settings\MAXIME~1~GOM

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C s'appelle HP_PAVILION
Le num‚ro de s‚rie du volume est 00AE-96FB

R‚pertoire de C:\WINDOWS\Tasks

03/08/2007 13:21 304 A9D3D4B891BC4BB8.job
05/07/2007 15:48 274 Connexion facile … Internet.job
28/12/2004 17:23 568 Norton AntiVirus - Analyser mon ordinateur - MAXIME.job
01/01/2004 22:53 65 desktop.ini
01/01/2004 22:05 426 Symantec NetDetect.job
01/01/2004 15:08 6 SA.DAT
01/01/2004 15:04 <REP> ..
01/01/2004 15:04 <REP> .
6 fichier(s) 1ÿ643 octets
2 R‚p(s) 19ÿ526ÿ504ÿ448 octets libres

******************************************
Listing des dossiers dans C:\Program Files

a2
a2 Free
Adobe
Adverts
Alcatel
AOL 9.0
AOL Toolbar
ArcSoft
Ascaron Entertainment
ATI Technologies
AtomixMP3
AvantGo Connect
BearShare
BoontyGames
Broderbund
Buzz
Cegetel
Common Files
ComPlus Applications
Cossacks
Croteam
DIFX
Digital Reality
directx
DivX
Doom 3
EA GAMES
Easy Internet signup
EasyPHP1-8
eMule
Enlight
EPSON
Fichiers communs
FileZilla
Fox
GameHouse
Gamenext
GameSpy Arcade
GIMP-2.0
Google
Grisoft
Help and Support Additions
Hewlett-Packard
HP
Image-Line
Infogrames
Internet Explorer
InterVideo
iPod
iTunes
Java
Jeskola Buzz
Learn2.com
Messenger
Messenger Plus! 3
Messenger Plus! Live
MessengerPlus! 3
Microsoft ActiveSync
Microsoft CAPICOM 2.1.0.2
microsoft frontpage
Microsoft FrontPage Express
Microsoft Office
Microsoft R‚f‚rence
Microsoft Visual Studio
Microsoft Visual Studio 8
Microsoft Works
Microsoft.NET
Movie Maker
Mozilla Firefox
MSBuild
MSN
MSN Gaming Zone
MSN Messenger
MSXML 4.0
MUSICMATCH
NetMeeting
Nokia
Norton AntiVirus
Norton Personal Firewall
Nullsoft
Online Services
Outlook Express
PC-Doctor for Windows
PHILIPS
PhotoFiltre
QuickTime
QuickZip
Real
Red Storm Entertainment
RngInterstitial.dll
Rockstar Games
Save
Services en ligne
Sierra On-Line
SinEspias
SiS VGA Utilities V3.59e
Smart Panel
Sonic
Sonic RecordNow!
SpeedSim
Spybot - Search & Destroy
SPYC@M 100
Symantec
SymNetDrv
Take2
TechCity Solutions
THQ
Trust
ubi.com
Ubisoft
Unreal2
Up corn
ViaMichelin
Viewpoint
VstPlugins
WildTangent
Winamp
Windows Journal Viewer
Windows Live
Windows Media Connect 2
Windows Media Player
Windows NT
WinRAR
Wolfenstein - Enemy Territory
Xdgcvn
xerox
Yahoo!
Zylom Games
******************************************
Recherche des dossiers/fichiers LOP

C:\Program Files\Adverts Présent !
C:\WINDOWS\tasks\A9D3D4B891BC4BB8.job Présent !
******************************************
Recherche d'infections connues

Pas d'infection reconnue
******************************************
Vérification du fichier HOSTS

Fichier Hosts : MODIFIE
*************** Fin du Rapport - Version 0.9 ****************
Contenus similaires
a b 8 Sécurité
20 Août 2007 21:31:56

Re,

Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
20 Août 2007 21:36:12

20/08/2007 a 21:35:24,92

*** Recherche des fichiers dans C:
C:\keyboard*.exe FOUND
C:\mousepad*.exe FOUND
C:\newname*.exe FOUND
C:\VSL02.exe FOUND

*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\ALCXMNTR.EXE FOUND
C:\WINDOWS\keyboard*.dat FOUND
C:\WINDOWS\keyboard*.exe FOUND
C:\WINDOWS\mousepad*.exe FOUND
C:\WINDOWS\newname*.exe FOUND

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\System32\regedit.com FOUND
C:\WINDOWS\System32\cmd.com FOUND
C:\WINDOWS\System32\tasklist.com FOUND
C:\WINDOWS\System32\taskkill.com FOUND
C:\WINDOWS\System32\tracert.com FOUND
C:\WINDOWS\System32\ping.com FOUND
C:\WINDOWS\System32\netstat.com FOUND
C:\WINDOWS\system32\winlog.exe FOUND
C:\WINDOWS\system32\bszip.dll FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.2" FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Adverts\" FOUND
"C:\Program Files\GameHouse\" FOUND
"C:\Program Files\outlook\" FOUND
"C:\Program Files\Save\" FOUND
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !


voili voilou...
a b 8 Sécurité
20 Août 2007 21:40:18

On fait un petit ménage avant tout ^^

Redémarre en mode sans échec

Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.

Redémarre normalement.

Poste le rapport clean : C:\rapport_clean.txt

&

  • Télécharge combofix.exe (par sUBs) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    20 Août 2007 22:45:04

    Script execute en mode sans echec
    Rapport clean par Malekal_morte - http://www.malekal.com
    Script execute en mode sans echec 20/08/2007 a 21:58:34,62

    Microsoft Windows XP [version 5.1.2600]

    *** Suppression des fichiers dans C:




    le rapport combofix:

    ComboFix 07-08-17.2 - "MAXIME" 2007-08-20 22:10:27.1 - NTFSx86
    Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.109 [GMT 2:00]
    * Created a new restore point


    (((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))
    C:\WINDOWS\system32\EFDCINST.DLL
    C:\WINDOWS\system32\WQNG32.DLL


