Firefox s'ouvre tout seul

Bonsoir, désolé j'ai un peu tardé mais voici le resultat.


C:\APPS\CLICKME\ClickMe.exe une variante probable de Win32/StartPage.LOLTQON cheval de troie nettoyé par suppression - mis en quarantaine
C:\Documents and Settings\LEI\Bureau\UTILITAIRES\unlocker1.8.7.exe Win32/Adware.ADON application supprimé - mis en quarantaine
C:\Program Files\FindyKill\Tools\Process.exe Win32/PrcView application nettoyé par suppression - mis en quarantaine
C:\Program Files\Unlocker\eBay_shortcuts_1016.exe Win32/Adware.ADON application supprimé - mis en quarantaine
C:\WINDOWS\adobe.bat Win32/Joleee.AI ver nettoyé par suppression - mis en quarantaine

re,
tu avais Findkill dans ton PC, attention c'est un outil qui peut s'avérer dangereux si mal utilisé ?
Qui a demandé de téléchargé cet outil ?
( d'ailleurs détecté comme virus par Eset, et de ce fait devenu inutilisable )

je ne sais plus, il me semble que c'etait pour éradiquer une menace mais je ne suis plus sur.....

re,

tu supprimer manuellement le dossier de Findkill de toute façon il est HS....

c'est fait, mais je viens me rendre compte qu'internet explorer a le même problème, la fenêtré s'ouvre toute seule plus de vingt fois de suite dans une autre fenêtré a chaque fois....exactement comme firefox, c'est a rendre fou....

re-bonjour,

Exécute cette manip pour faire un scan avec Combofix.développé par sUBs.
En portant une attention particulière à l'install de la console sous XP, ( pas sous Vista * ) à la demande de sUBs. , concepteur de l'outil utilisé.
-->clic ici pour faire la manip demandée
Poste le rapport de C:\Combofix.txt. sur le forum.
Normalement la procédure installation est devenue automatique...il suffit d'accepter par "oui" à la demande de Combofix.....
En cas de souci avec l'install de la console sous XP uniquement, pas sous Vista .
Regarde ici le post de @Synthexe:
http://www.aidoforum.com/forum/vsujet-271470.html#271470

merci, voici le rapport...

ComboFix 10-11-21.01 - LEI 21/11/2010 21:34:19.1.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.1023.295 [GMT 1:00]
Lancé depuis: c:\documents and settings\LEI\Bureau\UTILITAIRES\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Norton Internet Security 2006 *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security 2006 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\LEI\Application Data\Microsoft\Internet Explorer\Quick Launch\BitDefender Antivirus Plus v10.lnk
C:\InfoSat.txt
c:\windows\My.ini
c:\windows\patch.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SYSTEMNTMI


((((((((((((((((((((((((((((( Fichiers créés du 2010-10-21 au 2010-11-21 ))))))))))))))))))))))))))))))))))))
.

