mayasun

--- 8 août à 20h38 --- bonsoir, je pense avoir un virus ou autre voila mon adresse hotmail a ete piratee j ai fais un scan avec malwarebit negatif avast n ouvre pas certain fichiers ''l archive est protegee par un mot de passe'' j ai essaye ubs fix voila le rapport ############################## | UsbFix V 7.094 | [Recherche] Utilisateur: Martine (Administrateur) # MARTINE-PC Mis à jour le 20/07/2012 par El Desaparecido Lancé à 21:35:10 | 07/08/2012 Site Web: http://eldesaparecido.com Forum: http://forum.eldesaparecido.com Fichier suspect ? : http://eldesaparecido.com/upload.php Contact: [email protected] PC: ASUSTeK Computer Inc. (K54LY) (x64-based PC) # Notebook CPU: Intel® Core i3-2330M CPU @ 2.20GHz (2200) RAM -> [Total : 4072 | Free : 2403] BIOS: BIOS Date: 12/21/11 21:25:43 Ver: 04.06.03 BOOT: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: Avira Desktop [(!) Disabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 238 Go (161 Go libre(s) - 68%) [OS] # NTFS D:\ -> Disque fixe # 333 Go (306 Go libre(s) - 92%) [DATA] # NTFS E:\ -> CD-ROM ################## | Processus Actif | C:\Windows\system32\csrss.exe (460) C:\Windows\system32\wininit.exe (536) C:\Windows\system32\csrss.exe (564) C:\Windows\system32\services.exe (604) C:\Windows\system32\lsass.exe (624) C:\Windows\system32\lsm.exe (632) C:\Windows\system32\winlogon.exe (684) C:\Windows\system32\svchost.exe (768) C:\Windows\system32\svchost.exe (860) C:\Windows\system32\atiesrxx.exe (920) C:\Windows\System32\svchost.exe (992) C:\Windows\System32\svchost.exe (120) C:\Windows\system32\svchost.exe (352) C:\Windows\system32\svchost.exe (552) C:\Windows\system32\svchost.exe (1112) C:\Windows\system32\FBAgent.exe (1208) C:\Windows\system32\WLANExt.exe (1232) C:\Windows\system32\conhost.exe (1256) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (1268) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (1316) C:\Windows\System32\spoolsv.exe (1420) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1464) C:\Windows\system32\svchost.exe (1524) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (1640) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (1712) C:\Windows\system32\svchost.exe (1788) C:\Windows\system32\svchost.exe (1840) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (1904) C:\Windows\system32\atieclxx.exe (2012) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (1664) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (2268) C:\Windows\system32\taskhost.exe (2296) C:\Windows\system32\taskeng.exe (2336) C:\Program Files\P4G\BatteryLife.exe (2404) C:\Windows\system32\Dwm.exe (2436) C:\Windows\system32\taskeng.exe (2468) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (2564) C:\Windows\Explorer.EXE (2596) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (2616) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (2676) C:\Windows\SysWOW64\ACEngSvr.exe (2756) C:\Program Files\Elantech\ETDCtrl.exe (3056) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (3068) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (2064) C:\Program Files\Windows Sidebar\sidebar.exe (2228) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (2236) C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (2384) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (2816) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (2924) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (2864) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (2184) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (2232) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (3076) C:\Windows\AsScrPro.exe (3084) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (3136) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (3208) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (3356) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (3872) C:\Windows\system32\conhost.exe (3884) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (3916) C:\Windows\system32\SearchIndexer.exe (3116) C:\Windows\system32\svchost.exe (2168) C:\Program Files\Windows Media Player\wmpnetwk.exe (4352) C:\Program Files\Elantech\ETDCtrlHelper.exe (4404) C:\Windows\System32\svchost.exe (4588) C:\Windows\system32\DllHost.exe (5112) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (3732) C:\Windows\System32\svchost.exe (3652) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (4916) C:\Windows\system32\svchost.exe (2432) C:\UsbFix\Go.exe (9524) C:\Windows\system32\wbem\wmiprvse.exe (7636) c:\program files\windows defender\MpCmdRun.exe (2040) ################## | Éléments infectieux | ################## | Registre | ################## | Mountpoints2 | ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F | merci de m apporter votre aide, je suis plutot debutante , martine --- 8 août à 20h51 --- j ai aussi ce rapport: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:50:59, on 8/08/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe C:\Users\Martine\Downloads\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=Userinit.exe, O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: CyberLink Product - 2011/10/14 10:07:51 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 23776 bytes merci a vous -édit- Dans cette section, il ne faut pas multiplier les messages dans ton sujet avant d'avoir été pris en charge : au vu de la présence d'une « réponse », les helpers ne s'y intéresseront pas, croyant le problème pris en mains par l'un des leurs. Utilise plutôt le bouton « Modifier » situé en bas à droite de ton premier message… ok pouvez vous m aider j ai peut etre eu tord d envoyer tout ce que j ai fais en fait je n y comprend rien , et toujours plus de messagerie perdu tout mes contacts important PERSONNE n a un avis ? mon pc est il fiable ? --- 9 août à 10h03 --- bonjour, j espere poster au bon androit cette fois , voila j ai l impression d avoir un virus ma boite hotmail a ete piratee plus possible d y acceder malgres les demandes chez micrisoft avast n a pas su scanner des tas de fichiers( erreur proteges par un mot de passe, malwarebites est negatif merci de me conseiller