    Granting SeDebugPrivilege to Administrateurs ... successful


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1.\macromedia\Flash Player\#SharedObjects\PBVGCU5W\iforex.com
    C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1.\macromedia\Flash Player\#SharedObjects\PBVGCU5W\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
    C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
    C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol
    C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Sskknwrd.dll
    C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Sskuknwrd.dll
    C:\mousepad17.exe
    C:\newname17.exe
    C:\WINDOWS\keyboard17.exe
    C:\WINDOWS\keyboard171.dat
    C:\WINDOWS\mousepad17.exe
    C:\WINDOWS\newname17.exe
    C:\WINDOWS\system32\bszip.dll
    C:\WINDOWS\system32\cmd.com
    C:\WINDOWS\system32\netstat.com
    C:\WINDOWS\system32\ping.com
    C:\WINDOWS\system32\regedit.com
    C:\WINDOWS\system32\setup.exe.tmp
    C:\WINDOWS\system32\taskkill.com
    C:\WINDOWS\system32\tasklist.com
    C:\WINDOWS\system32\tracert.com
    C:\WINDOWS\system32\winlog.exe
    C:\WINDOWS\TmFkaW5lIEdvbWV6\asappsrv.dll
    C:\WINDOWS\TmFkaW5lIEdvbWV6\command.exe
    D:\Autorun.inf


    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


    -------\LEGACY_CMDSERVICE
    -------\LEGACY_NETWORK_MONITOR
    -------\cmdService


    ((((((((((((((((((((((((( Files Created from 2007-07-20 to 2007-08-20 )))))))))))))))))))))))))))))))


    2007-08-20 22:09 51,200 --a------ C:\WINDOWS\nircmd.exe
    2007-08-04 22:50 <REP> d-------- C:\DOCUME~1\MAXIME~1.GOM\OngameNetwork
    2007-08-03 13:20 <REP> d-------- C:\Program Files\Up corn
    2007-08-03 13:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\settings blue film frag
    2007-08-03 13:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
    2007-07-25 10:42 <REP> d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\PlayFirst
    2007-07-25 10:42 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    2007-07-21 22:10 <REP> d-------- C:\DOCUME~1\HP_PRO~1\Saved Games
    2007-07-21 21:57 <REP> d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\iWin
    2007-07-20 08:44 <REP> d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\PC Suite


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-08-20 08:12 --------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
    2007-08-04 22:34 --------- d-------- C:\Program Files\eMule
    2007-07-23 15:12 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Nokia Multimedia Player
    2007-07-23 12:54 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\AdobeUM
    2007-07-21 21:58 --------- d-------- C:\Program Files\Zylom Games
    2007-07-19 23:05 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Nokia
    2007-07-19 23:05 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Datalayer
    2007-07-19 22:54 --------- d-------- C:\Program Files\Nokia
    2007-07-19 22:54 --------- d-------- C:\Program Files\Fichiers communs\PCSuite
    2007-07-19 22:54 --------- d-------- C:\Program Files\Fichiers communs\Nokia
    2007-07-19 22:54 --------- d-------- C:\Program Files\DIFX
    2007-07-19 22:53 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\PC Suite
    2007-07-06 23:41 --------- d-------- C:\Program Files\VstPlugins
    2007-07-06 23:41 --------- d-------- C:\Program Files\Image-Line
    2007-07-06 23:18 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-07-05 15:48 --------- d-------- C:\Program Files\Easy Internet signup
    2007-07-02 00:13 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Screenshot Sender
    2007-06-27 03:09 --------- d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-06-26 18:01 --------- d-------- C:\Program Files\MSBuild
    2007-06-26 18:01 --------- d-------- C:\Program Files\Microsoft Works
    2007-06-26 18:00 --------- d-------- C:\Program Files\Microsoft.NET
    2007-06-26 17:57 --------- d-------- C:\Program Files\Microsoft Visual Studio 8
    2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
    2007-06-25 18:59 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Google
    2007-06-25 18:57 --------- d-------- C:\Program Files\Google
    2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
    2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
    2006-04-22 12:03 774144 --a------ C:\Program Files\RngInterstitial.dll
    2004-12-27 22:17:16 0 --sha-w C:\WINDOWS\SMINST\HPCD.sys
    2005-07-29 14:24:26 472 --sha-r C:\WINDOWS\TmFkaW5lIEdvbWV6\nAI4uqc5KHxSvqpd.vbs


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 21:02]
    "SpeedTouch USB Diagnostics"="C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-06-06 11:15]
    "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-02-03 17:36]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-01-01 18:45]
    "PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 12:36]
    "bend logo clock film"="C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Safe Spam.exe" [2007-08-20 22:35]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-10-05 16:22]
    "Configuration de la C-BOX"="C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe" [2004-12-21 19:17]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-29 00:01]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2005-01-19 15:18]
    "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 16:21]
    "Stupidfind"="C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\UPCORN~1\Bore Chin.exe" [2007-08-03 13:20]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-29 06:31:38]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AOL Tray Icon.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AOL Tray Icon.lnk
    backup=C:\WINDOWS\pss\AOL Tray Icon.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^E_SPSU01.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\E_SPSU01.lnk
    backup=C:\WINDOWS\pss\E_SPSU01.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
    AGRSMMSG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
    ALCXMNTR.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\each stop debug tray]
    C:\Documents and Settings\All Users\Application Data\WARN STUPID EACH STOP\Mpeg Hold.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C62 Series]
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O5 "LPT1:" /M "Stylus C62"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX3600 Series]
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB002" /M "Stylus CX3600"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
    C:\WINDOWS\system32\hphmon06.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
    c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
    c:\windows\system\hpsysdrv.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\keyboard]
    C:\windows\keyboard17.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
    "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mousepad]
    C:\windows\mousepad17.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\newname]
    C:\\newname17.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nosign_JL2005]
    nosign TRUST

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
    C:\WINDOWS\system32\ps2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "C:\Program Files\QuickTime\qttask.exe" -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
    C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
    C:\WINDOWS\SMINST\RECGUARD.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Windows KeyHook]
    C:\WINDOWS\system32\keyhook.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Stupidfind]
    C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\UPCORN~1\Bore Chin.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfSideKick 3]
    C:\Program Files\SurfSideKick 3\Ssk.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
    VTTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\w30e5c6c.dll]
    RUNDLL32.EXE w30e5c6c.dll,I2 000c0ed2030e5c6c