2010-11-19 23:59 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{57AD8A13-8EF1-47DC-B4A9-52C5B2051323}\mpengine.dll
2010-11-13 14:36 . 2010-11-13 14:36 -------- d-----w- c:\program files\ESET
2010-11-07 17:56 . 2010-11-08 13:57 -------- d-----w- C:\Ad-Remover
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2010-11-06 01:31 . 2010-11-06 01:33 -------- d-----w- c:\program files\trend micro
2010-11-06 01:31 . 2010-11-06 01:33 -------- d-----w- C:\rsit
2010-11-06 01:27 . 2010-11-06 01:27 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00068.tmp
2010-11-06 01:26 . 2010-11-06 01:26 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00067.tmp
2010-11-06 01:25 . 2010-11-06 01:25 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00066.tmp
2010-11-06 01:25 . 2010-11-06 01:25 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00065.tmp
2010-11-06 01:22 . 2010-11-06 01:22 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00064.tmp
2010-11-06 01:22 . 2010-11-06 01:22 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00063.tmp
2010-11-06 01:21 . 2010-11-06 01:21 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00062.tmp
2010-11-06 01:17 . 2010-11-06 01:17 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00061.tmp
2010-11-06 01:14 . 2010-11-06 01:14 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00060.tmp
2010-11-06 01:12 . 2010-11-06 01:12 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00059.tmp
2010-11-06 01:11 . 2010-11-06 01:11 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00058.tmp
2010-11-06 01:10 . 2010-11-06 01:10 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00057.tmp
2010-11-06 01:10 . 2010-11-06 01:10 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00056.tmp
2010-11-06 01:10 . 2010-11-06 01:10 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00055.tmp
2010-11-06 01:09 . 2010-11-06 01:09 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00054.tmp
2010-11-06 01:08 . 2010-11-06 01:08 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00053.tmp
2010-11-06 01:08 . 2010-11-06 01:08 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00052.tmp
2010-11-06 01:07 . 2010-11-06 01:07 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00051.tmp
2010-11-06 01:07 . 2010-11-06 01:07 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00050.tmp
2010-11-06 01:07 . 2010-11-06 01:07 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00049.tmp
2010-11-06 01:07 . 2010-11-06 01:07 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00048.tmp
2010-11-06 01:07 . 2010-11-06 01:07 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00047.tmp
2010-11-06 01:07 . 2010-11-06 01:07 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00046.tmp
2010-11-06 01:06 . 2010-11-06 01:06 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00045.tmp
2010-11-06 01:06 . 2010-11-06 01:06 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00044.tmp
2010-11-06 01:05 . 2010-11-06 01:05 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00043.tmp
2010-11-06 01:05 . 2010-11-06 01:05 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00042.tmp
2010-11-06 01:05 . 2010-11-06 01:05 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00041.tmp
2010-11-06 01:05 . 2010-11-06 01:05 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00040.tmp
2010-11-06 00:52 . 2010-11-06 00:52 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00039.tmp
2010-11-06 00:52 . 2010-11-06 00:52 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00038.tmp
2010-11-06 00:52 . 2010-11-06 00:52 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00037.tmp
2010-11-06 00:51 . 2010-11-06 00:51 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00036.tmp
2010-11-06 00:51 . 2010-11-06 00:51 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00035.tmp
2010-11-06 00:50 . 2010-11-06 00:50 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00034.tmp
2010-11-06 00:50 . 2010-11-06 00:50 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00033.tmp
2010-11-06 00:48 . 2010-11-06 00:48 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00032.tmp
2010-11-06 00:42 . 2010-11-06 00:42 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00031.tmp
2010-11-06 00:42 . 2010-11-06 00:42 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00030.tmp
2010-11-06 00:42 . 2010-11-06 00:42 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00029.tmp
2010-11-06 00:41 . 2010-11-06 00:41 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00028.tmp
2010-11-06 00:41 . 2010-11-06 00:41 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00027.tmp
2010-11-06 00:41 . 2010-11-06 00:41 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00026.tmp
2010-11-06 00:41 . 2010-11-06 00:41 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00025.tmp
2010-11-06 00:41 . 2010-11-06 00:41 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00024.tmp
2010-11-06 00:40 . 2010-11-06 00:40 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00023.tmp
2010-11-06 00:39 . 2010-11-06 00:39 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00022.tmp
2010-11-06 00:38 . 2010-11-06 00:38 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00021.tmp
2010-11-06 00:38 . 2010-11-06 00:38 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00020.tmp
2010-11-06 00:38 . 2010-11-06 00:38 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00019.tmp
2010-11-06 00:38 . 2010-11-06 00:38 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00018.tmp
2010-11-06 00:38 . 2010-11-06 00:38 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00017.tmp
2010-11-06 00:38 . 2010-11-06 00:38 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00016.tmp
2010-11-06 00:37 . 2010-11-06 00:37 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00015.tmp
2010-11-06 00:37 . 2010-11-06 00:37 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00014.tmp
2010-11-06 00:37 . 2010-11-06 00:37 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00013.tmp
2010-11-06 00:37 . 2010-11-06 00:37 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00012.tmp
2010-11-06 00:36 . 2010-11-06 00:36 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00011.tmp
2010-11-06 00:35 . 2010-11-06 00:35 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00010.tmp
2010-11-06 00:32 . 2010-11-06 00:32 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00009.tmp
2010-11-06 00:32 . 2010-11-06 00:32 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00008.tmp
2010-11-06 00:31 . 2010-11-06 00:31 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00007.tmp
2010-11-06 00:31 . 2010-11-06 00:31 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00006.tmp
2010-11-06 00:30 . 2010-11-06 00:30 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00005.tmp
2010-11-06 00:27 . 2010-11-06 00:27 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00004.tmp
2010-11-06 00:26 . 2010-11-06 00:26 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00003.tmp
2010-11-06 00:22 . 2010-11-06 00:22 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00002.tmp
2010-11-06 00:21 . 2010-11-06 00:21 -------- d-----w- c:\documents and settings\LEI\Application Data\~LM00001.tmp
2010-11-05 21:49 . 2006-08-23 10:24 526184 ----a-w- c:\windows\system32\XceedCry.dll
2010-11-05 21:49 . 2003-12-15 10:23 279392 ----a-w- c:\windows\system32\XceedFtp.dll
2010-11-05 21:48 . 2010-11-06 00:16 -------- d-----w- c:\program files\LMSOFT Web Creator Pro 4
2010-10-29 08:03 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2010-03-15 12:46 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-07 23:21 . 2009-02-04 13:23 6146896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2005-05-13 16:12 217073 --sha-r- c:\windows\meta4.exe
2005-10-24 10:13 66560 --sha-r- c:\windows\MOTA113.exe
2005-10-13 20:27 422400 --sha-r- c:\windows\x2.64.exe
2005-10-07 18:14 308224 --sha-r- c:\windows\system32\avisynth.dll
2005-07-14 11:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
2005-06-26 14:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 21:37 45568 --sha-r- c:\windows\system32\cygz.dll
2004-01-24 23:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2005-12-22 19:23 816640 --sha-r- c:\windows\system32\smab.dll
2005-02-28 12:16 240128 --sha-r- c:\windows\system32\x.264.exe
2004-01-24 23:00 70656 --sha-r- c:\windows\system32\yv12vfw.dll
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\asyncmac.sys
[-] 2004-08-05 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys

[-] 2004-08-05 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-14 . 16813155807C6881F4BFBF6657424659 . 25216 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\kbdclass.sys
[-] 2004-08-03 . E798705E8DC7FAB596EF6BFDF167E007 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ndis.sys
[-] 2004-08-05 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys

[-] 2004-08-05 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\tcpip.sys
[7] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[7] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2005-03-14 . 6129E70F3D2F1E60860C930EBEAF92C2 . 359936 . . [5.1.2600.2631] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2005-03-14 . 0E66B538096A6529D1AC66E78EB0D5C8 . 359808 . . [5.1.2600.2631] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2004-08-05 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys

[-] 2008-04-14 . 06B54A7B1EF7CB16BFD0E208D343FA71 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\browser.dll
[-] 2004-08-05 . CE9DC7CC6D75515EE62CA341473EC5F3 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll

[-] 2008-04-14 . 91E6024D6D4DCDECDB36C43ECF9BBECB . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\lsass.exe
[-] 2004-08-05 . 9F3744A5C6F49291A7A685040A013399 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe

[-] 2008-04-14 . BAA0B6E647C1AD593E9BAE5CC31BCFFB . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\qmgr.dll
[-] 2004-08-05 . 87424817F82CF6A7F55DAC01A20111A3 . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll

[-] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\winlogon.exe
[-] 2004-08-05 . D2DE785AEAB0BB8CA4C14A8A199DBE4E . 506368 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe

[-] 2008-04-14 . 7A6D0B71035E123FDDA2156A25578AD3 . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\cryptsvc.dll
[-] 2004-08-05 . BDDF3723D95DC28D78B1E93119E0E6AB . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll

[-] 2008-07-07 20:31 . A5B1B7C76134329AA7547F6E6DA35410 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:31 . A5B1B7C76134329AA7547F6E6DA35410 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:28 . EC16AE9B37EACF871629227A3F3913FD . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:24 . 157F9C595FD0D10502497DC4C1348D17 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:18 . 74ECF4DDC685BD3249CAB323405FCC49 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 02:33 . 9FD4A0615BF3E9388A46EDF8774C7294 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\es.dll
[7] 2005-07-26 04:39 . D9CDB9380E0EFC9E97CC589B5F484B94 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll
[7] 2005-07-26 04:29 . B56B69129181FF63BAED5EDE65DCC9B1 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2004-08-05 13:00 . BBA1D0A306ABE68A13F58FDBE97E9AF4 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll

[-] 2008-04-14 . 0469B73DB32E5520F342C5E163AA3CCA . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\imm32.dll
[-] 2004-08-05 . 39EE5FAF56260EBB8D77A08F525EBBB4 . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll

[-] 2008-04-14 . 982B2C204337C3B12211E1E1D9BA8C9C . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\lpk.dll
[-] 2004-08-05 . 8C97E0E3DAA99659D4F4B44CC1F282A6 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll

[-] 2008-04-14 . 3891413139EAABFEFE9B0CA49B5CD395 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\msvcrt.dll
[-] 2008-04-14 . D33CD21D476C3A07DD88F83850A17432 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2004-08-05 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL
[-] 2004-08-05 . 351B1AD22FD0EC70D889766E0B4F72ED . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll
[-] 2004-08-05 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2004-08-05 . 5C53FCABF891ECDC7156544E5B03FE71 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll

[-] 2008-06-20 . 58AF8498C62E1E1DAB5AE59C6E08C180 . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . C759B3790D3BA760C52E218EF4886DAC . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 8A52DE10680A40ECD04FA2C0FBC34190 . 247808 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 8A52DE10680A40ECD04FA2C0FBC34190 . 247808 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . 4138FBDEDBC6FEAD215BB4C4B102F7DE . 247808 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-04-14 . 196CCC3FDD21665DCAA9F83FFC03B41A . 247808 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\mswsock.dll
[-] 2004-08-05 . CCDD3433F3C3BD0D8502B38FD155B2F0 . 247808 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll

[7] 2009-02-06 . ECD7791E0E9246CA5F218A19F3911EB9 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[7] 2009-02-06 . ECD7791E0E9246CA5F218A19F3911EB9 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2008-04-14 . 04821179C3171554C1BD1F9888A113E2 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\netlogon.dll
[-] 2004-08-05 . FAF07FDCDE76000621A28D19F8E2E8EB . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll

[-] 2008-04-14 . 9F2C862E39BF8E8FC51C3F6A6BCEB415 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\powrprof.dll
[-] 2004-08-05 . B02E4DDBE0E98F42F3B61292DDB3A104 . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll

[-] 2008-04-14 . 973B36634C544948C663E8269AA1B3A3 . 187392 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\scecli.dll
[-] 2004-08-05 . DEC0397F35D027874804EC72979D03CC . 186368 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll

[-] 2008-04-14 . 9A4E7ECBB5B7FB86F3B926AB039F4FEC . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\sfc.dll
[-] 2004-08-05 . 94559DE281DADCB58E6A3919C7EAC0B4 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll

[-] 2008-04-14 . E4BDF223CD75478BF44567B4D5C2634D . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\svchost.exe
[-] 2004-08-05 . 1BD6C2F707A275CB7C16FD99FE0F31CA . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe

[-] 2008-04-14 . E74DDB12188C2FF57A78624DBF7332FC . 26624 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\userinit.exe
[-] 2004-08-05 . D6D65EA32B190401B57EDB6706F29669 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe

[-] 2008-04-14 . FB836F9E62D82904C983AD21296A5D9C . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ws2_32.dll
[-] 2004-08-05 . BC41F51A39D3B255805FDB759B7814AE . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll

[-] 2008-04-14 . 36A608BF354FCC64AD6C0F2B5E2B8806 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ws2help.dll
[-] 2004-08-05 . CB99D66483437E06286D4401A151D4E4 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll

[-] 2008-04-14 . 6ED29124A1C83BD0CF6B26BD01CA6F6F . 171520 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\srsvc.dll
[-] 2004-08-05 . 6469C53F4D16FA6055CCA265BC03DB66 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll

[-] 2008-04-14 . 02DA31AB433A6C1110A736C85701DECA . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\wscntfy.exe
[-] 2004-08-05 . 54CDDAD404557ED98433D6ECBFC92691 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe

[-] 2008-04-14 . F92A87FDDA0C11C8604FBC2B864FA726 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\xmlprov.dll
[-] 2004-08-05 . 21056AEF44322C3E2DD5391B6AEFA75A . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll

[-] 2008-04-14 . 4EC800BDF80521B0207BD2301DFC7D14 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\eventlog.dll
[-] 2004-08-05 . 21E83876A6287F15538EF187D286FE11 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll

[-] 2008-04-14 . E17C85D5B5CF477638433B851A98499E . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\sfcfiles.dll
[-] 2004-08-05 . ACF04FB3448D2C2CD3A851C138EC8AB6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll

[-] 2008-04-14 . 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ctfmon.exe
[-] 2004-08-05 . 5584247B568C2E53934873F4B655FE6A . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe

[-] 2008-04-14 . E598D81197E2E0EC42A0C55772BB00E8 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\regsvc.dll
[-] 2004-08-05 . 345D02087F5696749C6120359B1E2988 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll

[-] 2008-04-14 . 55F5C5C1BE1A78E285033E432BA01597 . 194560 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\schedsvc.dll
[-] 2004-08-05 . 4612EC6DAF695B87A2529FCBB95B75DE . 193024 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll

[-] 2008-04-14 . EA9E0DB8684CEF2FD3BADD671DF5A112 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ssdpsrv.dll
[-] 2004-08-05 . B636478A2569AE69CAF003254022A742 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll

[-] 2008-04-14 . 710BC85A8C22626EE094439E3EA0D38C . 297984 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\termsrv.dll
[-] 2004-08-05 . 7D521B8CF926459E270D18C559323815 . 297984 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll

[-] 2004-08-05 . E4ABC1212B70BB03D35E60681C447210 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\drivers\AGP440.SYS

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ip6fw.sys
[-] 2004-08-05 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys

[-] 2008-04-14 . E67A66A3781C1A483F0F8992664CBE0D . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\msgsvc.dll
[-] 2004-08-05 . 97939358ED4487CBB4A0D743CE958266 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll

[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2004-08-05 13:00 . 762B2A5F0E8B0164A5DB6741959DFB0C . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll

[-] 2008-04-14 02:33 . 037D92B3A7853A183FCAB77FB1D13D6C . 438272 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ntmssvc.dll
[-] 2004-08-05 13:00 . 3F82A4226289510DF300813B9B87F0E5 . 438272 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll

[-] 2008-04-14 . 4BB396EA6CAA50F2208078602549F2F2 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\dsound.dll
[-] 2004-08-05 . 0AE00CA307264649EE2F5FC1CB1B0F1F . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll

[-] 2008-04-14 . 7EAEC24B85DD04EDAA04A51CB07DF870 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\d3d9.dll
[-] 2004-08-05 . EA9F86E5892D85E282311C53083903DC . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll

[-] 2008-04-14 . 75BD925DAB6E5323EDB6D5CFCDEB16D1 . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ddraw.dll
[-] 2004-08-05 . 20A4E9DA85A1FF521AC5325FC3BADDF9 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll

[-] 2008-04-14 02:33 . 3BA21BD333A1B8B222006E5464D44F49 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\olepro32.dll
[-] 2004-08-05 13:00 . 5860F5A42B67EC8BBB5AA3CE7ABC9976 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll

[-] 2008-04-14 . 08592889A219F7A60F9865B0EE7CAFF8 . 42496 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\perfctrs.dll
[-] 2004-08-05 . 719682744477D57B30248F4479EE8D0D . 42496 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll

[-] 2008-04-14 . A71A42AD584FAD1A8D1EC5D807C6E528 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\version.dll
[-] 2004-08-05 . 8B142E6DAC3BD370637E8AF6E87C2321 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]
"Google Update"="c:\documents and settings\LEI\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-06-15 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-04 102490]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-04 708698]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-12 14156800]
"RMC"="c:\windows\system32\drivers\RMC.exe" [2005-03-28 24576]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 61952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Microsoft Works Update Detection"="c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-18 28672]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-22 339968]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 19968]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Autoconfigurateur WiFi SFR"="c:\program files\SFR\Kit\WiFi\9wifi.exe" [2009-10-15 357696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]
"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\LEI\Menu D‚marrer\Programmes\D‚marrage\
Aide m‚moire.lnk - c:\program files\Aide m‚moire\TrayIcon.exe [2006-10-19 34816]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - c:\program files\Belkin\Logiciel Bluetooth\BTTray.exe [2005-7-22 577597]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AOL 9.0 Icône AOL.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\AOL 9.0 Icône AOL.lnk
backup=c:\windows\pss\AOL 9.0 Icône AOL.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AOL Compagnon.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\AOL Compagnon.lnk
backup=c:\windows\pss\AOL Compagnon.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AOL Companion.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\AOL Companion.lnk
backup=c:\windows\pss\AOL Companion.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^CONNECTAUTrayApp.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\CONNECTAUTrayApp.lnk
backup=c:\windows\pss\CONNECTAUTrayApp.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NDAS Device Management.lnk]
backup=c:\windows\pss\NDAS Device Management.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CONNECTScheduler]
2006-03-23 01:00 75336 ----a-w- c:\program files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeMem Pro]
2003-06-23 12:01 672256 ----a-w- c:\documents and settings\LEI\Bureau\PROGRAMMES\FreeMem Professional\fmempro.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-05 13:00 208952 ----a-w- c:\windows\ime\IMJP8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
2003-11-07 09:50 19968 ----a-w- c:\windows\LOGI_MWX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRO Landscape Dashboard]
2005-03-08 05:03 3588096 ----a-w- c:\program files\Drafix\PRO Landscape\PRO Landscape Dashboard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedTouch USB Diagnostics]
2004-01-26 09:38 866816 ----a-w- c:\program files\Thomson\SpeedTouch USB\dragdiag.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-04-14 16:09 202256 ----a-w- c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"_IOMEGA_ACTIVE_DISK_SERVICE_"=2 (0x2)
"McComponentHostService"=3 (0x3)
"Iomega App Services"=2 (0x2)
"gupdate"=2 (0x2)
"CarryLaunch"=2 (0x2)
"Autodesk Licensing Service"=3 (0x3)
"AOL ACS"=2 (0x2)
"OutpostFirewall"=2 (0x2)
"gusvc"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"AOLDialer"=c:\program files\Fichiers communs\AOL\ACS\AOLDial.exe
"AOLSAV"=c:\progra~1\TECHCI~1\AOLSAV\AOLAgent.exe
"eTrustPPAP"="c:\program files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
"HostManager"=c:\program files\Fichiers communs\AOL\1227058387\ee\AOLSoftware.exe
"ADUserMon"=c:\program files\Iomega\AutoDisk\ADUserMon.exe
"Iomega Drive Icons"=c:\program files\Iomega\DriveIcons\ImgIcon.exe
"MobileConnect"=%programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedAppl ications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\APPS\\Inventime\\my.exe"=
"c:\\Program Files\\Sony\\CONNECT Player\\tinyhttp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\LEI\\Bureau\\WWW\\Emule Evolution v2 0.47A Highspeed Leecher\\eMule_Evolution_V2_0.47a_highspeed_leecher\\emule.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\1227058387\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\adslTV\\adsltv.exe"=
"c:\\Program Files\\adslTV\\VLC\\vlc.exe"=
"c:\program files\SFR\Media Center\httpd\httpd.exe"= c:\program files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPo rts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"8788:TCP"= 8788:TCP:mumu
"12224:UDP"= 12224:UDP:mumu