bonjour, j ai peur d etre infecte ,le probleme vient de ma webcam qui s allume dès que je vais sur mozilla, j ai passe l anti virus rien puis malwarebyte et spybot n on rien detecte, voila comment je peux savoir d ou vient le probleme, merci pour vos conseils Martine

bonjour, depuis quelques jours firefox plante ou met plus de temps pour s ouvrir, j ai fait un nettoyage avec c claener + malwarebyte et spybot , voila le rapport hijackthys merci de m aider y a t il un probleme sur mon pc portable : windows a ete installe depuis peu Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:22:42, on 01/03/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ASUS\Splendid\ACMON.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\ASUS\ATK Media\DMEDIA.EXE C:\Program Files\Wireless Console 2\wcourier.exe C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ACEngSvr.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Apoint2K\Apvfb.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\StkCSrv.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\System32\msiexec.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe" O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe" O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\martine\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296415602405 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1296415945905 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe -- End of file - 7804 bytes cordialement

mon pc se porte bien.. impec , j avais malwarebytes ,je viens de faire un scan , plus rien n apparait et la je n avais plus telecharge de cracks depuis que j ai fais cette betise il y a deja un moment je pensais avoir tout nettoye, mon conjoint qui se sert du pc me certifie n avoir fait que surfer je vais desinstaller antivir( gratuit) et reinstaller nod32 kerio est mieux que zone alarm ?

voila j ai effectue ca qui est indique JavaRa 1.13 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Fri Jan 23 16:45:06 2009 Found and removed: C:\Program Files\Java\jre1.6.0_07 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} ------------------------------------ Finished reporting. je pensais que nod32 etait efficace il a une bonne renommee apparemment je me trompe je viens de renouveler ma licence je suis decue encore merci pour le travail martine

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:44:14, on 22/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe C:\WINDOWS\system32\sistray.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\HP\Digital Imaging\Bin\hpqSTE08.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRAM FILES\A-SQUARED FREE\a2service.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe -- End of file - 7587 bytes