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wcmdmgr]
    C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Agent]
    C:\Program Files\webHancer\Programs\whagent.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Survey Companion]
    C:\Program Files\webHancer\Programs\whsurvey.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
    "C:\Program Files\Save\Save.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winlog]
    winlog.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wiwk]
    C:\PROGRA~1\FICHIE~1\wiwk\wiwkm.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "SymWSC"=2 (0x2)
    "SNDSrvc"=2 (0x2)
    "iPodService"=3 (0x3)
    "Ati HotKey Poller"=2 (0x2)
    "aspnet_state"=3 (0x3)
    "cmdService"=2 (0x2)
    "SAVScan"=3 (0x3)

    R1 SSHDRV85;SSHDRV85;\??\C:\WINDOWS\system32\drivers\SSHDRV85.sys
    R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
    R3 JL2005;TRUST SPYC@M 100;C:\WINDOWS\system32\Drivers\toywdm.sys
    R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
    S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\system32\DRIVERS\alcan5ln.sys
    S3 U2SP;USB to Serial Converter Driver(Philips);C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub

    Contents of the 'Scheduled Tasks' folder
    2007-08-20 19:00:00 C:\WINDOWS\Tasks\A9D3D4B891BC4BB8.job - c:\docume~1\hp_pro~1\applic~1\upcorn~1\DEFY MANAGER INTERNET.exe
    2007-07-05 13:48:20 C:\WINDOWS\Tasks\Connexion facile à Internet.job
    2007-08-17 18:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - MAXIME.job
    2007-08-20 20:35:00 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE

    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-08-20 22:34:30
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-08-20 22:38:21 - machine was rebooted
    C:\ComboFix-quarantined-files.txt ... 2007-08-20 22:38

    --- E O F ---
    a b 8 Sécurité
    21 Août 2007 14:11:23

    Un peu de patience ?

    Tu peux refaire un scan clean option 1 ?
    21 Août 2007 14:23:04

    voila le rapport:

    21/08/2007 a 14:22:31,25

    *** Recherche des fichiers dans C:
    C:\VSL02.exe FOUND

    *** Recherche des fichiers dans C:\WINDOWS\
    C:\WINDOWS\ALCXMNTR.EXE FOUND

    *** Recherche des fichiers dans C:\WINDOWS\system32
    "C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
    "C:\WINDOWS\Downloaded Program Files\CONFLICT.2" FOUND

    *** Recherche des fichiers dans C:\Program Files
    "C:\Program Files\Adverts\" FOUND
    "C:\Program Files\GameHouse\" FOUND
    "C:\Program Files\outlook\" FOUND
    "C:\Program Files\Save\" FOUND
    "C:\Program Files\Viewpoint\" FOUND
    *** Fin du rapport !
    a b 8 Sécurité
    21 Août 2007 14:24:27

    Recommence ce que j'ai dit avec clean en option 2.
    21 Août 2007 17:49:56

    voila le rapport:

    Script execute en mode sans echec
    Rapport clean par Malekal_morte - http://www.malekal.com
    Script execute en mode sans echec 21/08/2007 a 17:32:12,56

    Microsoft Windows XP [version 5.1.2600]

    *** Suppression des fichiers dans C:
    tentative de suppression de C:\VSL02.exe

    *** Suppression des fichiers dans C:\WINDOWS\
    tentative de suppression de C:\WINDOWS\ALCXMNTR.EXE

    *** Suppression des fichiers dans C:\WINDOWS\system32
    tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1"
    tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.2"

    *** Suppression des fichiers dans C:\Program Files
    tentative de suppression de "C:\Program Files\Adverts\"
    tentative de suppression de "C:\Program Files\GameHouse\"
    tentative de suppression de "C:\Program Files\outlook\"
    tentative de suppression de "C:\Program Files\Save\"
    tentative de suppression de "C:\Program Files\Viewpoint\"

    *** Suppression des clefs du registre effectuee..
    *** Fin du rapport !
    a b 8 Sécurité
    21 Août 2007 18:15:59

    Reposte un rapport Hijackthis.
    21 Août 2007 19:43:14

    le voici:


    Logfile of HijackThis v1.99.1
    Scan saved at 19:42:15, on 21/08/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    c:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\MAXIME.GOMEZ\Mes documents\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ojiuaqzlbobmb.com/PDXq1CiEt9k64_pEN4YEHetBdJ...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetelportail.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Safe Spam.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [Stupidfind] C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\UPCORN~1\Bore Chin.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by127fd.bay127.hotmail.msn.com/activex/HMAtchmt....
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://fr.errorsafe.com/pages/scanner_fr/ErrorSafeScann...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe

    a b 8 Sécurité
    21 Août 2007 20:23:25

    Refais un scan LopResearch.
    21 Août 2007 21:23:44

    voila le rapport:



    ComboFix 07-08-17.2 - "MAXIME" 2007-08-21 21:11:06.2 - NTFSx86
    Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.311 [GMT 2:00]


    ((((((((((((((((((((((((( Files Created from 2007-07-21 to 2007-08-21 )))))))))))))))))))))))))))))))


    2007-08-20 22:09 51,200 --a------ C:\WINDOWS\nircmd.exe
    2007-08-04 22:50 <REP> d-------- C:\DOCUME~1\MAXIME~1.GOM\OngameNetwork
    2007-08-03 13:20 <REP> d-------- C:\Program Files\Up corn
    2007-08-03 13:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\settings blue film frag
    2007-08-03 13:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
    2007-07-25 10:42 <REP> d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\PlayFirst
    2007-07-25 10:42 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    2007-07-21 22:10 <REP> d-------- C:\DOCUME~1\HP_PRO~1\Saved Games
    2007-07-21 21:57 <REP> d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\iWin