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26/04/2010 20:35 691696]
R1 ndasfat;NDAS FAT;c:\windows\system32\drivers\ndasfat.sys [27/09/2007 22:47 372584]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [17/08/2010 01:12 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21/06/2008 03:54 66600]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [18/02/2010 00:05 108289]
R2 MTC0001_RMC;Remove Control Device;c:\windows\system32\drivers\RMC.sys [01/01/1980 13912]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [20/06/2007 15:55 14976]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31/10/2008 06:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31/10/2008 06:24 1365288]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [04/07/2008 12:52 14336]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 19:19 13592]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [17/08/2010 01:12 65576]
R3 Slazldrv;SmartLink AMR_PCI Driver;c:\windows\system32\drivers\SLDRV\slazldrv.sys [17/11/2005 09:59 226768]
R3 ULI5261;ULi Based Ethernet NT Driver;c:\windows\system32\drivers\ULILAN.SYS [01/01/1980 28160]
S0 ati1agxx;ati1agxx; [x]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15/04/2010 21:08 136176]
S3 alcan5ln;SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);c:\windows\system32\drivers\alcan5ln.sys [27/06/2006 14:12 36256]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys --> c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [?]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys --> c:\windows\system32\Drivers\gHidPnp.Sys [?]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys --> c:\windows\system32\DRIVERS\gMouUsb.sys [?]
S4 CarryLaunch;Carry it Easy Launcher;c:\windows\system32\CarryLaunch.exe [27/07/2009 20:41 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contenu du dossier 'Tâches planifiées'

2010-11-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-05 17:05]

2010-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-15 20:08]

2010-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-15 20:08]

2010-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3338585933-1451186106-3848156146-1006Core.job
- c:\documents and settings\LEI\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-04 05:13]

2010-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3338585933-1451186106-3848156146-1006UA.job
- c:\documents and settings\LEI\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-04 05:13]

2006-02-02 c:\windows\Tasks\HDReg.job
- c:\apps\HDReg\HDRegRem.exe [2005-11-17 10:14]

2010-11-21 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2006-02-02 c:\windows\Tasks\Rappel d'enregistrement 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-08-16 13:00]

2010-11-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3338585933-1451186106-3848156146-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-11-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3338585933-1451186106-3848156146-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
.
------- Examen supplémentaire -------
.
IE: &Recherche AOL Toolbar - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
IE: Envoyer à &Bluetooth - c:\program files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\LEI\Application Data\Mozilla\Firefox\Profiles\vnar10iu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - eBay France
FF - prefs.js: browser.startup.homepage - hxxp://www.sfr.fr/mobile-adsl/?sfrcpid=t1_marque_sfr_goog&s_kwcid=TC
FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordex t.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\LEI\Application Data\Mozilla\Firefox\Profiles\vnar10iu.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\documents and settings\LEI\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Photosynth\npPhotosynthMozilla.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Associations de fichier -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-E06FXLRD_1303859 - c:\program files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE
HKLM-Run-ioCentre - c:\genius\ioCentre\gTaskBar.exe
MSConfigStartUp-E06FXLRD_1303859 - c:\program files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE
MSConfigStartUp-E06FXLRD_327921 - c:\program files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-21 21:54
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Iomega Activity Disk2]
"ImagePath"="\"\""

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\MySqlInventime]
"ImagePath"="c:\mysql\bin\mysqld-max-nt MySqlInventime"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-3338585933-1451186106-3848156146-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(1344)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\CLBCATQ.DLL

- - - - - - - > 'explorer.exe'(2780)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\NDAS\System\ndassvc.exe
c:\windows\system32\slserv.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\wanmpsvc.exe
c:\apps\Powercinema\Kernel\TV\CLSched.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\windows\RTHDCPL.EXE
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
.
**************************************************************************
.
Heure de fin: 2010-11-21 22:11:40 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-11-21 21:11

Avant-CF: 10 986 483 712 octets libres
Après-CF: 11 033 554 944 octets libres

- - End Of File - - 0A3BED91BB6290F6601E47486AC10661

re,

parfait bon travail


fais un scan en ligne rapide sur Bitdefender
rends toi sur ce lien
Démarre dans la fenêtre le BitDefender QuickScan
En fin de scan clic sur Afficher le journal et poste moi le rapport

Bonjour, pardon j'ai un peu tardé pour faire cette analyse, mais voici les résultats que Bit defender affiche..bonne journée...