ComboFix 09-01-21.04 - Martine 2009-01-22 20:05:20.5 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.991.622 [GMT 1:00] Lancé depuis: c:\documents and settings\Martine.SALON-2BF2F785D\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Martine.SALON-2BF2F785D\Bureau\CFScript.txt AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) * Un nouveau point de restauration a été créé FILE :: c:\windows\system32\winupgro.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\winupgro.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-22 au 2009-01-22 )))))))))))))))))))))))))))))))))))) . 2009-01-22 08:46 . 2009-01-22 08:46 <REP> d-------- c:\program files\Avira 2009-01-22 08:46 . 2009-01-22 08:46 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Avira 2009-01-21 15:48 . 2009-01-21 18:49 <REP> d--h----- c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers 2009-01-04 15:13 . 2001-08-23 17:04 12,288 --a------ c:\windows\system32\drivers\mouhid.sys 2009-01-04 15:13 . 2001-08-23 17:04 12,288 --a--c--- c:\windows\system32\dllcache\mouhid.sys 2009-01-04 15:13 . 2008-04-13 19:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys 2009-01-04 15:13 . 2008-04-13 19:45 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys 2009-01-03 11:21 . 2009-01-03 11:21 <REP> d-------- c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\dvdcss . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-21 16:18 --------- d-----w c:\program files\ESET 2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys 2008-12-05 14:42 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2008-12-03 18:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-03 18:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2008-12-03 12:59 --------- d-----w c:\program files\Java 2008-11-10 04:43 410,984 ----a-w c:\windows\system32\deploytk.dll 2008-10-30 15:50 339,968 ----a-w c:\windows\system32\pythoncom25.dll 2008-10-30 15:50 2,117,632 ----a-w c:\windows\system32\python25.dll 2008-10-30 15:50 114,688 ----a-w c:\windows\system32\pywintypes25.dll 2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx0c.dll 2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx07.dll 2008-10-28 22:35 815,104 ----a-w c:\windows\system32\divx_xx0a.dll 2008-10-28 22:35 802,816 ----a-w c:\windows\system32\divx_xx11.dll 2008-10-28 22:35 684,032 ----a-w c:\windows\system32\DivX.dll 2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll 2004-07-22 08:51 3,432,656 ----a-w c:\program files\ManagedDX.CAB 2004-07-19 20:58 1,156,363 ----a-w c:\program files\BDANT.cab 2004-07-19 20:53 976,020 ----a-w c:\program files\BDAXP.cab 2004-07-09 12:17 13,265,040 ----a-w c:\program files\dxnt.cab 2004-07-09 07:13 703,080 ----a-w c:\program files\BDA.cab 2004-07-09 07:13 15,493,481 ----a-w c:\program files\DirectX.cab 2004-07-09 02:08 472,576 ----a-w c:\program files\dxsetup.exe 2004-07-09 02:08 2,242,560 ----a-w c:\program files\dsetup32.dll 2004-07-09 01:03 62,976 ----a-w c:\program files\DSETUP.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912] "Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016] "IntelliType"="c:\program files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 94208] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "Share-to-Web Namespace Daemon"="c:\program files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "SiSPower"="SiSPower.dll" [2007-04-10 c:\windows\system32\SiSPower.dll] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 73728] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472] Utility Tray.lnk - c:\windows\system32\sistray.exe [2008-10-25 262144] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "f:\\eMule\\emule.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= R4 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016] . Contenu du dossier 'Tâches planifiées' 2008-11-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://fr.yahoo.com/ uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-22 20:05:59 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Heure de fin: 2009-01-22 20:07:06 ComboFix-quarantined-files.txt 2009-01-22 19:07:04 ComboFix2.txt 2009-01-22 16:29:02 ComboFix3.txt 2009-01-22 08:49:25 Avant-CF: 34.794.860.544 octets libres Après-CF: 34,801,180,672 octets libres 121 --- E O F --- 2009-01-14 17:03:43