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-08-20 08:12 --------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
    2007-08-04 22:34 --------- d-------- C:\Program Files\eMule
    2007-07-23 15:12 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Nokia Multimedia Player
    2007-07-23 12:54 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\AdobeUM
    2007-07-21 21:58 --------- d-------- C:\Program Files\Zylom Games
    2007-07-19 23:05 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Nokia
    2007-07-19 23:05 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Datalayer
    2007-07-19 22:54 --------- d-------- C:\Program Files\Nokia
    2007-07-19 22:54 --------- d-------- C:\Program Files\Fichiers communs\PCSuite
    2007-07-19 22:54 --------- d-------- C:\Program Files\Fichiers communs\Nokia
    2007-07-19 22:54 --------- d-------- C:\Program Files\DIFX
    2007-07-19 22:53 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\PC Suite
    2007-07-06 23:41 --------- d-------- C:\Program Files\VstPlugins
    2007-07-06 23:41 --------- d-------- C:\Program Files\Image-Line
    2007-07-06 23:18 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-07-05 15:48 --------- d-------- C:\Program Files\Easy Internet signup
    2007-07-02 00:13 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Screenshot Sender
    2007-06-27 03:09 --------- d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-06-26 18:01 --------- d-------- C:\Program Files\MSBuild
    2007-06-26 18:01 --------- d-------- C:\Program Files\Microsoft Works
    2007-06-26 18:00 --------- d-------- C:\Program Files\Microsoft.NET
    2007-06-26 17:57 --------- d-------- C:\Program Files\Microsoft Visual Studio 8
    2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
    2007-06-25 18:59 --------- d-------- C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\Google
    2007-06-25 18:57 --------- d-------- C:\Program Files\Google
    2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
    2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
    2006-04-22 12:03 774144 --a------ C:\Program Files\RngInterstitial.dll
    2004-12-27 22:17:16 0 --sha-w C:\WINDOWS\SMINST\HPCD.sys
    2005-07-29 14:24:26 472 --sha-r C:\WINDOWS\TmFkaW5lIEdvbWV6\nAI4uqc5KHxSvqpd.vbs


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 21:02]
    "SpeedTouch USB Diagnostics"="C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-06-06 11:15]
    "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-02-03 17:36]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-01-01 18:45]
    "PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 12:36]
    "bend logo clock film"="C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Safe Spam.exe" [2007-08-21 17:46]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-10-05 16:22]
    "Configuration de la C-BOX"="C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe" [2004-12-21 19:17]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-29 00:01]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2005-01-19 15:18]
    "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 16:21]
    "Stupidfind"="C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\UPCORN~1\Bore Chin.exe" [2007-08-03 13:20]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-29 06:31:38]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AOL Tray Icon.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AOL Tray Icon.lnk
    backup=C:\WINDOWS\pss\AOL Tray Icon.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^E_SPSU01.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\E_SPSU01.lnk
    backup=C:\WINDOWS\pss\E_SPSU01.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
    AGRSMMSG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
    ALCXMNTR.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\each stop debug tray]
    C:\Documents and Settings\All Users\Application Data\WARN STUPID EACH STOP\Mpeg Hold.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C62 Series]
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O5 "LPT1:" /M "Stylus C62"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX3600 Series]
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB002" /M "Stylus CX3600"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
    C:\WINDOWS\system32\hphmon06.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
    c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
    c:\windows\system\hpsysdrv.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\keyboard]
    C:\windows\keyboard17.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
    "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mousepad]
    C:\windows\mousepad17.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\newname]
    C:\\newname17.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nosign_JL2005]
    nosign TRUST

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
    C:\WINDOWS\system32\ps2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "C:\Program Files\QuickTime\qttask.exe" -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
    C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
    C:\WINDOWS\SMINST\RECGUARD.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Windows KeyHook]
    C:\WINDOWS\system32\keyhook.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Stupidfind]
    C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\UPCORN~1\Bore Chin.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfSideKick 3]
    C:\Program Files\SurfSideKick 3\Ssk.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
    VTTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\w30e5c6c.dll]
    RUNDLL32.EXE w30e5c6c.dll,I2 000c0ed2030e5c6c

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wcmdmgr]
    C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Agent]
    C:\Program Files\webHancer\Programs\whagent.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Survey Companion]
    C:\Program Files\webHancer\Programs\whsurvey.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
    "C:\Program Files\Save\Save.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winlog]
    winlog.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wiwk]
    C:\PROGRA~1\FICHIE~1\wiwk\wiwkm.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "SymWSC"=2 (0x2)
    "SNDSrvc"=2 (0x2)
    "iPodService"=3 (0x3)
    "Ati HotKey Poller"=2 (0x2)
    "aspnet_state"=3 (0x3)
    "cmdService"=2 (0x2)
    "SAVScan"=3 (0x3)

    R1 SSHDRV85;SSHDRV85;\??\C:\WINDOWS\system32\drivers\SSHDRV85.sys
    R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
    R3 JL2005;TRUST SPYC@M 100;C:\WINDOWS\system32\Drivers\toywdm.sys
    R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
    S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\system32\DRIVERS\alcan5ln.sys
    S3 U2SP;USB to Serial Converter Driver(Philips);C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub

    Contents of the 'Scheduled Tasks' folder
    2007-08-21 19:00:00 C:\WINDOWS\Tasks\A9D3D4B891BC4BB8.job - c:\docume~1\hp_pro~1\applic~1\upcorn~1\DEFY MANAGER INTERNET.exe
    2007-07-05 13:48:20 C:\WINDOWS\Tasks\Connexion facile à Internet.job
    2007-08-17 18:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - MAXIME.job
    2007-08-21 19:20:00 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE

    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-08-21 21:19:54
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    **************************************************************************

    Completion time: 2007-08-21 21:21:18
    C:\ComboFix-quarantined-files.txt ... 2007-08-21 21:20
    C:\ComboFix2.txt ... 2007-08-20 22:38

    --- E O F ---
    a b 8 Sécurité
    21 Août 2007 21:39:03

    LopResearch, pas Combofix.
    21 Août 2007 21:52:59

    voila:

    Rapport fait à 21:30:04,84 le 20/08/2007

    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\Administrateur\Application Data

    18/10/2006 19:36 62 desktop.ini
    18/10/2006 19:36 <REP> Apple Computer
    18/10/2006 19:36 <REP> Identities
    18/10/2006 19:36 <REP> Intervideo
    18/10/2006 19:36 <REP> SampleView
    18/10/2006 19:36 <REP> Microsoft
    18/10/2006 19:36 <REP> Sun
    18/10/2006 19:36 <REP> Symantec
    18/10/2006 19:36 <REP> .
    18/10/2006 19:36 <REP> ..
    1 fichier(s) 62 octets
    9 R‚p(s) 19526516736 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\All Users\Application Data