QuickScan Beta 32-bit v0.9.9.52
-------------------------------
Date de l'analyse : Thu Dec 02 15:31:56 2010
ID de la machine : E68F24



Aucune infection détectée.
--------------------------



Processus
---------
America Online 400 C:\WINDOWS\wanmpsvc.exe
AntiVir Desktop 3388 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
AntiVir Desktop 1256 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
AntiVir Desktop 884 C:\Program Files\Avira\AntiVir Desktop\sched.exe
ATI Desktop Component 3268 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
ATI External Event Utility for WindowsN 1260 C:\WINDOWS\system32\ati2evxx.exe
ATI External Event Utility for WindowsN 1600 C:\WINDOWS\system32\ati2evxx.exe
Bluetooth Software 4.0.1.2500 1484 C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
Bluetooth Software 4.0.1.2500 3748 C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
CLCapSvc Module 1548 C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
CLSched Module 696 C:\APPS\Powercinema\Kernel\TV\CLSched.exe
Cyberlink Media Library Server 1756 C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
Cyberlink MediaLibrary NT Service 1772 C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
Cyberlink PowerCinema 3184 C:\APPS\Powercinema\PCMService.exe
Firefox 3196 C:\Program Files\Mozilla Firefox\firefox.exe
Firefox 4056 C:\Program Files\Mozilla Firefox\plugin-container.exe
HidService.exe 1792 C:\APPS\HIDSERVICE\HidService.exe
Java(TM) Platform SE 6 U22 2012 C:\Program Files\Java\jre6\bin\jqs.exe
Java(TM) Platform SE Auto Updater 2 0 3368 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
Kit de connexion neufbox 3564 C:\Program Files\SFR\Kit\9props.exe
Kit de connexion neufbox 3404 C:\Program Files\SFR\Kit\WiFi\9wifi.exe
Microsoft ActiveSync 3460 C:\Program Files\Microsoft ActiveSync\wcescomm.exe
Microsoft ActiveSync 3684 C:\PROGRA~1\MI3AA1~1\rapimgr.exe
Microsoft® Windows® Operating System 3324 C:\WINDOWS\system32\alg.exe
Microsoft® Windows® Operating System 1300 C:\WINDOWS\system32\csrss.exe
Microsoft® Windows® Operating System 1408 C:\WINDOWS\system32\lsass.exe
Microsoft® Windows® Operating System 836 C:\WINDOWS\system32\spoolsv.exe
Microsoft® Windows® Operating System 352 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 1980 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 492 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 1616 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 2016 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 1064 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 1704 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 256 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 2996 C:\WINDOWS\system32\wscntfy.exe
Microsoft® Windows® Operating System 3872 C:\WINDOWS\system32\wuauclt.exe
Modem 1128 C:\WINDOWS\system32\slserv.exe
MouseWare 3276 C:\WINDOWS\LOGI_MWX.EXE
NDAS® Software 480 C:\Program Files\NDAS\System\ndassvc.exe
Nero Home 3496 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
Realtek HD Audio Sound Effect Manager 3080 C:\WINDOWS\RTHDCPL.EXE
RMC Application 3088 C:\WINDOWS\system32\drivers\RMC.exe
Sunbelt Personal Firewall 2844 C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
Sunbelt Personal Firewall 560 C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
Sunbelt Personal Firewall 1072 C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
Synaptics Pointing Device Driver 3072 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Synaptics Pointing Device Driver 3060 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Système d'exploitation Microsoft® Windo 2172 C:\WINDOWS\explorer.exe
Système d'exploitation Microsoft® Windo 1396 C:\WINDOWS\system32\services.exe
Système d'exploitation Microsoft® Windo 1184 C:\WINDOWS\system32\smss.exe
Système d'exploitation Microsoft® Windo 3704 C:\WINDOWS\system32\taskmgr.exe
Système d'exploitation Microsoft® Windo 2168 C:\WINDOWS\system32\wbem\wmiapsrv.exe
Système d'exploitation Microsoft® Windo 1352 C:\WINDOWS\system32\winlogon.exe
Update Detection Module 3236 C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
Vodafone Mobile Connect 916 C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
Windows Defender 1924 C:\Program Files\Windows Defender\MsMpEng.exe
Yahoo! Widgets 3772 C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
Yahoo! Widgets 4040 C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
Yahoo! Widgets 4084 C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe


Activité du réseau
------------------
Processus firefox.exe (3196) connecté sur le port 80 (HTTP) --> 69.63.190.18
Processus firefox.exe (3196) connecté sur le port 80 (HTTP) --> 88.221.197.115
Processus firefox.exe (3196) connecté sur le port 80 (HTTP) --> 209.85.146.113
Processus firefox.exe (3196) connecté sur le port 80 (HTTP) --> 69.63.190.18

Processus SbPFSvc.exe (1072) écoute sur les ports: 44334, 44501
Processus svchost.exe (1704) écoute sur les ports: 135 (RPC)
Processus CLMLService.exe (1772) écoute sur les ports: 62817
Processus SbPFCl.exe (2844) écoute sur les ports: 1031
Processus rapimgr.exe (3684) écoute sur les ports: 990 (FTP over SSL)


Fichiers critiques et Autorun
-----------------------------
Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
Adobe Reader and Acrobat Manager C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
Ahead Software Gmbh NeroCheck C:\WINDOWS\system32\NeroCheck.exe
AntiVir Desktop C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
ATI Desktop Component C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
ATI External Event Utility for NT, W2K C:\WINDOWS\system32\ati2evxx.dll
Cyberlink PowerCinema C:\APPS\Powercinema\PCMService.exe
Google Update C:\Documents and Settings\LEI\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
Google Updater C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
HDRegRem.exe c:\Apps\HDReg\HDRegRem.exe
Java(TM) Platform SE Auto Updater 2 0 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
Kit de connexion neufbox C:\Program Files\SFR\Kit\9props.exe
Kit de connexion neufbox C:\Program Files\SFR\Kit\WiFi\9wifi.exe
Microsoft ActiveSync C:\Program Files\Microsoft ActiveSync\wcescomm.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\HDAShCut.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
MouseWare C:\WINDOWS\LOGI_MWX.EXE
Nero Home C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
QuickTime C:\Program Files\QuickTime\qttask.exe
Realtek HD Audio Sound Effect Manager C:\WINDOWS\RTHDCPL.EXE
RealUpgrade C:\Program Files\Real\RealUpgrade\realupgrade.exe
RMC Application C:\WINDOWS\system32\drivers\RMC.exe
Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\browseui.dll
Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\crypt32.dll
Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\cscdll.dll
Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\logonui.exe
Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\OOBE\oobebaln.exe
Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\sclgntfy.dll
Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\shell32.dll
Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\stobject.dll
Système d'exploitation Microsoft® Windo c:\windows\system32\userinit.exe
Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\wlnotify.dll
TeaTimer.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
Update Detection Module C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
Windows Defender C:\Program Files\Windows Defender\MpCmdRun.exe
Windows Defender c:\program files\windows defender\mpshhook.dll
Windows Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
Yahoo! Widgets C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
新注音 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE


Plugins du navigateur
---------------------
AcroIEHelperShim Library c:\program files\fichiers communs\adobe\acrobat\activex\acroiehelpershim.dll
Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
Aide à la navigation SFR c:\program files\sfr\kit\sfrnaverrorhelper.dll
BitDefender QuickScan C:\Documents and Settings\LEI\Application Data\Mozilla\Firefox\Profiles\vnar10iu.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
BitDefender QuickScan C:\Documents and Settings\LEI\Application Data\Mozilla\Firefox\Profiles\vnar10iu.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
DivX Player Netscape Plugin C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
DivX® Web Player C:\Program Files\DivX\DivX Web Player\npdivx32.dll
ECOM Loader C:\WINDOWS\Downloaded Program Files\ecmldr32.dll
ECOM Server C:\WINDOWS\Downloaded Program Files\ecmsvr32.dll
F-Secure Corporation daas C:\WINDOWS\Downloaded Program Files\daas_s.dll
F-Secure Online Scanner C:\WINDOWS\Downloaded Program Files\fscax.dll
FS bwcli C:\WINDOWS\Downloaded Program Files\fsauc.dll
getPlusPlus for Adobe 16263 C:\Documents and Settings\LEI\Application Data\Mozilla\Firefox\Profiles\vnar10iu.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
getPlusPlus for Adobe 16263 C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
Google Earth Plugin C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
Google Update C:\Documents and Settings\LEI\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
Google Update C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
Google Updater C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
GoogleToolbarNotifier c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
i-drop control C:\WINDOWS\Downloaded Program Files\IDrop.ocx
i-drop control C:\WINDOWS\Downloaded Program Files\IDropENU.dll
i-drop control C:\WINDOWS\Downloaded Program Files\IDropFRA.dll
IE Toolbar c:\program files\aol toolbar\toolbar.dll
InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll
InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe
Java Deployment Toolkit 6.0.220.4 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
Java(TM) Platform SE 6 U22 c:\program files\java\jre6\bin\jp2ssv.dll
Java(TM) Platform SE 6 U22 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
Java(TM) Platform SE 6 U22 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
Messenger C:\Program Files\Messenger\msmsgs.exe
Microsoft® Windows Live OneCare C:\WINDOWS\Downloaded Program Files\wlscBase.dll
Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
NAVAPI C:\WINDOWS\Downloaded Program Files\navapi32.dll
nppdf32.FRA C:\Program Files\Internet Explorer\plugins\nppdf32.FRA
nppdf32.FRA C:\Program Files\Mozilla Firefox\plugins\nppdf32.FRA
npPhotosynthMozilla.dll C:\Program Files\Photosynth\npPhotosynthMozilla.dll
NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
QuickTime Plug-in 7.6.8 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.6.8 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.6.8 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.6.8 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.6.8 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
QuickTime Plug-in 7.6.8 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
QuickTime Plug-in 7.6.8 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
QuickTime Plug-in 7.6.8 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
RealJukebox NS Plugin C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
RealJukebox NS Plugin c:\program files\real\realplayer\Netscape6\nprjplug.dll
RealPlayer Download and Record Plugin c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
RealPlayer Version Plugin C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
RealPlayer Version Plugin c:\program files\real\realplayer\Netscape6\nprpjplug.dll
RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
RealPlayer(tm) G2 LiveConnect-Enabled P c:\program files\real\realplayer\Netscape6\nppl3260.dll
RealPlayer(tm) HTML5VideoShim Plug-In ( C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
sdhelper.dll c:\program files\spybot - search & destroy\sdhelper.dll
Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
Software Manager C:\WINDOWS\Downloaded Program Files\isusweb.dll
Symantec Antivirus Engine C:\WINDOWS\Downloaded Program Files\naveng32.dll
Symantec Antivirus Engine C:\WINDOWS\Downloaded Program Files\navex32a.dll
Symantec Security Check C:\WINDOWS\Downloaded Program Files\avsniff.dll
Symantec Security Check C:\WINDOWS\Downloaded Program Files\rufsi.dll
Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\mswsock.dll
Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\shell32.dll
TODO: <Product name> C:\Documents and Settings\LEI\Application Data\Mozilla\Firefox\Profiles\vnar10iu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
TODO: <Product name> C:\WINDOWS\Downloaded Program Files\avsniffdlgs.dll
Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
Yahoo! activeX Plug-in Bridge C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
Yahoo! Single Instance for Mail c:\program files\yahoo!\companion\installs\cpn\ytsingleinstance.dll
Yahoo! Toolbar c:\program files\yahoo!\companion\installs\cpn\yt.dll