ok merci , ComboFix 09-01-21.04 - Martine 2009-01-22 17:26:17.4 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.991.638 [GMT 1:00] Lancé depuis: c:\documents and settings\Martine.SALON-2BF2F785D\Bureau\ComboFix.exe AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) * Un nouveau point de restauration a été créé . ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-22 au 2009-01-22 )))))))))))))))))))))))))))))))))))) . 2009-01-22 08:46 . 2009-01-22 08:46 <REP> d-------- c:\program files\Avira 2009-01-22 08:46 . 2009-01-22 08:46 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Avira 2009-01-21 17:22 . 2009-01-21 17:22 3,588 --------- c:\windows\system32\winupgro.exe 2009-01-21 15:48 . 2009-01-21 18:49 <REP> d--h----- c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers 2009-01-04 15:13 . 2001-08-23 17:04 12,288 --a------ c:\windows\system32\drivers\mouhid.sys 2009-01-04 15:13 . 2001-08-23 17:04 12,288 --a--c--- c:\windows\system32\dllcache\mouhid.sys 2009-01-04 15:13 . 2008-04-13 19:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys 2009-01-04 15:13 . 2008-04-13 19:45 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys 2009-01-03 11:21 . 2009-01-03 11:21 <REP> d-------- c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\dvdcss . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-21 16:18 --------- d-----w c:\program files\ESET 2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys 2008-12-05 14:42 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2008-12-03 18:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-03 18:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2008-12-03 12:59 --------- d-----w c:\program files\Java 2008-11-10 04:43 410,984 ----a-w c:\windows\system32\deploytk.dll 2008-10-30 15:50 339,968 ----a-w c:\windows\system32\pythoncom25.dll 2008-10-30 15:50 2,117,632 ----a-w c:\windows\system32\python25.dll 2008-10-30 15:50 114,688 ----a-w c:\windows\system32\pywintypes25.dll 2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx0c.dll 2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx07.dll 2008-10-28 22:35 815,104 ----a-w c:\windows\system32\divx_xx0a.dll 2008-10-28 22:35 802,816 ----a-w c:\windows\system32\divx_xx11.dll 2008-10-28 22:35 684,032 ----a-w c:\windows\system32\DivX.dll 2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll 2004-07-22 08:51 3,432,656 ----a-w c:\program files\ManagedDX.CAB 2004-07-19 20:58 1,156,363 ----a-w c:\program files\BDANT.cab 2004-07-19 20:53 976,020 ----a-w c:\program files\BDAXP.cab 2004-07-09 12:17 13,265,040 ----a-w c:\program files\dxnt.cab 2004-07-09 07:13 703,080 ----a-w c:\program files\BDA.cab 2004-07-09 07:13 15,493,481 ----a-w c:\program files\DirectX.cab 2004-07-09 02:08 472,576 ----a-w c:\program files\dxsetup.exe 2004-07-09 02:08 2,242,560 ----a-w c:\program files\dsetup32.dll 2004-07-09 01:03 62,976 ----a-w c:\program files\DSETUP.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912] "Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016] "IntelliType"="c:\program files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 94208] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "Share-to-Web Namespace Daemon"="c:\program files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "SiSPower"="SiSPower.dll" [2007-04-10 c:\windows\system32\SiSPower.dll] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 73728] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472] Utility Tray.lnk - c:\windows\system32\sistray.exe [2008-10-25 262144] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "f:\\eMule\\emule.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= R4 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016] . Contenu du dossier 'Tâches planifiées' 2008-11-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://fr.yahoo.com/ uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-22 17:27:49 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Heure de fin: 2009-01-22 17:29:01 ComboFix-quarantined-files.txt 2009-01-22 16:28:59 ComboFix2.txt 2009-01-22 08:49:25 Avant-CF: 34.840.920.064 octets libres Après-CF: 34,841,350,144 octets libres 114 --- E O F --- 2009-01-14 17:03:43

il y a une fenetre combofix ne trouve pas 32788r22fw5fw\nircmd je n ai pourtant plus telecharge de crakcs depuis que j ai ete infecte il y a quelques mois, je me demande comment bagle est revenu

bonsoir, je viens de faire ce qui est indique il y a un probleme ,conbofix m indique qu il y a une nouvelle version et puis j ai un son '''' tiiiiipp , il est renomme' badabom' ca n est pas la cause ?