    03/08/2007 13:20 <REP> settings blue film frag
    03/08/2007 13:20 <REP> Frag great bend logo
    25/07/2007 10:42 <REP> PlayFirst
    19/07/2007 22:53 <REP> PC Suite
    19/07/2007 22:52 <REP> Downloaded Installations
    26/06/2007 17:35 <REP> Microsoft Help
    03/01/2007 18:29 <REP> Zylom
    15/10/2006 14:18 <REP> Spybot - Search & Destroy
    04/10/2006 20:18 <REP> Google
    31/05/2006 15:26 <REP> UDL
    27/10/2005 20:06 <REP> Windows Genuine Advantage
    06/04/2005 19:44 <REP> Messenger Plus!
    06/04/2005 19:40 <REP> WARN STUPID EACH STOP
    27/12/2004 14:53 <REP> Viewpoint
    27/12/2004 14:51 <REP> AOL
    24/11/2004 01:56 <REP> ..
    24/11/2004 01:56 <REP> .
    01/01/2004 22:04 <REP> Symantec
    01/01/2004 18:57 <REP> Motive
    01/01/2004 18:44 <REP> QuickTime
    01/01/2004 18:44 <REP> Apple Computer
    01/01/2004 18:39 <REP> Adobe
    01/01/2004 18:36 <REP> InterVideo
    01/01/2004 16:51 <REP> Hewlett-Packard
    01/01/2004 16:41 1410 hpzinstall.log
    01/01/2004 15:59 62 desktop.ini
    01/01/2004 15:59 <REP> Microsoft
    01/01/2004 15:11 <REP> SBSI
    2 fichier(s) 1472 octets
    26 R‚p(s) 19526512640 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\Default User\Application Data

    27/12/2004 14:28 <REP> SampleView
    27/12/2004 14:28 <REP> Apple Computer
    27/12/2004 14:28 <REP> Intervideo
    27/12/2004 14:28 <REP> Sun
    27/12/2004 14:28 <REP> Symantec
    24/11/2004 01:57 <REP> ..
    24/11/2004 01:57 <REP> .
    01/01/2004 15:59 62 desktop.ini
    01/01/2004 15:59 <REP> Microsoft
    01/01/2004 15:06 <REP> Identities
    1 fichier(s) 62 octets
    9 R‚p(s) 19526512640 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\HP_PropriǸtaire\Application Data

    21/12/2005 19:06 <REP> ..
    21/12/2005 19:06 <REP> Macromedia
    21/12/2005 19:06 <REP> .
    0 fichier(s) 0 octets
    3 R‚p(s) 19526512640 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\HP_Propri‚taire\Application Data

    25/07/2007 10:42 <REP> PlayFirst
    21/07/2007 21:57 <REP> iWin
    20/07/2007 08:44 <REP> PC Suite
    07/03/2007 16:36 <REP> Gaijin Ent
    22/01/2007 13:05 <REP> Mozilla
    03/01/2007 18:29 <REP> Zylom
    29/10/2006 10:36 <REP> Google
    11/03/2006 17:33 <REP> MSNInstaller
    05/01/2006 12:43 <REP> Help
    31/10/2005 19:13 <REP> EA
    07/09/2005 15:22 <REP> Sonic
    07/09/2005 15:21 <REP> Leadertech
    17/08/2005 22:38 <REP> Wildfire
    17/08/2005 22:27 <REP> ArcSoft
    16/08/2005 10:43 <REP> Up corn
    24/06/2005 00:14 62 desktop.ini
    24/06/2005 00:13 <REP> Apple Computer
    24/06/2005 00:13 <REP> Identities
    24/06/2005 00:13 <REP> Intervideo
    24/06/2005 00:13 <REP> SampleView
    24/06/2005 00:13 <REP> Microsoft
    24/06/2005 00:13 <REP> ..
    24/06/2005 00:13 <REP> .
    24/06/2005 00:13 <REP> Sun
    24/06/2005 00:13 <REP> Symantec
    24/03/2005 09:38 <REP> ubi.com
    09/03/2005 18:52 <REP> Motive
    27/01/2005 21:40 <REP> AdobeUM
    27/01/2005 21:40 <REP> Adobe
    21/01/2005 15:39 <REP> Template
    27/12/2004 15:01 <REP> Macromedia
    27/12/2004 14:54 <REP> AOL
    27/12/2004 14:53 <REP> You've Got Pictures Screensaver
    1 fichier(s) 62 octets
    32 R‚p(s) 19526508544 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\MAXIME

    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\MAXIME.GOMEZ\Application Data

    19/07/2007 23:05 <REP> Datalayer
    19/07/2007 23:05 <REP> Nokia Multimedia Player
    19/07/2007 23:04 59982 NMM-MetaData.db
    19/07/2007 22:56 <REP> Nokia
    19/07/2007 22:53 <REP> PC Suite
    29/03/2007 19:29 <REP> Musicmatch
    14/03/2007 19:23 <REP> Screenshot Sender
    07/03/2007 18:18 <REP> Xfire
    07/03/2007 18:09 <REP> InstallShield
    25/12/2006 03:49 <REP> LALY2213
    04/11/2006 17:34 <REP> Help
    23/10/2006 13:45 <REP> Smart Panel
    18/10/2006 19:22 98 Sskuknwrd.dll
    18/10/2006 19:16 566229 Sskknwrd.dll
    27/09/2006 18:29 <REP> Google
    25/09/2006 18:15 <REP> Mozilla
    16/09/2006 12:41 <REP> AOL
    16/08/2006 19:47 <REP> teamspeak2
    20/05/2006 11:48 <REP> Okay Thunk
    18/09/2005 00:08 <REP> Sonic
    18/09/2005 00:08 <REP> Leadertech
    31/07/2005 19:01 <REP> La Bataille pour la Terre du Milieu
    02/07/2005 02:07 <REP> ArcSoft
    30/06/2005 19:31 <REP> AdobeUM
    30/06/2005 19:30 <REP> Adobe
    29/06/2005 22:20 <REP> Up corn
    25/06/2005 22:46 <REP> Template
    24/06/2005 00:47 <REP> Macromedia
    24/06/2005 00:21 62 desktop.ini
    24/06/2005 00:21 <REP> Identities
    24/06/2005 00:21 <REP> Apple Computer
    24/06/2005 00:21 <REP> Intervideo
    24/06/2005 00:21 <REP> Microsoft
    24/06/2005 00:21 <REP> SampleView
    24/06/2005 00:21 <REP> ..
    24/06/2005 00:21 <REP> Sun
    24/06/2005 00:21 <REP> .
    24/06/2005 00:21 <REP> Symantec
    4 fichier(s) 626371 octets
    34 R‚p(s) 19526508544 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\MAXIME~1~GOM