Fichiers manquants
------------------
Fichier non trouvé :
--> HKLM\System\ControlSet001\services\Iomega Activity Disk2\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\2000\FILTNT.SYS
--> HKLM\System\ControlSet001\services\VFILT\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\ADBLOCK.DLL
--> HKLM\System\ControlSet001\services\ADBLOCK.DLL\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\CONTENT.DLL
--> HKLM\System\ControlSet001\services\CONTENT.DLL\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\DNSCACHE.DLL
--> HKLM\System\ControlSet001\services\DNSCACHE.DLL\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\FTPFILT.DLL
--> HKLM\System\ControlSet001\services\FTPFILT.DLL\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\HTMLFILT.DLL
--> HKLM\System\ControlSet001\services\HTMLFILT.DLL\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\HTTPFILT.DLL
--> HKLM\System\ControlSet001\services\HTTPFILT.DLL\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\IMAPFILT.DLL
--> HKLM\System\ControlSet001\services\IMAPFILT.DLL\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\MAILFILT.DLL
--> HKLM\System\ControlSet001\services\MAILFILT.DLL\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\NNTPFILT.DLL
--> HKLM\System\ControlSet001\services\NNTPFILT.DLL\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\POP3FILT.DLL
--> HKLM\System\ControlSet001\services\POP3FILT.DLL\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\PROTECT.DLL
--> HKLM\System\ControlSet001\services\PROTECT.DLL\"ImagePath"

Fichier non trouvé : C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe /service
--> HKLM\System\ControlSet001\services\OutpostFirewall\"ImagePath"

Fichier non trouvé : C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
--> HKLM\System\ControlSet001\services\EraserUtilRebootDrv\"ImagePath"

Fichier non trouvé : C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"E06FXLRD_1303859"

Fichier non trouvé : C:\Program Files\Spyware Terminator\sp_rsser.exe
--> HKLM\System\ControlSet001\services\sp_rssrv\"ImagePath"

Fichier non trouvé : C:\WINDOWS\System32\appmgmts.dll
--> HKLM\System\ControlSet001\services\AppMgmt\Parameters\"ServiceDll"

Fichier non trouvé : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
--> HKLM\System\ControlSet001\services\sp_rsdrv2\"ImagePath"

Fichier non trouvé : System32\Drivers\Pcouffin.sys
--> HKLM\System\ControlSet001\services\Pcouffin\"ImagePath"

Fichier non trouvé : System32\Drivers\gHidPnp.Sys
--> HKLM\System\ControlSet001\services\gHidPnp\"ImagePath"

Fichier non trouvé : system32\DRIVERS\gMouUsb.sys
--> HKLM\System\ControlSet001\services\gMouUsb\"ImagePath"

Fichier non trouvé : system32\drivers\InCDFs.sys
--> HKLM\System\ControlSet001\services\InCDFs\"ImagePath"

Fichier non trouvé : system32\drivers\InCDPass.sys
--> HKLM\System\ControlSet001\services\InCDPass\"ImagePath"

Fichier non trouvé : system32\drivers\InCDRm.sys
--> HKLM\System\ControlSet001\services\InCDRm\"ImagePath"


Analyse
-------


Aucun fichier téléchargé vers le serveur.

Analyse terminée - la communication a duré 3 secondes
Trafic total - 0.08 Mo envoyés, 3.22 Ko reçus
1463 fichiers et modules analysés - 124 seconds

==============================================================================

re,
bien as-tu encore des soucis le rapport semble clean....?

ces derniers temps je n'étais pas trop sur le pc, alors la je l'ai laissé tourné une apres midi avec explorer et firefox d'ouvert, apparement aucune nouvelle fenetre ne s'est ouvet, mais auparavant , ce sont dans les dossier meme de mon bureau que le volet "favoris" s'ouvrait sans raison parfois et se refermait tout seul...exactement le meme souci qu'avec les navigateurs, j'espere que je suis enfin débarrassé de cette saleté , merci en tout cas d'avoir pris le temps de m'aider, c'est tres sympa de votre part

re,
bonne nouvelle, dis-nous si ça recommence...
mais évite Internet explorer pour aller sur le NET

Oui , c'est vrai de toute façon depuis des mois je suis passé a firefox et je ne le regrettte pas , notamment au niveau de la facilité d'utilisation , en tout cas encore merci pour votre aide car tout semble fonctionner normalement maintenant, bonne continuation et merci.

re,
ça me paraît correct:


Procédons au nettoyage des outils installés
===================================
Télécharger OTCleanIt par OldTimer.
-->OTMoveIt3 source download ici

[*]Lance OTCleanIt.exe. (Note: Si vous utilisez Vista, faire un clic droit sur le fichier puis choisir Exécuter en tant qu'administrateur).
[*]Clique sur CleanUp! (dans cette nouvelle version, le programme ne télécharge plus de fichier via Internet, elle est incluse dans l'outil )
NOTE :
[*]Une liste apparait dans la partie gauche d'OTmoveIT.
[*]Un message apparait au centre pour confirmer le nettoyage. Confirme, par Yes.