ComboFix 09-01-20.05 - Martine 2009-01-21 18:47:53.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.991.716 [GMT 1:00] Lancé depuis: c:\documents and settings\Martine.SALON-2BF2F785D\Bureau\badabom.exe * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\113109.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\113265.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\120343.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\121765.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\121796.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\130687.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\132125.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\132421.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\137312.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\137687.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\137703.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\139531.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\140093.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\140515.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\140531.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\140796.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\142500.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\143015.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\145062.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\146031.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\148984.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\150250.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\150312.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\151093.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\151953.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\152500.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\152875.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\153890.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\155109.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\155468.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\156109.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\156640.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\156843.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\157250.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\157406.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\157500.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\159703.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\160265.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\160281.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\168609.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\169546.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\169906.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\170578.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\171421.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\172140.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\176984.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\177937.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\178421.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\182687.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\183328.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\183359.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\183640.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\188671.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\188718.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\189359.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\189390.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\189828.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\192875.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\193625.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\196671.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\198281.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\198750.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\199421.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\199890.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\199968.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\200328.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\200390.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\201343.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\206750.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\209546.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\209578.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\213859.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\217593.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\218062.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\218328.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\232453.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\232921.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\232968.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\233265.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\236265.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\236843.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\243031.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\243656.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\244562.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\245234.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\246218.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\246765.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\247125.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\248359.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\251703.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\253109.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\253625.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\253875.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\259718.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\260093.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\260515.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\263328.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\263687.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\263718.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\264125.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\264234.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\264296.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\289078.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\289421.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\297171.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\297984.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\301156.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\301328.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\301359.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\321343.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\323562.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\324203.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\324546.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\326937.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\355578.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\356734.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\356906.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\36578.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\39187.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\39468.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\39531.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\41484.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\42250.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\42390.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\42484.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\44203.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\44484.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\44796.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\45031.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\45312.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\47500.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\47515.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\49703.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\50750.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\51078.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\53640.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\54109.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\54609.