    ******************************************
    Recherche des taches planifiées dans C:\WINDOWS\tasks

    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\WINDOWS\Tasks

    03/08/2007 13:21 304 A9D3D4B891BC4BB8.job
    05/07/2007 15:48 274 Connexion facile … Internet.job
    28/12/2004 17:23 568 Norton AntiVirus - Analyser mon ordinateur - MAXIME.job
    01/01/2004 22:53 65 desktop.ini
    01/01/2004 22:05 426 Symantec NetDetect.job
    01/01/2004 15:08 6 SA.DAT
    01/01/2004 15:04 <REP> ..
    01/01/2004 15:04 <REP> .
    6 fichier(s) 1ÿ643 octets
    2 R‚p(s) 19ÿ526ÿ504ÿ448 octets libres

    ******************************************
    Listing des dossiers dans C:\Program Files

    a2
    a2 Free
    Adobe
    Adverts
    Alcatel
    AOL 9.0
    AOL Toolbar
    ArcSoft
    Ascaron Entertainment
    ATI Technologies
    AtomixMP3
    AvantGo Connect
    BearShare
    BoontyGames
    Broderbund
    Buzz
    Cegetel
    Common Files
    ComPlus Applications
    Cossacks
    Croteam
    DIFX
    Digital Reality
    directx
    DivX
    Doom 3
    EA GAMES
    Easy Internet signup
    EasyPHP1-8
    eMule
    Enlight
    EPSON
    Fichiers communs
    FileZilla
    Fox
    GameHouse
    Gamenext
    GameSpy Arcade
    GIMP-2.0
    Google
    Grisoft
    Help and Support Additions
    Hewlett-Packard
    HP
    Image-Line
    Infogrames
    Internet Explorer
    InterVideo
    iPod
    iTunes
    Java
    Jeskola Buzz
    Learn2.com
    Messenger
    Messenger Plus! 3
    Messenger Plus! Live
    MessengerPlus! 3
    Microsoft ActiveSync
    Microsoft CAPICOM 2.1.0.2
    microsoft frontpage
    Microsoft FrontPage Express
    Microsoft Office
    Microsoft R‚f‚rence
    Microsoft Visual Studio
    Microsoft Visual Studio 8
    Microsoft Works
    Microsoft.NET
    Movie Maker
    Mozilla Firefox
    MSBuild
    MSN
    MSN Gaming Zone
    MSN Messenger
    MSXML 4.0
    MUSICMATCH
    NetMeeting
    Nokia
    Norton AntiVirus
    Norton Personal Firewall
    Nullsoft
    Online Services
    Outlook Express
    PC-Doctor for Windows
    PHILIPS
    PhotoFiltre
    QuickTime
    QuickZip
    Real
    Red Storm Entertainment
    RngInterstitial.dll
    Rockstar Games
    Save
    Services en ligne
    Sierra On-Line
    SinEspias
    SiS VGA Utilities V3.59e
    Smart Panel
    Sonic
    Sonic RecordNow!
    SpeedSim
    Spybot - Search & Destroy
    SPYC@M 100
    Symantec
    SymNetDrv
    Take2
    TechCity Solutions
    THQ
    Trust
    ubi.com
    Ubisoft
    Unreal2
    Up corn
    ViaMichelin
    Viewpoint
    VstPlugins
    WildTangent
    Winamp
    Windows Journal Viewer
    Windows Live
    Windows Media Connect 2
    Windows Media Player
    Windows NT
    WinRAR
    Wolfenstein - Enemy Territory
    Xdgcvn
    xerox
    Yahoo!
    Zylom Games
    ******************************************
    Recherche des dossiers/fichiers LOP

    C:\Program Files\Adverts Présent !
    C:\WINDOWS\tasks\A9D3D4B891BC4BB8.job Présent !
    ******************************************
    Recherche d'infections connues

    Pas d'infection reconnue
    ******************************************
    Vérification du fichier HOSTS

    Fichier Hosts : MODIFIE
    *************** Fin du Rapport - Version 0.9 ****************
    Rapport fait à 21:52:18,18 le 21/08/2007

    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\Administrateur\Application Data

    18/10/2006 19:36 62 desktop.ini
    18/10/2006 19:36 <REP> Apple Computer
    18/10/2006 19:36 <REP> Identities
    18/10/2006 19:36 <REP> Intervideo
    18/10/2006 19:36 <REP> SampleView
    18/10/2006 19:36 <REP> Microsoft
    18/10/2006 19:36 <REP> Sun
    18/10/2006 19:36 <REP> Symantec
    18/10/2006 19:36 <REP> .
    18/10/2006 19:36 <REP> ..
    1 fichier(s) 62 octets
    9 R‚p(s) 20270845952 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\All Users\Application Data

    03/08/2007 13:20 <REP> settings blue film frag
    03/08/2007 13:20 <REP> Frag great bend logo
    25/07/2007 10:42 <REP> PlayFirst
    19/07/2007 22:53 <REP> PC Suite
    19/07/2007 22:52 <REP> Downloaded Installations
    26/06/2007 17:35 <REP> Microsoft Help
    03/01/2007 18:29 <REP> Zylom
    15/10/2006 14:18 <REP> Spybot - Search & Destroy
    04/10/2006 20:18 <REP> Google
    31/05/2006 15:26 <REP> UDL
    27/10/2005 20:06 <REP> Windows Genuine Advantage
    06/04/2005 19:44 <REP> Messenger Plus!
    06/04/2005 19:40 <REP> WARN STUPID EACH STOP
    27/12/2004 14:53 <REP> Viewpoint
    27/12/2004 14:51 <REP> AOL
    24/11/2004 01:56 <REP> ..
    24/11/2004 01:56 <REP> .
    01/01/2004 22:04 <REP> Symantec
    01/01/2004 18:57 <REP> Motive
    01/01/2004 18:44 <REP> QuickTime
    01/01/2004 18:44 <REP> Apple Computer
    01/01/2004 18:39 <REP> Adobe
    01/01/2004 18:36 <REP> InterVideo
    01/01/2004 16:51 <REP> Hewlett-Packard
    01/01/2004 16:41 1410 hpzinstall.log
    01/01/2004 15:59 62 desktop.ini
    01/01/2004 15:59 <REP> Microsoft
    01/01/2004 15:11 <REP> SBSI
    2 fichier(s) 1472 octets
    26 R‚p(s) 20270841856 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\Default User\Application Data