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\55187.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\55468.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\55500.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\55765.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\55984.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\58875.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\58921.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\59671.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\59937.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\60296.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\60765.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\63531.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\63578.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\63812.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64343.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64375.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64640.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64671.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64687.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64953.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\68671.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\69546.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\69687.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\69843.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\74187.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\74937.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\75843.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\78750.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\81187.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\82453.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\89203.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\91984.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\92703.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\srosa2.sys c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\wfsintwq.sys c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\winupgro.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\data.oct c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\flec006.exe c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\list.oct c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\.0.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\[keygen].avg.anti-virus.professional.7.0..key.generator.(check.&.rebulid.10.04.2005).zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\98.9 The Bear Listener 1.5.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\A Really Small App 2.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\A.I. Engine 2.1.1.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\ACM Converter ActiveX 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Adobe Acrobat 3D 8.1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Agree Free MP3 to AMR Converter 4.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\akaDylan Collage 1.00.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Alert's icons pack 4.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\AMPHIOTIK ENHANCER ST [Winamp] 2.01.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Antique Collector 1.15.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\AntiVirus Tester 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Audio Transcoder 1.4.1.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Avast!.Antivirus.Profesional.Edition.Licencia.Spanish.By.Ekio.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Avira UnErase Personal 1.4.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\BG.-.Toni.Storaro.(2005).-.Teb.obicham.(by.PANDA_1960).zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Book Writer 5.10.1.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\BX 4.5.117.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Cas 2.20.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Charon.Communications for .NET and .NET Compact Framework 1.1.3.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Chromas 2.33.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Cool Stiky! 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\CustomizeGoogle 0.76.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\CyoGenerator 1.0.0 Beta.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Daily SweetIM.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\DEGMA Audio Handler 0.5.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Dicm PACS Client 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\DTM SQL editor 2.02.97.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\E-Mail Sender 1.23.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Easy Credit Card Checker 1.2.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Easy MP3 Splitter 1.05.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\EZgrades 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Fix-Aula 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\FoxPro2MySQL Sync 1.2.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\G3 Player Simple 1.0.33.32.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Girlsense Radio Player 1.1.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Google All-In-One 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Happy Browser 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\HeldUp 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\HPS Date Reminder 3.0.4.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Hylafx.DLL 1.3.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\HyperPublish 2008.25.250.352.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\ICQ Watcher 1.3.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Ideaspad 1.1.9.5.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\ImagePrinter 1.4.8.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\InVideo Studio 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Javascript Glide Navigation 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\JB Ptime 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Joyfax Server 2.7.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\JumpKeys Pro 1.21.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Kansas City Toolbar 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Kaspersky.AntiSpam.key.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Kirby's Pink Dream 1.3.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Koma-Connect 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Law Practice Management Profit Secrets 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\LiveMark Family 1.7.2.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\McAfee Internet Security Suite 2005 Version 7.0_Crack.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Mcafee.Internet.Security.Suite.2006.Real.Patch.Update.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\McAfee.Virus.Scan.10.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Memory Status Widget 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MEMOTXT Scheduler 1.1.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MetaTraffic 2.24.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MidWavi Pro 2.99.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MousetrapCar 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MP3 Audio from Video tool 3.30.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MP3Cutter 4.0 Build 534 Beta.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MS Word Duplicate Data Remove Software 7.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Mucha Art Nouveau 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Nidesoft iPhone Video Converter 2.3.08.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\NOD32.v.2.70.16.Final.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Ocean Life 2 Screensaver.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\PasswordCreator 1.9.0.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\PeonySoft Video to Flash Converter 2.0.1.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\pgEdit 1.4.1.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Phonotics Deal Watcher 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Phorest 1.0.3.2.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\PictoWin 2.0.1c.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Plasmaplugs Progress Bar 2.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Portable MSD Organizer Freeware 9.10.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\ProCalc 2.0.3.4.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\PS3 Media Center X 0.92.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Pumpkin Shoot Game Demo Screensaver 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Radyo Eksen 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\RAM Idle Standard v5.0 Beta.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\RealOne Player Mobile v3.0 Symbian Nokia.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\RetailRoadshow 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\RM to WMA Converter 1.00.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\ROMAN MONOGRAMS SOLID BAR 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SaxLab 2.0.3.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Servlet.Vote 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SightReader for Guitar 1.1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Simple Failover 1.21.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SmartNetSoft Smart Popup Blocker 1.01.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Softek Barcode Maker for WIndows 1.1.1.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SoftSearch Toolbar 1.2 Ad-Killer Ed..zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Sonic DLA 4.98.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SPX Graphic Editor 3.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Star Wars Screensaver 3.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\starQuiz NetClient 3.6.10.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\StripMDL 4.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Summer Beauty Screensaver 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SuperCool Window Washer 1.09.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Symantec.BAckup.Exec.System.Recoverry.BESystemRecovery65AllWinEnglishEval.z ip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SyncOnDemand 2.7.0.2.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Threaded Ping Component and Trace Route Demo 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Tomtom Mobile 2005 Pda Ipaq.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Trade Calculator 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Trellian eComm PRO 2.08.002.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Update Checker Opera Widget 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Update Facebook Status 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Veox Projekt Standard 5.62.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Viking Reminder 1.1.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Vista Clock RF 2.1.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Visual Schema 1.0.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\VoiceTweaker VST 4.1.0.2.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Vulture Screensaver 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\WebTime 2000 3.8.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\WebTransporter 3.42.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Whizlabs Cisco CCNA Exam (640-801) Simulator 5.2.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Wild Garlic Flowers Screensaver 1.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Windows Live Admin Center SDK 4.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\WinSkan 1.10.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\XUpload Pro 2.6.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Yale toolbar for IE 4.5.131.0.zip c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\srvlist.oct c:\program files\Messenger\msmsgs.exe c:\windows\system32\a.bat c:\windows\system32\ban_list.txt . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SROSA -------\Legacy_SROSA -------\Legacy_BOONTY_GAMES -------\Service_Boonty Games ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-21 au 2009-01-21 )))))))))))))))))))))))))))))))))))) . 2009-01-21 17:22 . 2009-01-21 17:22 3,588 --------- c:\windows\system32\winupgro.exe 2009-01-21 15:48 . 2009-01-21 18:49 <REP> d--h----- c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers 2009-01-04 15:13 . 2001-08-23 17:04 12,288 --a------ c:\windows\system32\drivers\mouhid.sys 2009-01-04 15:13 . 2001-08-23 17:04 12,288 --a--c--- c:\windows\system32\dllcache\mouhid.sys 2009-01-04 15:13 . 2008-04-13 19:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys 2009-01-04 15:13 . 2008-04-13 19:45 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys 2009-01-03 11:21 . 2009-01-03 11:21 <REP> d-------- c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\dvdcss . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-21 16:18 --------- d-----w c:\program files\ESET 2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys 2008-12-05 14:42 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2008-12-03 18:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-03 18:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2008-12-03 12:59 --------- d-----w c:\program files\Java 2004-07-22 08:51 3,432,656 ----a-w c:\program files\ManagedDX.CAB 2004-07-19 20:58 1,156,363 ----a-w c:\program files\BDANT.cab 2004-07-19 20:53 976,020 ----a-w c:\program files\BDAXP.cab 2004-07-09 12:17 13,265,040 ----a-w c:\program files\dxnt.cab 2004-07-09 07:13 703,080 ----a-w c:\program files\BDA.cab 2004-07-09 07:13 15,493,481 ----a-w c:\program files\DirectX.cab 2004-07-09 02:08 472,576 ----a-w c:\program files\dxsetup.exe 2004-07-09 02:08 2,242,560 ----a-w c:\program files\dsetup32.dll 2004-07-09 01:03 62,976 ----a-w c:\program files\DSETUP.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912] "Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016] "IntelliType"="c:\program files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 94208] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "Share-to-Web Namespace Daemon"="c:\program files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600] "SiSPower"="SiSPower.dll" [2007-04-10 c:\windows\system32\SiSPower.dll] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 73728] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472] Utility Tray.lnk - c:\windows\system32\sistray.exe [2008-10-25 262144] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "f:\\eMule\\emule.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= R4 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016] . Contenu du dossier 'Tâches planifiées' 2008-11-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-MSMSGS - c:\program files\Messenger\msmsgs.exe HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://fr.yahoo.com/ uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-21 18:51:58 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . ------------------------ Autres processus actifs ------------------------ . c:\program files\HP\HP Share-to-Web\hpgs2wnf.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Microsoft LifeCam\MSCamS32.exe c:\windows\system32\HPZipm12.exe c:\program files\HP\Digital Imaging\bin\hpqimzone.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\program files\Canon\CAL\CALMAIN.exe c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\HP\Digital Imaging\bin\hpqste08.exe . ************************************************************************** . Heure de fin: 2009-01-21 19:00:27 - La machine a redémarré ComboFix-quarantined-files.txt 2009-01-21 18:00:25 Avant-CF: 34,188,472,320 octets libres Après-CF: 34,332,356,608 octets libres 434 --- E O F --- 2009-01-14 17:03:43

merci , voila j ai suivi la procedure confofix a scanne le pc (detection ''rootkit'' ?) mon pc va deja mieux,

bonsoir, je pense etre infectee mon anti virus nod32 est hors fonction , et le pc fonctionne mal , j ai essaye malwarebite mais le nettoyage n a pas ete realise completement j ai telecharge hijacckits et antivir mais mon pc refuse de demarrer en mode sans echec je suis vraiment bloquee je ne sais pas installer hijackits message'' n est pas une application win 32 valide'', que faire, merci pour vos conseils martine

un grand merci pear ,ca marche explorer 7 installe avec succes apres installation de secedit.exe et un fichier resetIE.bat bonne journee maya

bonjour, j ai reinstalle windows xp home suite a ecran bleu,'( sur un portable hp ) toutes les mises a jours sont installees, et le service pack 3 activation de windows sans probleme, sauf echec de l installation de l explorer 7, j ai releve l erreur 0X13 ou erreur 0X11 ou 0X3F5 a chaque tentative d intallation le n° de l erreur change, j ai regarde sur microsoft update je ne trouve pas le probleme merci de me conseiller