    27/12/2004 14:28 <REP> SampleView
    27/12/2004 14:28 <REP> Apple Computer
    27/12/2004 14:28 <REP> Intervideo
    27/12/2004 14:28 <REP> Sun
    27/12/2004 14:28 <REP> Symantec
    24/11/2004 01:57 <REP> ..
    24/11/2004 01:57 <REP> .
    01/01/2004 15:59 62 desktop.ini
    01/01/2004 15:59 <REP> Microsoft
    01/01/2004 15:06 <REP> Identities
    1 fichier(s) 62 octets
    9 R‚p(s) 20270841856 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\HP_PropriǸtaire\Application Data

    21/12/2005 19:06 <REP> ..
    21/12/2005 19:06 <REP> Macromedia
    21/12/2005 19:06 <REP> .
    0 fichier(s) 0 octets
    3 R‚p(s) 20270850048 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\HP_Propri‚taire\Application Data

    25/07/2007 10:42 <REP> PlayFirst
    21/07/2007 21:57 <REP> iWin
    20/07/2007 08:44 <REP> PC Suite
    07/03/2007 16:36 <REP> Gaijin Ent
    22/01/2007 13:05 <REP> Mozilla
    03/01/2007 18:29 <REP> Zylom
    29/10/2006 10:36 <REP> Google
    11/03/2006 17:33 <REP> MSNInstaller
    05/01/2006 12:43 <REP> Help
    31/10/2005 19:13 <REP> EA
    07/09/2005 15:22 <REP> Sonic
    07/09/2005 15:21 <REP> Leadertech
    17/08/2005 22:38 <REP> Wildfire
    17/08/2005 22:27 <REP> ArcSoft
    16/08/2005 10:43 <REP> Up corn
    24/06/2005 00:14 62 desktop.ini
    24/06/2005 00:13 <REP> Apple Computer
    24/06/2005 00:13 <REP> Identities
    24/06/2005 00:13 <REP> Intervideo
    24/06/2005 00:13 <REP> SampleView
    24/06/2005 00:13 <REP> Microsoft
    24/06/2005 00:13 <REP> ..
    24/06/2005 00:13 <REP> .
    24/06/2005 00:13 <REP> Sun
    24/06/2005 00:13 <REP> Symantec
    24/03/2005 09:38 <REP> ubi.com
    09/03/2005 18:52 <REP> Motive
    27/01/2005 21:40 <REP> AdobeUM
    27/01/2005 21:40 <REP> Adobe
    21/01/2005 15:39 <REP> Template
    27/12/2004 15:01 <REP> Macromedia
    27/12/2004 14:54 <REP> AOL
    27/12/2004 14:53 <REP> You've Got Pictures Screensaver
    1 fichier(s) 62 octets
    32 R‚p(s) 20270850048 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\MAXIME

    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\MAXIME.GOMEZ\Application Data

    19/07/2007 23:05 <REP> Datalayer
    19/07/2007 23:05 <REP> Nokia Multimedia Player
    19/07/2007 23:04 59982 NMM-MetaData.db
    19/07/2007 22:56 <REP> Nokia
    19/07/2007 22:53 <REP> PC Suite
    29/03/2007 19:29 <REP> Musicmatch
    14/03/2007 19:23 <REP> Screenshot Sender
    07/03/2007 18:18 <REP> Xfire
    07/03/2007 18:09 <REP> InstallShield
    25/12/2006 03:49 <REP> LALY2213
    04/11/2006 17:34 <REP> Help
    23/10/2006 13:45 <REP> Smart Panel
    27/09/2006 18:29 <REP> Google
    25/09/2006 18:15 <REP> Mozilla
    16/09/2006 12:41 <REP> AOL
    16/08/2006 19:47 <REP> teamspeak2
    20/05/2006 11:48 <REP> Okay Thunk
    18/09/2005 00:08 <REP> Sonic
    18/09/2005 00:08 <REP> Leadertech
    31/07/2005 19:01 <REP> La Bataille pour la Terre du Milieu
    02/07/2005 02:07 <REP> ArcSoft
    30/06/2005 19:31 <REP> AdobeUM
    30/06/2005 19:30 <REP> Adobe
    29/06/2005 22:20 <REP> Up corn
    25/06/2005 22:46 <REP> Template
    24/06/2005 00:47 <REP> Macromedia
    24/06/2005 00:21 62 desktop.ini
    24/06/2005 00:21 <REP> Identities
    24/06/2005 00:21 <REP> Apple Computer
    24/06/2005 00:21 <REP> Intervideo
    24/06/2005 00:21 <REP> Microsoft
    24/06/2005 00:21 <REP> SampleView
    24/06/2005 00:21 <REP> Sun
    24/06/2005 00:21 <REP> ..
    24/06/2005 00:21 <REP> .
    24/06/2005 00:21 <REP> Symantec
    2 fichier(s) 60044 octets
    34 R‚p(s) 20270845952 octets libres
    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\Documents and Settings\MAXIME~1~GOM

    ******************************************
    Recherche des taches planifiées dans C:\WINDOWS\tasks

    Le volume dans le lecteur C s'appelle HP_PAVILION
    Le num‚ro de s‚rie du volume est 00AE-96FB

    R‚pertoire de C:\WINDOWS\Tasks

    03/08/2007 13:21 304 A9D3D4B891BC4BB8.job
    05/07/2007 15:48 274 Connexion facile … Internet.job
    28/12/2004 17:23 568 Norton AntiVirus - Analyser mon ordinateur - MAXIME.job
    01/01/2004 22:53 65 desktop.ini
    01/01/2004 22:05 426 Symantec NetDetect.job
    01/01/2004 15:08 6 SA.DAT
    01/01/2004 15:04 <REP> ..
    01/01/2004 15:04 <REP> .
    6 fichier(s) 1ÿ643 octets
    2 R‚p(s) 20ÿ270ÿ845ÿ952 octets libres

    ******************************************
    Listing des dossiers dans C:\Program Files

    a2
    a2 Free
    Adobe
    Alcatel
    AOL 9.0
    AOL Toolbar
    ArcSoft
    Ascaron Entertainment
    ATI Technologies
    AtomixMP3
    AvantGo Connect
    BearShare
    BoontyGames
    Broderbund
    Buzz
    Cegetel
    Common Files
    ComPlus Applications
    Cossacks
    Croteam
    DIFX
    Digital Reality
    directx
    DivX
    Doom 3
    EA GAMES
    Easy Internet signup
    EasyPHP1-8
    eMule
    Enlight
    EPSON
    Fichiers communs
    FileZilla
    Fox
    Gamenext
    GameSpy Arcade
    GIMP-2.0
    Google
    Grisoft
    Help and Support Additions
    Hewlett-Packard
    HP
    Image-Line
    Infogrames
    Internet Explorer
    InterVideo
    iPod
    iTunes
    Java
    Jeskola Buzz
    Learn2.com
    Messenger
    Messenger Plus! 3
    Messenger Plus! Live
    MessengerPlus! 3
    Microsoft ActiveSync
    Microsoft CAPICOM 2.1.0.2
    microsoft frontpage
    Microsoft FrontPage Express
    Microsoft Office
    Microsoft R‚f‚rence
    Microsoft Visual Studio
    Microsoft Visual Studio 8
    Microsoft Works
    Microsoft.NET
    Movie Maker
    Mozilla Firefox
    MSBuild
    MSN
    MSN Gaming Zone
    MSN Messenger
    MSXML 4.0
    MUSICMATCH
    NetMeeting
    Nokia
    Norton AntiVirus
    Norton Personal Firewall
    Nullsoft
    Online Services
    Outlook Express
    PC-Doctor for Windows
    PHILIPS
    PhotoFiltre
    QuickTime
    QuickZip
    Real
    Red Storm Entertainment
    RngInterstitial.dll
    Rockstar Games
    Services en ligne
    Sierra On-Line
    SinEspias
    SiS VGA Utilities V3.59e
    Smart Panel
    Sonic
    Sonic RecordNow!
    SpeedSim
    Spybot - Search & Destroy
    SPYC@M 100
    Symantec
    SymNetDrv
    Take2
    TechCity Solutions
    THQ
    Trust
    ubi.com
    Ubisoft
    Unreal2
    Up corn
    ViaMichelin
    VstPlugins
    WildTangent
    Winamp
    Windows Journal Viewer
    Windows Live
    Windows Media Connect 2
    Windows Media Player
    Windows NT
    WinRAR
    Wolfenstein - Enemy Territory
    Xdgcvn
    xerox
    Yahoo!
    Zylom Games
    ******************************************
    Recherche des dossiers/fichiers LOP

    C:\WINDOWS\tasks\A9D3D4B891BC4BB8.job Présent !
    ******************************************
    Recherche d'infections connues

    Pas d'infection reconnue
    ******************************************
    Vérification du fichier HOSTS

    Fichier Hosts : Propre
    *************** Fin du Rapport - Version 0.9 ****************
    a b 8 Sécurité
    21 Août 2007 21:59:30

    Re,

    Fix les lignes en italique ci-dessous avec Hijackthis : AIDE EN IMAGES

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Safe Spam.exe
    O4 - HKCU\..\Run: [Stupidfind] C:\DOCUME~1\MAXIME~1.GOM\APPLIC~1\UPCORN~1\Bore Chin.exe


    &

    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne TOUS les emplacements en gras ci-dessous :

    C:\Documents and Settings\All Users\Application Data\settings blue film frag
    C:\Documents and Settings\All Users\Application Data\Frag great bend logo
    C:\Documents and Settings\All Users\Application Data\WARN STUPID EACH STOP
    C:\Documents and Settings\MAXIME.GOMEZ\Application Data\Okay Thunk
    C:\Documents and Settings\MAXIME.GOMEZ\Application Data\Up corn
    C:\Program Files\Up corn
    C:\WINDOWS\tasks\A9D3D4B891BC4BB8.job


    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    21 Août 2007 22:21:04

    j'imagine que c'est ca le rapport:


    C:\Documents and Settings\All Users\Application Data\settings blue film frag moved successfully.
    C:\Documents and Settings\All Users\Application Data\Frag great bend logo moved successfully.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\WARN STUPID EACH STOP scheduled to be deleted on reboot.
    C:\Documents and Settings\MAXIME.GOMEZ\Application Data\Okay Thunk moved successfully.
    C:\Documents and Settings\MAXIME.GOMEZ\Application Data\Up corn moved successfully.
    C:\Program Files\Up corn moved successfully.
    C:\WINDOWS\tasks\A9D3D4B891BC4BB8.job moved successfully.

    Created on 08/21/2007 22:07:06
    a b 8 Sécurité
    21 Août 2007 22:34:16

    Reposte un rapport Hijackthis.
    21 Août 2007 22:57:08

    Voila:

    Logfile of HijackThis v1.99.1
    Scan saved at 22:56:22, on 21/08/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    c:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
    C:\Documents and Settings\MAXIME.GOMEZ\Mes documents\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.seffysxlporvpaa.net/PDXq1CiEt9k64_pEN4YEHetB...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetelportail.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by127fd.bay127.hotmail.msn.com/activex/HMAtchmt....
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://fr.errorsafe.com/pages/scanner_fr/ErrorSafeScann...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe

    a b 8 Sécurité
    21 Août 2007 23:15:33

    D'autres questions ?
    21 Août 2007 23:19:31

    euh c'est fini là?!!?
    a b 8 Sécurité
    21 Août 2007 23:22:33

    Normalement, oui.
    22 Août 2007 00:11:32

    cool j'ai rien sentis en plus ^^

    Merci beaucoup! t'es génial!
    a b 8 Sécurité
    22 Août 2007 13:30:47

    Merci :jap: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS