Alex36

le problème c'est que mon père a lancer une autre recherche de son coté !! :s (là j'ay suis pour rien a mons avis ce sont des gars du fofo volcreol qui lui ont dit de faire ça ) il a mis a analyser avec bitdefender pour le moment il a trouvé : C :doc etc , Bit2.exe Trojan . 32 {other} effectivement baggle mais pour le moment ça scan tout , l'ordi est immobilisé ! >> je vais tacher de m'enparer du rapport et le poster

ce n'est pas un bagle , car les symptomes , sont a priori (pour un bagle ) le suivants non ? - plus de parfeu -centre de securité desact. -plus de son -plus de connexion internet -plus d'acces mode MSE - plus D'antivirus OR , il n'y a aucun de ces symptomes cités au dessus , j'en deduis donc que ce n'est pas un bagle ( amoins que je me trompes ) de plus une amie qui connait tres bien l'ordi en question , a fait diverses maintenances pour récuperer les données, reinstaller windows (il y a 2 ans de ça ) et il c'est averé que le disque dur a fait plusieurs pannes , passage en raw injustifié (pas de virus ) , des Chk dsk qui n'aboutissaient jamais , windows qui s'éteignait jamais bref elle ma dit que combofix allait "achever" le DD et qu'il fallait rien lancer tant que les backups était pas faites ! - est-ce vrai ? n'y a t-il pas de solution alternative ??

un peu d'aide svp c'est génant tout de même , j'ai exactenent le même problème qui ce membre : §

bonjour , je tien a preciser que ce n'est pas mon PC (de toutes façon vous le verrez bien dans le raport hijackthis ) donc , ce pc , qui' n'est pas tout récent , seul mon père s'en sert , a été infecté , par je ne sais quel malware , (je ne m'en sert jamais , il n'y a pas logiciel de P2P ! * impossible d'installer Mbam , ou même de le lancer ( je l'avais installé puis désinstrallé ) * impossible de ancer spybot S&D *impossible de navuguer sur le net sans avoir des sites qui s'ouvrent : par exemple , je suis sur google , et là on tape zebulon , je clique sur le lien , et sa fait une redirection d'adresse du style : go .google .com EDIT apparament , sa le fait de façon aléatoire , car je vien de retestré et sa ne le fais plus !! je comprends rien , mais toujours cette impossibilité d'ibnstaller nimporte quel logiciel de maintenance ci joint le rapport hijack this (bien maigre a mno gout ) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:16:26, on 10/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE C:\Program Files\D-Tools\daemon.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe H:\_Programmes_\HiJackThis.exe -- End of file - 1338 bytes sa c'est pdt que le malware fesait son effet , et là c'est pdt que le malware n'agissait plus , enfin bref , sa le fait de façon aleatoire Donc VOICI LE NOUVEAU rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:27:07, on 10/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE C:\Program Files\D-Tools\daemon.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE H:\_Programmes_\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series sur ORDI_BAS (à partir de ORDI_ALEX)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P63 "EPSON Stylus DX4800 Series sur ORDI_BAS (à partir de ORDI_ALEX)" /O5 "TS001" /M "Stylus DX4800" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 5777 bytes

oki ^^

ok, hum c'etait pour "animer" le fofo et voir si les gens preferaient entre PC fixe ou portable

up

même si Alexandre le grand ne connaissait pas ton nom tu existes quand même aujourd'hui, n'est il pas ? >oui ^^ effectivement là sa indique bien tout ça ! Property Value Manufacturer ASRock Model AM2NF3-VSTA North Bridge NVIDIA nForce3 250 Revision A1 South Bridge NVIDIA nForce3 MCP Revision A1 CPU AMD Athlon 64 X2 Dual Core Processor 5600+ Cpu Socket Socket AM2 (940) System Slots 5 PCI, 1 AGP Memory Summary Maximum Capacity 8192 MBytes Maximum Memory Module Size 2048 MBytes Memory Slots 4 Error Correction None Warning! Accuracy of DMI data cannot be guaranteed Property Value Number of CPU(s) One Physical Processor / 2 Cores / 2 Logical Processors / 64 bits Vendor AuthenticAMD CPU Name AMD Athlon 64 X2 5600+ CPU Code Name Brisbane Platform Name Socket AM2 (940) CPU Full Name AMD Athlon 64 X2 Dual Core Processor 5600+ Revision BH-G2 Technology 65 nm Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, x86-64, NX, VMX Original Clock 2900 MHz Original System Clock 200 MHz Original Multiplier 14.5 CPU Clock 2914 MHz System Clock 201.0 MHz FSB 803.9 MHz L1 Data Cache 2 x 64 KBytes L1 Instructions Cache 2 x 64 KBytes L2 Cache 2 x 512 KBytes << là c'est bon pour everest j'ai la v 2.20 gratuite

salut a tous , je vien de remarquer ça il n'y a pas très longtemps , je viens de changer mon proc . j'ai un amd athlon 5600+ 64 x 2 et dans everst sa me dit Amd processor model unknow ! parcontre le CPUID reconnais bien que c'est un admathlon 64 X2 , enfin ya le nom quoi ! et pire encore , ma carte mère n'a pas de nom ! pourtant j'ai tout acheté neuf , (et c'est pas tombé du camion ) sa va faire un an que c'est comme çà , mais je n'y ais jamais fait attention plus que ça j'ai mis a jour mon bios ma Cm est un am2nf3-vsta de chez Asrock rapport everst : Propriétés de la carte mère : Identifiant de la carte mère 63-273-0000010-00101111-121708-nVidia$M2N3V273_AM2NF3-VSTA BIOS P2.80 Nom de la carte mère Inconnu < c'est pas normal Propriétés du processeur Type de processeur Unknown, 2900 MHz Jeu d'instructions x86, x86-64, MMX, 3DNow!, SSE, SSE2, SSE3 Cache de code de niveau 1 64 Ko Cache de données de niveau 1 64 Ko Cache de niveau 2 512 Ko (Asynchronous)<< en plus il ya une erreur il est ecrit sur la boite 1mo total cache L2 Multi CPU CPU #0 AMD Athlon 64 X2 Dual Core Processor 5600+, 2914 MHz CPU #1 AMD Athlon 64 X2 Dual Core Processor 5600+, 2914 MHz Utilisation du processeur CPU #1 / Coeur #1 0 % CPU #1 / Coeur #2 3 % comment c'est possible ??

merci , j'avais aussi chercher sur google mais je n'avais pas trouvé ce que je cherchait !

bonjour , j'aurais voulu savoir quelle était la différence entre un processeur "core brisbane" et un "core windsor" car sur les sites de vente , il y a marqué core brisbane , dans la gamme amd . quel est le plus puissant ?

Voilà, je voulais souhaiter une bonne et merveilleuse année 2009 à tous les Zébuloniens ! :P :P :P :P :P :P

oui c'est bon , merci d'avoir pris quelques minutes ^^ sur mon post

Supression fichiers ... OK ComboFix 08-12-28.04 - Alexandre 2008-12-29 19:48:07.5 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.3071.2560 [GMT 1:00] Lancé depuis: c:\documents and settings\Alexandre\Bureau\alex36.exe Commutateurs utilisés :: c:\documents and settings\Alexandre\Bureau\CFScript.txt * Un nouveau point de restauration a été créé FILE :: c:\windows\meta4.exe c:\windows\system32\x.264.exe c:\windows\x2.64.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\meta4.exe c:\windows\system32\x.264.exe c:\windows\x2.64.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-28 au 2008-12-29 )))))))))))))))))))))))))))))))))))) . 2008-12-29 16:47 . 2008-12-29 16:47 <REP> d-------- C:\_OTMoveIt 2008-12-29 14:32 . 2008-12-29 14:32 173,351 --a------ C:\Test Soul Power.mp3 2008-12-29 13:57 . 2008-12-29 13:57 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Publish Providers 2008-12-29 11:08 . 2008-12-29 11:08 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Kana Solution 2008-12-28 16:38 . 2008-12-28 16:39 <REP> d-------- C:\Dev-Cpp 2008-12-27 18:43 . 2008-12-27 18:43 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Red Kawa 2008-12-27 13:23 . 2008-12-27 13:23 579,584 --a--c--- c:\windows\system32\dllcache\user32.dll 2008-12-27 13:22 . 2008-12-27 13:22 <REP> d-------- c:\windows\ERUNT 2008-12-27 12:27 . 2008-12-27 12:27 <REP> d-------- c:\program files\UpdateIcons 2008-12-27 10:44 . 2008-12-27 10:44 250 --a------ c:\windows\gmer.ini 2008-12-27 09:16 . 2008-12-27 09:16 22 --a------ c:\windows\system32\ati64hlp.stb 2008-12-27 01:17 . 2008-12-27 01:18 <REP> d-------- c:\documents and settings\Alexandre\Application Data\ArcSoft 2008-12-26 19:46 . 2008-12-26 19:46 <REP> d-------- c:\program files\ATI Technologies 2008-12-26 19:46 . 2004-08-25 12:52 516,096 --------- c:\windows\system32\ati2sgag.exe 2008-12-26 19:44 . 2004-08-25 07:40 294,912 -ra------ c:\windows\system32\atiiiexx.dll 2008-12-26 19:44 . 2004-08-25 07:22 151,552 -ra------ c:\windows\system32\ATIDEMGR.dll 2008-12-26 17:53 . 2008-12-26 17:53 <REP> d-------- c:\documents and settings\Alexandre\Application Data\vlc 2008-12-26 17:51 . 2008-12-26 17:51 <REP> d-------- c:\program files\VideoLAN 2008-12-26 17:38 . 2008-04-14 03:33 159,232 --a------ c:\windows\system32\ptpusd.dll 2008-12-26 17:38 . 2008-04-13 19:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys 2008-12-26 17:38 . 2008-04-13 19:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys 2008-12-26 17:38 . 2001-08-23 17:47 5,632 --a------ c:\windows\system32\ptpusb.dll 2008-12-26 13:43 . 2008-12-26 13:43 <REP> d-------- c:\program files\Fichiers communs\ArcSoft 2008-12-26 13:43 . 2005-04-27 16:36 245,408 --a------ c:\windows\system32\unicows.dll 2008-12-26 13:43 . 2007-03-07 16:05 126,976 --a------ c:\windows\system32\MediaImpression Slideshow.scr 2008-12-26 13:43 . 2005-02-23 14:58 11,776 --a------ c:\windows\system32\drivers\afc.sys 2008-12-26 13:43 . 2008-12-26 13:43 26 --a------ C:\UpdaterforApp.ini 2008-12-26 13:42 . 2008-12-26 13:43 <REP> d-------- c:\windows\system32\MediaImpression Slideshow 2008-12-26 13:42 . 2008-12-26 13:42 <REP> d-------- c:\program files\ArcSoft 2008-12-26 13:33 . 2008-12-26 16:18 <REP> d-------- c:\documents and settings\Alexandre\Application Data\ATI 2008-12-24 18:08 . 2008-12-24 18:08 <REP> d-------- c:\program files\Fichiers communs\AVSMedia 2008-12-24 12:30 . 2008-12-24 12:30 <REP> d-------- C:\OpenCandy 2008-12-24 12:15 . 2008-12-28 19:58 <REP> d-------- c:\program files\AviSynth 2.5 2008-12-24 12:15 . 2004-01-25 00:00 70,656 --a------ c:\windows\system32\yv12vfw.dll 2008-12-24 12:15 . 2004-01-25 00:00 70,656 --a------ c:\windows\system32\i420vfw.dll 2008-12-24 12:15 . 2006-04-05 08:09 66,560 --a------ c:\windows\MOTA113.exe 2008-12-24 12:15 . 2005-07-14 12:31 27,648 --a------ c:\windows\system32\AVSredirect.dll 2008-12-24 12:14 . 2008-12-24 12:14 <REP> d-------- c:\program files\eRightSoft 2008-12-24 00:39 . 2008-12-24 00:39 <REP> d-------- c:\program files\IVCsoft 2008-12-23 23:52 . 2008-12-23 23:52 <REP> d-------- c:\windows\system32\QuickTime 2008-12-23 23:52 . 2008-12-23 23:52 <REP> d-------- c:\documents and settings\All Users\Application Data\TechSmith 2008-12-23 23:52 . 2007-08-27 10:53 107,864 --a------ c:\windows\system32\tsccvid.dll 2008-12-23 23:51 . 2008-12-23 23:51 <REP> d-------- c:\program files\Fichiers communs\TechSmith Shared 2008-12-23 22:12 . 2008-12-23 22:12 <REP> d-------- c:\program files\iPod 2008-12-23 22:12 . 2008-12-23 22:12 <REP> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-12-23 22:12 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll 2008-12-23 22:12 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys 2008-12-23 22:10 . 2008-12-23 22:10 <REP> d-------- c:\program files\Apple Software Update 2008-12-23 22:10 . 2008-11-07 14:23 32,000 --a------ c:\windows\system32\drivers\usbaapl.sys 2008-12-23 22:09 . 2008-12-23 22:12 <REP> d-------- c:\program files\Fichiers communs\Apple 2008-12-23 22:09 . 2008-12-23 22:09 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple 2008-12-23 15:19 . 2008-04-14 03:33 21,504 --a------ c:\windows\system32\hidserv.dll 2008-12-23 15:19 . 2008-04-14 03:33 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll 2008-12-22 17:13 . 2008-12-22 17:13 <REP> d-------- c:\program files\The Foundry 2008-12-22 15:20 . 2008-12-22 15:20 <REP> d-------- c:\windows\Sun 2008-12-22 15:16 . 2008-12-22 15:16 <REP> d-------- c:\windows\system32\fr 2008-12-22 15:16 . 2008-12-22 15:16 <REP> d-------- c:\windows\system32\bits 2008-12-22 15:16 . 2008-12-22 15:16 <REP> d-------- c:\windows\l2schemas 2008-12-22 15:14 . 2008-12-22 15:16 <REP> d-------- c:\windows\ServicePackFiles 2008-12-22 10:14 . 2008-12-22 10:14 <REP> d-------- c:\program files\Avira 2008-12-22 10:14 . 2008-12-22 10:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2008-12-21 21:27 . 2008-12-22 10:02 <REP> d-------- c:\program files\trend micro 2008-12-21 20:10 . 2008-12-21 20:10 <REP> d-------- c:\program files\PDF2Image v2.0 2008-12-21 19:41 . 2008-12-21 19:41 <REP> d-------- c:\documents and settings\Alexandre\Application Data\fltk.org 2008-12-21 19:37 . 2008-12-22 08:54 <REP> d--h----- c:\documents and settings\Alexandre\Application Data\drivers 2008-12-21 19:32 . 2008-12-22 10:23 1,024 --a------ c:\windows\system32\PDF2IMG.dat 2008-12-21 19:27 . 2008-12-21 19:27 <REP> d-------- c:\program files\PDFCreator 2008-12-21 19:27 . 2004-03-09 01:00 662,288 --a------ c:\windows\system32\MSCOMCT2.OCX 2008-12-21 19:27 . 1998-07-13 02:08 141,312 --a------ c:\windows\system32\MSCMCFR.DLL 2008-12-21 19:27 . 1998-06-24 01:00 137,000 --a------ c:\windows\system32\MSMAPI32.OCX 2008-12-21 19:27 . 2001-10-28 17:42 116,224 --a------ c:\windows\system32\pdfcmnnt.dll 2008-12-21 19:27 . 1998-07-13 02:08 59,904 --a------ c:\windows\system32\MSCC2FR.DLL 2008-12-21 19:27 . 1998-07-06 01:00 23,552 --a------ c:\windows\system32\MSMPIDE.DLL 2008-12-21 19:10 . 2008-12-21 19:10 <REP> d-------- c:\documents and settings\Alexandre\Application Data\AdobeUM 2008-12-21 16:01 . 2008-12-21 16:01 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Malwarebytes 2008-12-21 16:00 . 2008-12-18 18:28 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau 2008-12-21 16:00 . 2008-12-18 18:28 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression 2008-12-21 16:00 . 2008-12-18 17:53 <REP> d--h----- c:\documents and settings\Administrateur\Modèles 2008-12-21 16:00 . 2008-12-18 18:28 <REP> d-------- c:\documents and settings\Administrateur\Mes documents 2008-12-21 16:00 . 2008-12-18 18:28 <REP> dr------- c:\documents and settings\Administrateur\Menu Démarrer 2008-12-21 16:00 . 2008-12-18 18:28 <REP> d-------- c:\documents and settings\Administrateur\Favoris 2008-12-21 16:00 . 2008-12-27 13:23 <REP> d-------- c:\documents and settings\Administrateur\Bureau 2008-12-21 16:00 . 2008-12-21 16:00 <REP> d-------- c:\documents and settings\Administrateur 2008-12-21 14:45 . 2008-12-21 14:45 0 --a------ c:\windows\system32\megastore.ini 2008-12-21 14:43 . 2008-12-21 14:43 <REP> d-------- c:\windows\system32\JVeffect 2008-12-21 14:43 . 2008-12-21 14:43 <REP> d-------- c:\program files\MegaWorld 2008-12-21 14:43 . 2008-04-14 03:05 14,720 --a------ c:\windows\system32\drivers\kbdhid.sys 2008-12-21 13:10 . 2001-08-23 17:04 12,288 --a------ c:\windows\system32\drivers\mouhid.sys 2008-12-21 13:10 . 2001-08-23 17:04 12,288 --a--c--- c:\windows\system32\dllcache\mouhid.sys 2008-12-20 17:16 . 2004-08-03 23:54 221,184 --a------ c:\windows\system32\wmpns.dll 2008-12-20 17:03 . 2008-12-23 22:05 54,156 --ah----- c:\windows\QTFont.qfn 2008-12-20 17:03 . 2008-12-20 17:03 1,409 --a------ c:\windows\QTFont.for 2008-12-20 14:03 . 2008-12-20 14:04 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-20 14:03 . 2008-12-20 14:03 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-20 14:03 . 2008-12-20 14:03 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Malwarebytes 2008-12-20 14:03 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-20 14:03 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-20 13:49 . 2008-12-20 13:49 20 --a------ c:\windows\TemplateWizard.INI 2008-12-20 13:41 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll 2008-12-20 13:41 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll 2008-12-20 13:41 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui 2008-12-20 12:35 . 2008-12-20 12:35 <REP> d-------- c:\program files\Namo 2008-12-20 09:20 . 2008-12-28 23:50 <REP> d-------- c:\documents and settings\Alexandre\Shared 2008-12-20 09:20 . 2008-12-28 23:50 <REP> d-------- c:\documents and settings\Alexandre\Incomplete 2008-12-20 09:20 . 2008-12-28 23:56 <REP> d-------- c:\documents and settings\Alexandre\Application Data\LimeWire 2008-12-20 09:14 . 2008-12-20 09:14 <REP> d-------- c:\program files\Java 2008-12-20 09:14 . 2008-12-20 09:14 <REP> d-------- c:\program files\illiminable 2008-12-20 09:14 . 2008-12-20 09:14 410,984 --a------ c:\windows\system32\deploytk.dll 2008-12-20 09:14 . 2008-12-20 09:14 73,728 --a------ c:\windows\system32\javacpl.cpl 2008-12-20 09:10 . 2008-12-20 09:10 <REP> d-------- c:\program files\Notepad++ 2008-12-20 09:10 . 2008-12-20 11:56 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Notepad++ 2008-12-19 23:42 . 2008-12-19 23:42 <REP> d-------- c:\program files\Trapcode 2008-12-19 23:42 . 2008-12-19 23:44 <REP> d--hsc--- c:\program files\Fichiers communs\WindowsLiveInstaller 2008-12-19 23:42 . 2008-12-19 23:42 36,868 --a------ c:\program files\uninst-3DStroke.exe 2008-12-19 23:41 . 2008-12-19 23:41 <REP> d-------- c:\documents and settings\All Users\Application Data\WLInstaller 2008-12-19 23:25 . 2008-12-19 23:25 <REP> d-------- c:\program files\Windows Live SkyDrive 2008-12-19 23:14 . 2008-12-19 23:14 <REP> d-------- c:\program files\Fichiers communs\Windows Live 2008-12-19 21:22 . 2008-12-19 21:22 <REP> d-------- C:\Python26 2008-12-19 21:20 . 2008-12-19 21:20 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Blender Foundation 2008-12-19 18:57 . 2008-12-22 17:05 <REP> d-------- c:\documents and settings\Alexandre\Application Data\skypePM 2008-12-19 18:57 . 2008-12-19 18:57 32 --a------ c:\documents and settings\All Users\Application Data\ezsid.dat 2008-12-19 17:15 . 2008-12-28 13:53 <REP> d-------- c:\documents and settings\All Users\Application Data\TrackMania 2008-12-19 16:55 . 2008-12-23 21:38 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Skype 2008-12-19 16:19 . 2004-08-03 22:29 1,897,408 --------- c:\windows\system32\drivers\nv4_mini.sys 2008-12-19 16:18 . 2004-08-03 22:41 1,309,184 --------- c:\windows\system32\drivers\mtlstrm.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-26 18:46 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-26 12:45 --------- d-----w c:\program files\Fichiers communs\Adobe 2008-12-23 21:12 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer 2008-12-23 07:56 --------- d-----w c:\program files\MSN Messenger 2008-12-20 16:19 --------- d-----w c:\program files\Microsoft Works 2008-12-18 17:59 --------- d-----w c:\program files\Fichiers communs\InstallShield 2008-12-18 17:44 --------- d-----w c:\program files\Microsoft.NET 2008-12-18 17:32 --------- d-----w c:\program files\Skype 2008-12-18 17:32 --------- d-----w c:\program files\Fichiers communs\Skype 2008-12-18 17:32 --------- d-----w c:\program files\D-Tools 2008-12-18 17:31 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2008-12-18 17:19 --------- d-----w c:\program files\SAGEM Wi-Fi USB 802.11g 2008-12-18 17:19 --------- d-----w c:\program files\SAGEM 2008-12-18 17:09 --------- d-----w c:\program files\Lavalys 2008-12-18 17:05 --------- d-----w c:\program files\DIFX 2008-12-18 17:04 --------- d-----w c:\program files\C-Media 6501 Sound 2008-12-18 16:57 --------- d-----w c:\program files\microsoft frontpage 2008-12-18 16:55 --------- d-----w c:\program files\Services en ligne 2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll 2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll 2008-03-16 12:30 216,064 --sh--r c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((( snapshot@2008-12-29_18.16.23,04 ))))))))))))))))))))))))))))))))))))))))) . - 2008-12-22 14:35:39 1,538,216 ----a-w c:\windows\system32\FNTCACHE.DAT + 2008-12-29 18:50:59 1,538,216 ----a-w c:\windows\system32\FNTCACHE.DAT + 2008-12-29 18:50:49 16,384 ----atw c:\windows\temp\Perflib_Perfdata_574.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672] "DynDNS Updater"="c:\program files\DynDNS Updater\DynDNS.exe" [2006-07-05 1347584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-03-12 81920] "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "iTunesHelper"="i:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088] "ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-10-11 31232] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-12-18 110592] Sagem - Utilitaire r‚seau pour Cl‚ USB Wi-Fi 802.11g.lnk - c:\program files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [2008-12-18 667648] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i420vfw.dll "msacm.avis"= ff_acm.acm "MSVideo"= CSvidcap.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface] --a------ 2007-12-25 22:25 937984 c:\program files\FileZilla Server\FileZilla Server Interface.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-12-20 09:14 136600 c:\program files\Java\jre6\bin\jusched.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "i:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"= "i:\\Program Files\\TmNationsForever\\TmForever.exe"= "i:\\Bacups\\BACKUP\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Namo\\WebEditor 5 Trial\\bin\\WebEditor.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "i:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R0 d346bus;d346bus;c:\windows\system32\DRIVERS\d346bus.sys [2008-12-18 156800] R0 d346prt;d346prt;c:\windows\system32\Drivers\d346prt.sys [2008-12-18 5248] S1 hidfltr;HID Filter Driver;c:\windows\system32\drivers\MWhid.sys [2004-11-03 13332] S3 es1969;Pilote audio ESS Solo (WDM);c:\windows\system32\drivers\es1969.sys [2008-12-18 72192] S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\system32\DRIVERS\WlanUIG.sys [2008-12-18 379456] *Newly Created Service* - PCANDIS5 . Contenu du dossier 'Tâches planifiées' 2008-12-23 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://google.fr/ uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {64EF3655-A2E7-48DC-BA1B-2DDD5069C58B} = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Alexandre\Application Data\Mozilla\Firefox\Profiles\gx661ahd.default\ FF - plugin: i:\program files\iTunes\Mozilla Plugins\npitunes.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-29 19:51:09 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv] "ImagePath"="\??\c:\docume~1\ALEXAN~1\LOCALS~1\Temp\mc22.tmp" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(516) c:\windows\system32\Ati2evxx.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\FileZilla Server\FileZilla server.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\wdfmgr.exe c:\windows\system32\ati2evxx.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2008-12-29 19:54:04 - La machine a redémarré ComboFix-quarantined-files.txt 2008-12-29 18:54:02 ComboFix2.txt 2008-12-29 17:17:08 ComboFix3.txt 2008-12-27 08:42:44 Avant-CF: 9 260 699 648 octets libres Après-CF: 9,222,115,328 octets libres 290 --- E O F --- 2008-12-23 23:56:39

sa marche merci

je ne comprends pas , j'ai fait un scan la semaine dernière , car l'ordi ramait comme tout , et il n'a rien trouvé ! ComboFix 08-12-28.04 - Alexandre 2008-12-29 18:14:04.4 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.3071.2648 [GMT 1:00] Lancé depuis: c:\documents and settings\Alexandre\Bureau\alex36.exe * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\pthreadGC2.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-28 au 2008-12-29 )))))))))))))))))))))))))))))))))))) . 2008-12-29 16:47 . 2008-12-29 16:47 <REP> d-------- C:\_OTMoveIt 2008-12-29 14:32 . 2008-12-29 14:32 173,351 --a------ C:\Test Soul Power.mp3 2008-12-29 13:57 . 2008-12-29 13:57 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Publish Providers 2008-12-29 11:08 . 2008-12-29 11:08 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Kana Solution 2008-12-28 16:38 . 2008-12-28 16:39 <REP> d-------- C:\Dev-Cpp 2008-12-27 18:43 . 2008-12-27 18:43 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Red Kawa 2008-12-27 13:23 . 2008-12-27 13:23 579,584 --a--c--- c:\windows\system32\dllcache\user32.dll 2008-12-27 13:22 . 2008-12-27 13:22 <REP> d-------- c:\windows\ERUNT 2008-12-27 12:27 . 2008-12-27 12:27 <REP> d-------- c:\program files\UpdateIcons 2008-12-27 10:44 . 2008-12-27 10:44 250 --a------ c:\windows\gmer.ini 2008-12-27 09:16 . 2008-12-27 09:16 22 --a------ c:\windows\system32\ati64hlp.stb 2008-12-27 01:17 . 2008-12-27 01:18 <REP> d-------- c:\documents and settings\Alexandre\Application Data\ArcSoft 2008-12-26 19:46 . 2008-12-26 19:46 <REP> d-------- c:\program files\ATI Technologies 2008-12-26 19:46 . 2004-08-25 12:52 516,096 --------- c:\windows\system32\ati2sgag.exe 2008-12-26 19:44 . 2004-08-25 07:40 294,912 -ra------ c:\windows\system32\atiiiexx.dll 2008-12-26 19:44 . 2004-08-25 07:22 151,552 -ra------ c:\windows\system32\ATIDEMGR.dll 2008-12-26 17:53 . 2008-12-26 17:53 <REP> d-------- c:\documents and settings\Alexandre\Application Data\vlc 2008-12-26 17:51 . 2008-12-26 17:51 <REP> d-------- c:\program files\VideoLAN 2008-12-26 17:38 . 2008-04-14 03:33 159,232 --a------ c:\windows\system32\ptpusd.dll 2008-12-26 17:38 . 2008-04-13 19:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys 2008-12-26 17:38 . 2008-04-13 19:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys 2008-12-26 17:38 . 2001-08-23 17:47 5,632 --a------ c:\windows\system32\ptpusb.dll 2008-12-26 13:43 . 2008-12-26 13:43 <REP> d-------- c:\program files\Fichiers communs\ArcSoft 2008-12-26 13:43 . 2005-04-27 16:36 245,408 --a------ c:\windows\system32\unicows.dll 2008-12-26 13:43 . 2007-03-07 16:05 126,976 --a------ c:\windows\system32\MediaImpression Slideshow.scr 2008-12-26 13:43 . 2005-02-23 14:58 11,776 --a------ c:\windows\system32\drivers\afc.sys 2008-12-26 13:43 . 2008-12-26 13:43 26 --a------ C:\UpdaterforApp.ini 2008-12-26 13:42 . 2008-12-26 13:43 <REP> d-------- c:\windows\system32\MediaImpression Slideshow 2008-12-26 13:42 . 2008-12-26 13:42 <REP> d-------- c:\program files\ArcSoft 2008-12-26 13:33 . 2008-12-26 16:18 <REP> d-------- c:\documents and settings\Alexandre\Application Data\ATI 2008-12-24 18:08 . 2008-12-24 18:08 <REP> d-------- c:\program files\Fichiers communs\AVSMedia 2008-12-24 12:30 . 2008-12-24 12:30 <REP> d-------- C:\OpenCandy 2008-12-24 12:15 . 2008-12-28 19:58 <REP> d-------- c:\program files\AviSynth 2.5 2008-12-24 12:15 . 2006-10-07 17:43 502,784 --a------ c:\windows\x2.64.exe 2008-12-24 12:15 . 2005-02-28 13:16 240,128 --a------ c:\windows\system32\x.264.exe 2008-12-24 12:15 . 2006-04-12 09:47 217,073 --a------ c:\windows\meta4.exe 2008-12-24 12:15 . 2004-01-25 00:00 70,656 --a------ c:\windows\system32\yv12vfw.dll 2008-12-24 12:15 . 2004-01-25 00:00 70,656 --a------ c:\windows\system32\i420vfw.dll 2008-12-24 12:15 . 2006-04-05 08:09 66,560 --a------ c:\windows\MOTA113.exe 2008-12-24 12:15 . 2005-07-14 12:31 27,648 --a------ c:\windows\system32\AVSredirect.dll 2008-12-24 12:14 . 2008-12-24 12:14 <REP> d-------- c:\program files\eRightSoft 2008-12-24 00:39 . 2008-12-24 00:39 <REP> d-------- c:\program files\IVCsoft 2008-12-23 23:52 . 2008-12-23 23:52 <REP> d-------- c:\windows\system32\QuickTime 2008-12-23 23:52 . 2008-12-23 23:52 <REP> d-------- c:\documents and settings\All Users\Application Data\TechSmith 2008-12-23 23:52 . 2007-08-27 10:53 107,864 --a------ c:\windows\system32\tsccvid.dll 2008-12-23 23:51 . 2008-12-23 23:51 <REP> d-------- c:\program files\Fichiers communs\TechSmith Shared 2008-12-23 22:12 . 2008-12-23 22:12 <REP> d-------- c:\program files\iPod 2008-12-23 22:12 . 2008-12-23 22:12 <REP> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-12-23 22:12 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll 2008-12-23 22:12 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys 2008-12-23 22:10 . 2008-12-23 22:10 <REP> d-------- c:\program files\Apple Software Update 2008-12-23 22:10 . 2008-11-07 14:23 32,000 --a------ c:\windows\system32\drivers\usbaapl.sys 2008-12-23 22:09 . 2008-12-23 22:12 <REP> d-------- c:\program files\Fichiers communs\Apple 2008-12-23 22:09 . 2008-12-23 22:09 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple 2008-12-23 15:19 . 2008-04-14 03:33 21,504 --a------ c:\windows\system32\hidserv.dll 2008-12-23 15:19 . 2008-04-14 03:33 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll 2008-12-22 17:13 . 2008-12-22 17:13 <REP> d-------- c:\program files\The Foundry 2008-12-22 15:20 . 2008-12-22 15:20 <REP> d-------- c:\windows\Sun 2008-12-22 15:16 . 2008-12-22 15:16 <REP> d-------- c:\windows\system32\fr 2008-12-22 15:16 . 2008-12-22 15:16 <REP> d-------- c:\windows\system32\bits 2008-12-22 15:16 . 2008-12-22 15:16 <REP> d-------- c:\windows\l2schemas 2008-12-22 15:14 . 2008-12-22 15:16 <REP> d-------- c:\windows\ServicePackFiles 2008-12-22 10:14 . 2008-12-22 10:14 <REP> d-------- c:\program files\Avira 2008-12-22 10:14 . 2008-12-22 10:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2008-12-21 21:27 . 2008-12-22 10:02 <REP> d-------- c:\program files\trend micro 2008-12-21 20:10 . 2008-12-21 20:10 <REP> d-------- c:\program files\PDF2Image v2.0 2008-12-21 19:41 . 2008-12-21 19:41 <REP> d-------- c:\documents and settings\Alexandre\Application Data\fltk.org 2008-12-21 19:37 . 2008-12-22 08:54 <REP> d--h----- c:\documents and settings\Alexandre\Application Data\drivers 2008-12-21 19:32 . 2008-12-22 10:23 1,024 --a------ c:\windows\system32\PDF2IMG.dat 2008-12-21 19:27 . 2008-12-21 19:27 <REP> d-------- c:\program files\PDFCreator 2008-12-21 19:27 . 2004-03-09 01:00 662,288 --a------ c:\windows\system32\MSCOMCT2.OCX 2008-12-21 19:27 . 1998-07-13 02:08 141,312 --a------ c:\windows\system32\MSCMCFR.DLL 2008-12-21 19:27 . 1998-06-24 01:00 137,000 --a------ c:\windows\system32\MSMAPI32.OCX 2008-12-21 19:27 . 2001-10-28 17:42 116,224 --a------ c:\windows\system32\pdfcmnnt.dll 2008-12-21 19:27 . 1998-07-13 02:08 59,904 --a------ c:\windows\system32\MSCC2FR.DLL 2008-12-21 19:27 . 1998-07-06 01:00 23,552 --a------ c:\windows\system32\MSMPIDE.DLL 2008-12-21 19:10 . 2008-12-21 19:10 <REP> d-------- c:\documents and settings\Alexandre\Application Data\AdobeUM 2008-12-21 16:01 . 2008-12-21 16:01 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Malwarebytes 2008-12-21 16:00 . 2008-12-18 18:28 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau 2008-12-21 16:00 . 2008-12-18 18:28 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression 2008-12-21 16:00 . 2008-12-18 17:53 <REP> d--h----- c:\documents and settings\Administrateur\Modèles 2008-12-21 16:00 . 2008-12-18 18:28 <REP> d-------- c:\documents and settings\Administrateur\Mes documents 2008-12-21 16:00 . 2008-12-18 18:28 <REP> dr------- c:\documents and settings\Administrateur\Menu Démarrer 2008-12-21 16:00 . 2008-12-18 18:28 <REP> d-------- c:\documents and settings\Administrateur\Favoris 2008-12-21 16:00 . 2008-12-27 13:23 <REP> d-------- c:\documents and settings\Administrateur\Bureau 2008-12-21 16:00 . 2008-12-21 16:00 <REP> d-------- c:\documents and settings\Administrateur 2008-12-21 14:45 . 2008-12-21 14:45 0 --a------ c:\windows\system32\megastore.ini 2008-12-21 14:43 . 2008-12-21 14:43 <REP> d-------- c:\windows\system32\JVeffect 2008-12-21 14:43 . 2008-12-21 14:43 <REP> d-------- c:\program files\MegaWorld 2008-12-21 14:43 . 2008-04-14 03:05 14,720 --a------ c:\windows\system32\drivers\kbdhid.sys 2008-12-21 13:10 . 2001-08-23 17:04 12,288 --a------ c:\windows\system32\drivers\mouhid.sys 2008-12-21 13:10 . 2001-08-23 17:04 12,288 --a--c--- c:\windows\system32\dllcache\mouhid.sys 2008-12-20 17:16 . 2004-08-03 23:54 221,184 --a------ c:\windows\system32\wmpns.dll 2008-12-20 17:03 . 2008-12-23 22:05 54,156 --ah----- c:\windows\QTFont.qfn 2008-12-20 17:03 . 2008-12-20 17:03 1,409 --a------ c:\windows\QTFont.for 2008-12-20 14:03 . 2008-12-20 14:04 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-20 14:03 . 2008-12-20 14:03 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-20 14:03 . 2008-12-20 14:03 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Malwarebytes 2008-12-20 14:03 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-20 14:03 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-20 13:49 . 2008-12-20 13:49 20 --a------ c:\windows\TemplateWizard.INI 2008-12-20 13:41 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll 2008-12-20 13:41 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll 2008-12-20 13:41 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui 2008-12-20 12:35 . 2008-12-20 12:35 <REP> d-------- c:\program files\Namo 2008-12-20 09:20 . 2008-12-28 23:50 <REP> d-------- c:\documents and settings\Alexandre\Shared 2008-12-20 09:20 . 2008-12-28 23:50 <REP> d-------- c:\documents and settings\Alexandre\Incomplete 2008-12-20 09:20 . 2008-12-28 23:56 <REP> d-------- c:\documents and settings\Alexandre\Application Data\LimeWire 2008-12-20 09:14 . 2008-12-20 09:14 <REP> d-------- c:\program files\Java 2008-12-20 09:14 . 2008-12-20 09:14 <REP> d-------- c:\program files\illiminable 2008-12-20 09:14 . 2008-12-20 09:14 410,984 --a------ c:\windows\system32\deploytk.dll 2008-12-20 09:14 . 2008-12-20 09:14 73,728 --a------ c:\windows\system32\javacpl.cpl 2008-12-20 09:10 . 2008-12-20 09:10 <REP> d-------- c:\program files\Notepad++ 2008-12-20 09:10 . 2008-12-20 11:56 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Notepad++ 2008-12-19 23:42 . 2008-12-19 23:42 <REP> d-------- c:\program files\Trapcode 2008-12-19 23:42 . 2008-12-19 23:44 <REP> d--hsc--- c:\program files\Fichiers communs\WindowsLiveInstaller 2008-12-19 23:42 . 2008-12-19 23:42 36,868 --a------ c:\program files\uninst-3DStroke.exe 2008-12-19 23:41 . 2008-12-19 23:41 <REP> d-------- c:\documents and settings\All Users\Application Data\WLInstaller 2008-12-19 23:25 . 2008-12-19 23:25 <REP> d-------- c:\program files\Windows Live SkyDrive 2008-12-19 23:14 . 2008-12-19 23:14 <REP> d-------- c:\program files\Fichiers communs\Windows Live 2008-12-19 21:22 . 2008-12-19 21:22 <REP> d-------- C:\Python26 2008-12-19 21:20 . 2008-12-19 21:20 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Blender Foundation 2008-12-19 18:57 . 2008-12-22 17:05 <REP> d-------- c:\documents and settings\Alexandre\Application Data\skypePM 2008-12-19 18:57 . 2008-12-19 18:57 32 --a------ c:\documents and settings\All Users\Application Data\ezsid.dat 2008-12-19 17:15 . 2008-12-28 13:53 <REP> d-------- c:\documents and settings\All Users\Application Data\TrackMania . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-26 18:46 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-26 12:45 --------- d-----w c:\program files\Fichiers communs\Adobe 2008-12-23 21:12 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer 2008-12-23 07:56 --------- d-----w c:\program files\MSN Messenger 2008-12-20 16:19 --------- d-----w c:\program files\Microsoft Works 2008-12-18 17:59 --------- d-----w c:\program files\Fichiers communs\InstallShield 2008-12-18 17:44 --------- d-----w c:\program files\Microsoft.NET 2008-12-18 17:32 --------- d-----w c:\program files\Skype 2008-12-18 17:32 --------- d-----w c:\program files\Fichiers communs\Skype 2008-12-18 17:32 --------- d-----w c:\program files\D-Tools 2008-12-18 17:31 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2008-12-18 17:19 --------- d-----w c:\program files\SAGEM Wi-Fi USB 802.11g 2008-12-18 17:19 --------- d-----w c:\program files\SAGEM 2008-12-18 17:09 --------- d-----w c:\program files\Lavalys 2008-12-18 17:05 --------- d-----w c:\program files\DIFX 2008-12-18 17:04 --------- d-----w c:\program files\C-Media 6501 Sound 2008-12-18 16:57 --------- d-----w c:\program files\microsoft frontpage 2008-12-18 16:55 --------- d-----w c:\program files\Services en ligne 2008-12-04 15:52 2,131,968 ----a-w c:\windows\system32\python26.dll 2008-10-27 09:04 70,992 ----a-w c:\windows\system32\XAPOFX1_2.dll 2008-10-27 09:04 514,384 ----a-w c:\windows\system32\XAudio2_3.dll 2008-10-27 09:04 235,856 ----a-w c:\windows\system32\xactengine3_3.dll 2008-10-27 09:04 23,376 ----a-w c:\windows\system32\X3DAudio1_5.dll 2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll 2008-10-16 20:18 826,368 ----a-w c:\windows\system32\wininet.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-10 03:52 452,440 ----a-w c:\windows\system32\d3dx10_40.dll 2008-10-10 03:52 4,379,984 ----a-w c:\windows\system32\D3DX9_40.dll 2008-10-10 03:52 2,036,576 ----a-w c:\windows\system32\D3DCompiler_40.dll 2008-10-03 10:03 247,326 ----a-w c:\windows\system32\strmdll.dll 2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll 2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll 2008-03-16 12:30 216,064 --sh--r c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672] "DynDNS Updater"="c:\program files\DynDNS Updater\DynDNS.exe" [2006-07-05 1347584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-03-12 81920] "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "iTunesHelper"="i:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088] "ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-10-11 31232] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-12-18 110592] Sagem - Utilitaire r‚seau pour Cl‚ USB Wi-Fi 802.11g.lnk - c:\program files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [2008-12-18 667648] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i420vfw.dll "msacm.avis"= ff_acm.acm "MSVideo"= CSvidcap.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface] --a------ 2007-12-25 22:25 937984 c:\program files\FileZilla Server\FileZilla Server Interface.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-12-20 09:14 136600 c:\program files\Java\jre6\bin\jusched.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "i:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"= "i:\\Program Files\\TmNationsForever\\TmForever.exe"= "i:\\Bacups\\BACKUP\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Namo\\WebEditor 5 Trial\\bin\\WebEditor.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "i:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R0 d346bus;d346bus;c:\windows\system32\DRIVERS\d346bus.sys [2008-12-18 156800] R0 d346prt;d346prt;c:\windows\system32\Drivers\d346prt.sys [2008-12-18 5248] R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\system32\DRIVERS\WlanUIG.sys [2008-12-18 379456] S1 hidfltr;HID Filter Driver;c:\windows\system32\drivers\MWhid.sys [2004-11-03 13332] S3 es1969;Pilote audio ESS Solo (WDM);c:\windows\system32\drivers\es1969.sys [2008-12-18 72192] . Contenu du dossier 'Tâches planifiées' 2008-12-23 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://google.fr/ uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {64EF3655-A2E7-48DC-BA1B-2DDD5069C58B} = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Alexandre\Application Data\Mozilla\Firefox\Profiles\gx661ahd.default\ FF - plugin: i:\program files\iTunes\Mozilla Plugins\npitunes.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-29 18:16:14 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv] "ImagePath"="\??\c:\docume~1\ALEXAN~1\LOCALS~1\Temp\mc21.tmp" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(752) c:\windows\system32\Ati2evxx.dll . Heure de fin: 2008-12-29 18:17:08 ComboFix-quarantined-files.txt 2008-12-29 17:16:37 ComboFix2.txt 2008-12-27 08:42:44 Avant-CF: 9 294 508 032 octets libres Après-CF: 9,290,244,096 octets libres 276 --- E O F --- 2008-12-23 23:56:39

apparament , ya un poblème encore , car j' été obligé de renommer le programme en "alex36.exe" pour le lancer sinon sa me marquait : ceci n'est pas un appli de win32 valide j'ai retesté : la il n'ya plus de problème : lappli s'ouvre et ne met pas de message d'erreur ========== FILES ========== File/Folder I:\Bacups\BACKUP\Documents and Settings\Alexandre.ORDI_ALEX\Bureau\MSN Messenger Account Cracker v2.0\msnc2.exe Infected: HackTool.Win32.MSNaccCrack.20 1 not found. File/Folder I:\Bacups\BACKUP\Program Files\Messenger Plus! Live\Scripts\Voir contact qui ton bloquer\huhu_ctrl.js Infected: Backdoor.JS.Agent.a 1 not found. File/Folder I:\Bacups\BACKUP\Program Files\NavigationEnhancer\NavigationEnhancer-2.dll Infected: not-a-virus:AdWare.Win32.Agent.eqv 1 not found. File/Folder I:\Divers\FOURETOUT\MSN Messenger Account Cracker v2.0\msnc2.exe Infected: HackTool.Win32.MSNaccCrack.20 1 not found. File/Folder I:\Program Files\HFS webserveur\hfs.exe Infected: not-a-virus:Server-FTP.Win32.SFH.d 1 not found. File/Folder I:\instals\cis-webserver-setup.exe Infected: not-a-virus:AdWare.Win32.Rabio.ju 1 not found. File/Folder I:\instals\Divers\MSN\MSN Messenger Account Cracker v2.0.rar Infected: HackTool.Win32.MSNaccCrack.20 1 not found. File/Folder I:\instals\installer-73448-33fr-Codec-French.exe Infected: not-a-virus:AdWare.Win32.FakeInstaller.a 1 not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\Arj.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\avlib.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\Avp1.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\AvpMgr.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\btimages.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\CAB.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\dmap.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\dtreg.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\FsDrvPlg.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\FSSync.dll scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\HashCont.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\HashMD5.PPL scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\HCCMP.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\ichk2.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\iChkSA.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\Inflate.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\IWGen.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\kave.dll scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\kosglue-7.0.25.0.dll scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\lha.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\L_llio.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\MailMsg.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\mdb.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\MDMAP.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\MemModSc.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\MemScan.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\minizip.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\MKavIO.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\msoe.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\nfio.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\NTFSstrm.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\prKernel.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\prLoader.dll scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\prseqio.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\PrUtil.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\Quantum.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\rar.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\ScanningProcess.exe scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\sfdb.PPL scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\superio.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\TempFile.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\thpimpl.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\UnArj.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\UniArc.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\UnLZX.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\UnStored.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\WDiskIO.ppl scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\hsperfdata_Alexandre\1120 scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\hsperfdata_Alexandre\2416 scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\Perflib_Perfdata_768.dat scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_650.dat scheduled to be deleted on reboot. Windows Temp folder emptied. File delete failed. C:\Documents and Settings\Alexandre\Application Data\Sun\Java\Deployment\cache\6.0\14\757e808e-78153c44 scheduled to be deleted on reboot. Java cache emptied. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12292008_164737 Files moved on Reboot... C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\Arj.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\avlib.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\Avp1.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\AvpMgr.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\btimages.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\CAB.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\dmap.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\dtreg.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\FsDrvPlg.ppl moved successfully. DllUnregisterServer procedure not found in C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\FSSync.dll C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\FSSync.dll NOT unregistered. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\FSSync.dll moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\HashCont.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\HashMD5.PPL moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\HCCMP.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\ichk2.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\iChkSA.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\Inflate.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\IWGen.ppl moved successfully. DllUnregisterServer procedure not found in C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\kave.dll C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\kave.dll NOT unregistered. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\kave.dll moved successfully. DllUnregisterServer procedure not found in C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\kosglue-7.0.25.0.dll C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\kosglue-7.0.25.0.dll NOT unregistered. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\kosglue-7.0.25.0.dll moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\lha.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\L_llio.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\MailMsg.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\mdb.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\MDMAP.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\MemModSc.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\MemScan.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\minizip.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\MKavIO.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\msoe.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\nfio.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\NTFSstrm.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\prKernel.ppl moved successfully. DllUnregisterServer procedure not found in C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\prLoader.dll C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\prLoader.dll NOT unregistered. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\prLoader.dll moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\prseqio.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\PrUtil.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\Quantum.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\rar.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\ScanningProcess.exe moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\sfdb.PPL moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\superio.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\TempFile.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\thpimpl.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\UnArj.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\UniArc.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\UnLZX.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\UnStored.ppl moved successfully. C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\jkos-Alexandre\binaries\WDiskIO.ppl moved successfully. File C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\hsperfdata_Alexandre\1120 not found! File C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\hsperfdata_Alexandre\2416 not found! File C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\Perflib_Perfdata_768.dat not found! File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot. File C:\WINDOWS\temp\Perflib_Perfdata_650.dat not found! C:\Documents and Settings\Alexandre\Application Data\Sun\Java\Deployment\cache\6.0\14\757e808e-78153c44 moved successfully.

voila le rapport ! -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Monday, December 29, 2008 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Monday, December 29, 2008 06:23:46 Records in database: 1527252 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ P:\ R:\ S:\ Y:\ Scan statistics: Files scanned: 235025 Threat name: 6 Infected objects: 8 Suspicious objects: 0 Duration of the scan: 04:33:35 File name / Threat name / Threats count I:\Bacups\BACKUP\Documents and Settings\Alexandre.ORDI_ALEX\Bureau\MSN Messenger Account Cracker v2.0\msnc2.exe Infected: HackTool.Win32.MSNaccCrack.20 1 I:\Bacups\BACKUP\Program Files\Messenger Plus! Live\Scripts\Voir contact qui ton bloquer\huhu_ctrl.js Infected: Backdoor.JS.Agent.a 1 I:\Bacups\BACKUP\Program Files\NavigationEnhancer\NavigationEnhancer-2.dll Infected: not-a-virus:AdWare.Win32.Agent.eqv 1 I:\Divers\FOURETOUT\MSN Messenger Account Cracker v2.0\msnc2.exe Infected: HackTool.Win32.MSNaccCrack.20 1 I:\Program Files\HFS webserveur\hfs.exe Infected: not-a-virus:Server-FTP.Win32.SFH.d 1 I:\instals\cis-webserver-setup.exe Infected: not-a-virus:AdWare.Win32.Rabio.ju 1 I:\instals\Divers\MSN\MSN Messenger Account Cracker v2.0.rar Infected: HackTool.Win32.MSNaccCrack.20 1 I:\instals\installer-73448-33fr-Codec-French.exe Infected: not-a-virus:AdWare.Win32.FakeInstaller.a 1 The selected area was scanned. ENF OF FILE petite precision concernant les backups , elle sont infectés certes , mais cesont des vieux machins ^^ sa date de , il y a longtemps , et je n'ai jamas scanné ça , mais a present ce sera suprimé tant mieux

ok je teste ça , je vous tien au courant

euh elle ne se sont pas desincrites toutes seuls , (ptet un virus la dessous ^^) mais même sans virus , sa l'avait déja fait avant quand javais reinstallé windows peut etre un problème de plugin , je ne sais pas mais en, bat sa donne quoi , car je ne sais absolument pas programmer ^^ sa pourrais ressembler a quoi?? svp a sa par exemple ?? TITLE Correction bug windows media player 10 run regsvr32 jscript.dll regsvr32 vbscript.dll

bonjour a tous et bonnes fêtes des fin d'anné suite a un problème avec mon lecteur winodws media 10 sa me marquait un message d'erreur : erreur application interne j'ai trouvé la solution sur un forum : (je cite) je voudrais savoir si il était possible de faire une automatisation en fichier reg ou en c, c++ ou simplement en script je pense que c'est possible , mais je ne connais absolument pas la programation (pas de notions de base) je tiens a preciser que ce n 'est pas pour pirater les gens , mais pour me faire un script pour moi , au cas ou si sa replantait

RAPPORT SDFIX SDFix: Version 1.240 Run by Administrateur on 27/12/2008 at 13:24 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-27 13:32:03 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d346prt\Cfg\0Jf40] "khjeh"=hex:20,02,00,00,67,4c,84,f3,a4,e1,56,30,0b,2e,69,5c,d4,8d,f7,c4,5d,.. "hj34z0"=hex:88,43,3e,80,a4,73,7f,28,02,c1,e0,b0,c3,d9,58,dd,f1,5e,ec,c0,6c,.. "hj34z1"=hex:45,43,3e,80,dc,73,7f,28,03,c1,e1,b0,c2,d9,58,dd,f1,5e,ec,c0,18,.. "hj34z2"=hex:45,43,3e,80,dc,73,7f,28,03,c1,e1,b0,c2,d9,58,dd,f1,5e,ec,c0,18,.. "hj34z3"=hex:45,43,3e,80,dc,73,7f,28,03,c1,e1,b0,c2,d9,58,dd,f1,5e,ec,c0,18,.. "hj34z4"=hex:45,43,3e,80,dc,73,7f,28,03,c1,e1,b0,c2,d9,58,dd,f1,5e,ec,c0,18,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{56CA5D3B-3002-4E7B-90FE-071D8FDF3814}] "DisplayName"="DAEMON Tools" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher] "TracesProcessed"=dword:00000147 scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "I:\\Program Files\\uTorrent\\uTorrent.exe"="I:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home" "I:\\Program Files\\TmNationsForever\\TmForever.exe"="I:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever" "I:\\Bacups\\BACKUP\\Program Files\\LimeWire\\LimeWire.exe"="I:\\Bacups\\BACKUP\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\Namo\\WebEditor 5 Trial\\bin\\WebEditor.exe"="C:\\Program Files\\Namo\\WebEditor 5 Trial\\bin\\WebEditor.exe:*:Enabled:Namo WebEditor 5" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath " "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "I:\\Program Files\\iTunes\\iTunes.exe"="I:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files : Files with Hidden Attributes : Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll" Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll" Sun 16 Mar 2008 216,064 ..SHR --- "C:\WINDOWS\system32\nbDX.dll" Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll" Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll" Wed 24 Dec 2008 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe" Tue 2 Oct 2007 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll" Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll" Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll" Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll" Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll" Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll" Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll" Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll" Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll" Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll" Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll" Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll" Sat 3 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll" Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll" Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll" Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll" Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll" Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll" Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll" Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll" Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll" Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll" Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll" Thu 20 Mar 2008 5,632 ..SHR --- "C:\Program Files\eRightSoft\SUPER\spk\1stRun.exe" Finished! RAPPORT MBAM Malwarebytes' Anti-Malware 1.31 Version de la base de données: 1554 Windows 5.1.2600 Service Pack 3 27/12/2008 15:51:14 mbam-log-2008-12-27 (15-51-14).txt Type de recherche: Examen complet (C:\|I:\|S:\|) Eléments examinés: 255810 Temps écoulé: 2 hour(s), 8 minute(s), 31 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): I:\Bacups\BACKUP\Documents and Settings\Alexandre.ORDI_ALEX\Bureau\FOURETOUT\Vegas 7.0a\Sony Vegas v7.0a Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. I:\Bacups\BACKUP\Documents and Settings\Alexandre.ORDI_ALEX\Local Settings\Temporary Internet Files\Content.IE5\I34VWX6X\Sony_Vegas_Video_7_keygen_______just_launched___.exe (Trojan.Downloader) -> Quarantined and deleted successfully. I:\Bacups\BACKUP\Program Files\PlayMP3z\PlayMP3.exe (Adware.PlayMP3Z) -> Quarantined and deleted successfully. ****fin

oki c'est ce que j'avais pensé aussi mais , quand je veut remettre l'extention atibuée a quicktime , c'est obligatoirement VLc qui est surigné : même si je change l'app a demarrer , c'est toujours VLC sui est séléctionné , même en faisant apliquer . par contre j'ai reeussi a changer les extentions mais il y a touours un problème d'icone EDIT c'est bon c'est revenu comme avant j'ai changé directement les associations avec les logiciels concernés

euh je n'ai pas eu de fichier dans c:\upload_moi_xxxx.zip c'est normal enttout cas voila le rapport SCAN DIAGHELP DiagHelp version v1.4 - http://www.malekal.com excute le 27/12/2008 à 12:43:52,32 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->27/12/2008 12:43:12 C:\WINDOWS\prefetch\AVWSC.EXE-347FCF75.pf -->27/12/2008 12:43:11 C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->27/12/2008 12:43:10 C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->27/12/2008 12:42:24 C:\WINDOWS\prefetch\CONTROL.EXE-013DBFB5.pf -->27/12/2008 12:42:22 C:\WINDOWS\prefetch\WSCNTFY.EXE-1B24F5EB.pf -->27/12/2008 12:42:20 C:\WINDOWS\prefetch\RUNDLL32.EXE-1831A4F3.pf -->27/12/2008 12:42:14 C:\WINDOWS\prefetch\WLMAIL.EXE-16F261CF.pf -->27/12/2008 12:40:16 C:\WINDOWS\prefetch\VLC.EXE-22DF01AA.pf -->27/12/2008 12:29:29 C:\WINDOWS\prefetch\EXPORTCONTROLLER.EXE-0303443A.pf -->27/12/2008 12:29:22 C:\WINDOWS\System32\drivers\gmer.sys -->27/12/2008 10:44:52 C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->03/12/2008 19:52:38 C:\WINDOWS\System32\drivers\mbam.sys -->03/12/2008 19:52:34 C:\WINDOWS\System32\drivers\usbaapl.sys -->07/11/2008 14:23:30 C:\WINDOWS\System32\drivers\avipbb.sys -->30/10/2008 10:21:03 C:\WINDOWS\System32\drivers\mrxsmb.sys -->24/10/2008 12:21:09 C:\WINDOWS\System32\drivers\srv.sys -->08/09/2008 11:41:42 C:\WINDOWS\System32\ati64hlp.stb -->27/12/2008 09:16:51 C:\WINDOWS\System32\perfh00C.dat -->22/12/2008 15:36:10 C:\WINDOWS\System32\perfc00C.dat -->22/12/2008 15:36:10 C:\WINDOWS\System32\perfh009.dat -->22/12/2008 15:36:09 C:\WINDOWS\System32\perfc009.dat -->22/12/2008 15:36:09 C:\WINDOWS\System32\PerfStringBackup.INI -->22/12/2008 15:36:08 C:\WINDOWS\System32\FNTCACHE.DAT -->22/12/2008 15:35:39 C:\WINDOWS\System32\wpa.dbl -->22/12/2008 15:34:52 C:\WINDOWS\System32\spupdwxp.log -->22/12/2008 15:34:24 C:\WINDOWS\System32\PDF2IMG.dat -->22/12/2008 10:23:17 C:\WINDOWS\System32\megastore.ini -->21/12/2008 14:45:56 C:\WINDOWS\System32\javaws.exe -->20/12/2008 09:14:41 C:\WINDOWS\System32\javaw.exe -->20/12/2008 09:14:41 C:\WINDOWS\System32\javacpl.cpl -->20/12/2008 09:14:41 C:\WINDOWS\System32\java.exe -->20/12/2008 09:14:41 C:\WINDOWS\System32\deploytk.dll -->20/12/2008 09:14:40 C:\WINDOWS\System32\TZLog.log -->18/12/2008 19:22:53 C:\WINDOWS\System32\nscompat.tlb -->18/12/2008 18:53:43 C:\WINDOWS\System32\amcompat.tlb -->18/12/2008 18:53:43 C:\WINDOWS\System32\h323log.txt -->18/12/2008 18:51:14 C:\WINDOWS\System32\$winnt$.inf -->18/12/2008 17:58:42 C:\WINDOWS\System32\CONFIG.NT -->18/12/2008 17:56:46 C:\WINDOWS\System32\WindowsLogon.manifest -->18/12/2008 17:55:42 C:\WINDOWS\System32\logonui.exe.manifest -->18/12/2008 17:55:42 C:\WINDOWS\System32\wuaucpl.cpl.manifest -->18/12/2008 17:55:37 C:\WINDOWS\WindowsUpdate.log -->27/12/2008 11:18:37 C:\WINDOWS\gmer.ini -->27/12/2008 10:44:55 C:\WINDOWS\gmer_uninstall.cmd -->27/12/2008 10:44:52 C:\WINDOWS\gmer.dll -->27/12/2008 10:44:52 C:\WINDOWS\0.log -->27/12/2008 09:54:15 C:\WINDOWS\wiadebug.log -->27/12/2008 09:54:12 C:\WINDOWS\wiaservc.log -->27/12/2008 09:54:08 C:\WINDOWS\bootstat.dat -->27/12/2008 09:54:00 C:\WINDOWS\ntbtlog.txt -->27/12/2008 09:42:44 C:\WINDOWS\system.ini -->27/12/2008 09:41:55 C:\WINDOWS\SchedLgU.Txt -->27/12/2008 01:22:08 C:\WINDOWS\setupapi.log -->26/12/2008 19:46:31 C:\WINDOWS\WININIT.INI -->26/12/2008 19:42:26 C:\WINDOWS\NeroDigital.ini -->26/12/2008 17:52:12 C:\WINDOWS\wmsetup.log -->25/12/2008 20:00:49 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1412 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x44080000 0xd0000 7.00.6000.16762 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16762 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL 0x44360000 0x5cd000 7.00.6000.16762 C:\WINDOWS\system32\ieframe.dll 0x44160000 0x127000 7.00.6000.16762 C:\WINDOWS\system32\urlmon.dll 0x442b0000 0x3c000 7.00.6000.16762 C:\WINDOWS\system32\webcheck.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x00e10000 0x19000 2.00.0000.0016 C:\Program Files\SuperCopier2\SC2Hook.dll 0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll 0x02760000 0x1b9000 2.00.0000.0008 C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll 0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL 0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCR71.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCP71.dll 0x02920000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll 0x02990000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x75ed0000 0x13000 5.131.2600.5512 C:\WINDOWS\system32\cryptnet.dll 0x10000000 0x6000 C:\Program Files\Unlocker\UnlockerCOM.dll 0x01980000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x4eb80000 0x1a6000 5.01.3102.5512 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\gdiplus.dll 0x086d0000 0x247000 10.00.0000.4066 C:\WINDOWS\system32\wmvcore.dll 0x070d0000 0x3b000 10.00.0000.4060 C:\WINDOWS\system32\WMASF.DLL 0x73600000 0x7000 6.05.2600.5512 C:\WINDOWS\system32\msdmo.dll 0x03270000 0x16000 0.07.0000.0000 C:\WINDOWS\system32\AC3ACM.acm 0x01920000 0x14000 2.00.0006.0001 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll 0x03ca0000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL 0x01d50000 0x2e000 C:\Program Files\WinRAR\rarext.dll 0x00e50000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 508 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x17000 6.14.0010.4105 C:\WINDOWS\system32\Ati2evxx.dll 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2CDA-5998 Répertoire de C:\WINDOWS\system32 14/04/2008 03:33 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 9 426 477 056 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2CDA-5998 Répertoire de C:\WINDOWS\Downloaded Program Files 19/12/2008 17:03 <REP> . 19/12/2008 17:03 <REP> .. 18/12/2008 17:55 65 desktop.ini 29/07/2008 00:50 1 292 erma.inf 04/10/2008 20:16 1 887 080 FP_AX_CAB_INSTALLER.exe 04/10/2008 20:08 247 swflash.inf 4 fichier(s) 1 888 684 octets Total des fichiers listés : 4 fichier(s) 1 888 684 octets 2 Rép(s) 9 426 472 960 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "I:\\Program Files\\uTorrent\\uTorrent.exe"="I:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home" "I:\\Program Files\\TmNationsForever\\TmForever.exe"="I:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever" "I:\\Bacups\\BACKUP\\Program Files\\LimeWire\\LimeWire.exe"="I:\\Bacups\\BACKUP\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\Namo\\WebEditor 5 Trial\\bin\\WebEditor.exe"="C:\\Program Files\\Namo\\WebEditor 5 Trial\\bin\\WebEditor.exe:*:Enabled:Namo WebEditor 5" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath " "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "I:\\Program Files\\iTunes\\iTunes.exe"="I:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "DisableRegistryTools"=dword:00000000 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-27 12:44:10 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d346prt\Cfg\0Jf40] "khjeh"=hex:20,02,00,00,4e,55,f9,f2,7f,e0,98,41,4a,4b,a7,cf,83,76,2f,a8,84,.. "hj34z0"=hex:53,42,f0,f1,e5,16,b1,bb,55,3a,38,dc,1a,19,07,ea,fa,db,46,65,bd,.. "hj34z1"=hex:9e,42,f0,f1,9d,16,b1,bb,54,3a,39,dc,1b,19,07,ea,fa,db,46,65,c9,.. "hj34z2"=hex:9e,42,f0,f1,9d,16,b1,bb,54,3a,39,dc,1b,19,07,ea,fa,db,46,65,c9,.. "hj34z3"=hex:9e,42,f0,f1,9d,16,b1,bb,54,3a,39,dc,1b,19,07,ea,fa,db,46,65,c9,.. "hj34z4"=hex:9e,42,f0,f1,9d,16,b1,bb,54,3a,39,dc,1b,19,07,ea,fa,db,46,65,c9,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{56CA5D3B-3002-4E7B-90FE-071D8FDF3814}] "DisplayName"="DAEMON Tools" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 140 - WLANUTL.exe 208 - firefox.exe 272 - avgnt.exe 400 - atiptaxx.exe 436 - ctfmon.exe 484 - csrss.exe 508 - winlogon.exe 556 - services.exe 568 - lsass.exe 740 - svchost.exe 820 - svchost.exe 856 - svchost.exe 944 - svchost.exe 1204 - sched.exe 1412 - explorer.exe 1516 - avguard.exe 1528 - AppleMobileDevi 1612 - mDNSResponder.e 1640 - FileZilla serve 1664 - jqs.exe 1780 - svchost.exe 1808 - MDM.EXE 1824 - alg.exe 2404 - wlmail.exe 2952 - iPodService.exe 3068 - wscntfy.exe 3404 - cmd.exe 4024 - usnsvc.exe Total number of processes = 29 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806D0000 - \WINDOWS\system32\hal.dll BADA8000 - \WINDOWS\system32\KDCOM.DLL BACB8000 - \WINDOWS\system32\BOOTVID.dll BA780000 - d346bus.sys BA751000 - ACPI.sys BADAA000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS BA740000 - pci.sys BA8A8000 - isapnp.sys BA8B8000 - ohci1394.sys BA8C8000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS BAE70000 - pciide.sys BAB28000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS BA8D8000 - MountMgr.sys BA721000 - ftdisk.sys BADAC000 - dmload.sys BA6FB000 - dmio.sys BAB30000 - PartMgr.sys BA8E8000 - VolSnap.sys BA6E3000 - atapi.sys BA6CF000 - nvatabus.sys BADAE000 - d346prt.sys BA6B7000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS BA8F8000 - disk.sys BA908000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS BA697000 - fltmgr.sys BA685000 - sr.sys BA66E000 - KSecDD.sys BA5E1000 - Ntfs.sys BA5B4000 - NDIS.sys BAB38000 - nv_agp.sys BA59A000 - Mup.sys BAAE8000 - \SystemRoot\system32\DRIVERS\nic1394.sys BA938000 - \SystemRoot\system32\DRIVERS\AmdK8.sys BABA0000 - \SystemRoot\system32\DRIVERS\fdc.sys B9B42000 - \SystemRoot\system32\DRIVERS\parport.sys BAD40000 - \SystemRoot\system32\DRIVERS\gameenum.sys BAF59000 - \SystemRoot\system32\drivers\msmpu401.sys B9B1E000 - \SystemRoot\system32\drivers\portcls.sys BA948000 - \SystemRoot\system32\drivers\drmk.sys B9AFB000 - \SystemRoot\system32\drivers\ks.sys BA958000 - \SystemRoot\system32\DRIVERS\i8042prt.sys BABA8000 - \SystemRoot\system32\DRIVERS\kbdclass.sys BABB0000 - \SystemRoot\system32\DRIVERS\mouclass.sys B9AEA000 - \SystemRoot\system32\DRIVERS\serial.sys BA024000 - \SystemRoot\system32\DRIVERS\serenum.sys BABB8000 - \SystemRoot\system32\DRIVERS\usbohci.sys B9AC6000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS BABC0000 - \SystemRoot\system32\DRIVERS\usbehci.sys BA020000 - \SystemRoot\system32\DRIVERS\nvnetbus.sys B9A7C000 - \SystemRoot\system32\DRIVERS\NVNRM.SYS B9A45000 - \SystemRoot\system32\DRIVERS\NVSNPU.SYS BA968000 - \SystemRoot\system32\DRIVERS\imapi.sys BABC8000 - \SystemRoot\system32\drivers\Afc.sys BABD0000 - \SystemRoot\System32\Drivers\ElbyCDFL.sys BADE2000 - \SystemRoot\System32\Drivers\ElbyDelay.sys BABD8000 - \SystemRoot\System32\Drivers\AnyDVD.sys BA978000 - \SystemRoot\system32\DRIVERS\cdrom.sys BA988000 - \SystemRoot\system32\DRIVERS\redbook.sys BA01C000 - \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys AA0EE000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys AA0DA000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS AA569000 - \SystemRoot\system32\DRIVERS\audstub.sys AAF71000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys AB8FF000 - \SystemRoot\system32\DRIVERS\ndistapi.sys AA0C3000 - \SystemRoot\system32\DRIVERS\ndiswan.sys AAF61000 - \SystemRoot\system32\DRIVERS\raspppoe.sys AAF51000 - \SystemRoot\system32\DRIVERS\raspptp.sys AA2F7000 - \SystemRoot\system32\DRIVERS\TDI.SYS AA0B2000 - \SystemRoot\system32\DRIVERS\psched.sys AAF41000 - \SystemRoot\system32\DRIVERS\msgpc.sys AF9CA000 - \SystemRoot\system32\DRIVERS\ptilink.sys B975A000 - \SystemRoot\system32\DRIVERS\raspti.sys AA082000 - \SystemRoot\system32\DRIVERS\rdpdr.sys AACA6000 - \SystemRoot\system32\DRIVERS\termdd.sys ABD37000 - \SystemRoot\system32\DRIVERS\swenum.sys AA024000 - \SystemRoot\system32\DRIVERS\update.sys AAE4E000 - \SystemRoot\system32\DRIVERS\mssmbios.sys AAC96000 - \SystemRoot\System32\Drivers\NDProxy.SYS AAC86000 - \SystemRoot\system32\DRIVERS\usbhub.sys ABD35000 - \SystemRoot\system32\DRIVERS\USBD.SYS B9782000 - \SystemRoot\system32\DRIVERS\flpydisk.sys ABD33000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS AA2B0000 - \SystemRoot\System32\Drivers\Null.SYS ABD31000 - \SystemRoot\System32\Drivers\Beep.SYS B90BF000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS B9762000 - \SystemRoot\System32\drivers\vga.sys ABD2F000 - \SystemRoot\System32\Drivers\mnmdd.SYS ABD2D000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys AF9C2000 - \SystemRoot\System32\Drivers\Msfs.SYS AF9BA000 - \SystemRoot\System32\Drivers\Npfs.SYS AA3B1000 - \SystemRoot\system32\DRIVERS\rasacd.sys 99FD1000 - \SystemRoot\system32\DRIVERS\ipsec.sys 99F78000 - \SystemRoot\system32\DRIVERS\tcpip.sys 99F50000 - \SystemRoot\system32\DRIVERS\netbt.sys 99F2E000 - \SystemRoot\System32\drivers\afd.sys AAC46000 - \SystemRoot\system32\DRIVERS\netbios.sys AF9B2000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys 99F03000 - \SystemRoot\system32\DRIVERS\rdbss.sys 99E93000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys AAC26000 - \SystemRoot\System32\Drivers\Fips.SYS 99E6D000 - \SystemRoot\system32\DRIVERS\ipnat.sys AAC16000 - \SystemRoot\system32\DRIVERS\wanarp.sys AA668000 - \SystemRoot\system32\DRIVERS\arp1394.sys 99E5C000 - \SystemRoot\system32\DRIVERS\avipbb.sys ABB41000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys AA638000 - \SystemRoot\System32\Drivers\Cdfs.SYS AF9AA000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS AF9A2000 - \SystemRoot\system32\DRIVERS\usbccgp.sys 99D01000 - \SystemRoot\system32\drivers\c6501.sys 99CED000 - \SystemRoot\System32\Drivers\dump_nvatabus.sys ABB3B000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys B56C8000 - \SystemRoot\System32\drivers\Dxapi.sys AF992000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys BAFC9000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\ati2dvag.dll BFA0D000 - \SystemRoot\System32\ati2cqag.dll BFA47000 - \SystemRoot\System32\ati3duag.dll BFC6A000 - \SystemRoot\System32\ativvaxx.dll BFFA0000 - \SystemRoot\System32\ATMFD.DLL B6351000 - \SystemRoot\system32\DRIVERS\mdc8021x.sys 99C48000 - \SystemRoot\system32\DRIVERS\mrxdav.sys BAE60000 - \SystemRoot\System32\Drivers\ParVdm.SYS 99B94000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys BADB2000 - \SystemRoot\System32\Drivers\ElbyCDIO.sys 99B2F000 - \SystemRoot\system32\drivers\wdmaud.sys BAA18000 - \SystemRoot\system32\drivers\sysaudio.sys 999EF000 - \SystemRoot\system32\DRIVERS\srv.sys 99524000 - \SystemRoot\System32\Drivers\HTTP.sys B1FCC000 - \??\C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\mc21.tmp 996E9000 - \??\C:\WINDOWS\system32\PCANDIS5.SYS 99488000 - \SystemRoot\System32\Drivers\Fastfat.SYS BAC38000 - \SystemRoot\System32\Drivers\usbaapl.sys 99117000 - \SystemRoot\system32\DRIVERS\WlanUIG.sys 990C6000 - \SystemRoot\System32\DRIVERS\gmer.sys 98F5B000 - \SystemRoot\system32\drivers\kmixer.sys AA4E0000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 139 Liste des programmes installes Adobe After Effects CS3 Adobe After Effects CS3 Adobe After Effects CS3 Presets Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe MotionPicture Color Files Adobe PDF Library Files Adobe Photoshop 7.0 Adobe Reader 8.1.0 - Français Adobe Setup Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe Video Profiles Adobe XMP DVA Panels CS3 Adobe XMP Panels CS3 AnyDVD Apple Mobile Device Support Apple Software Update Archiveur WinRAR ArcSoft Software Suite Ashampoo MP3 AudioCenter ASIO4ALL Assistant de connexion Windows Live ATI - Utilitaire de désinstallation du logiciel ATI Control Panel ATI Display Driver Avira AntiVir Personal - Free Antivirus AviSynth 2.5 AVS Video Converter 4.3.1.371 Blender (remove only) Bonjour C-Media 6501 Sound Camtasia Studio 5 CloneCD CloneDVD2 Commande ECHO désactivée. Correctif pour Windows XP (KB952287) DynDNS Updater eMule EVEREST Home Edition v2.20 ffdshow [rev 1703] [2007-12-15] FileZilla Server (remove only) FL Studio v7.0 Genesis Vst HijackThis 2.0.2 Image Line Morphine v1.1 VSTi iTunes Java 6 Update 11 Keylight 1.2v8 for After Effects CS3 Lecteur Windows Media 10 LiveBox Malwarebytes' Anti-Malware MegaStore MegaStore MeowMultiSound 1.00 Messenger Plus! Live Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Application Error Reporting Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Professional Edition 2003 Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable Mise à jour de sécurité pour Lecteur Windows Media (KB952069) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) Mise à jour de sécurité pour Windows XP (KB923789) Mise à jour de sécurité pour Windows XP (KB938464) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB946648) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB950974) Mise à jour de sécurité pour Windows XP (KB951066) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour de sécurité pour Windows XP (KB952954) Mise à jour de sécurité pour Windows XP (KB954211) Mise à jour de sécurité pour Windows XP (KB954459) Mise à jour de sécurité pour Windows XP (KB954600) Mise à jour de sécurité pour Windows XP (KB955069) Mise à jour de sécurité pour Windows XP (KB956391) Mise à jour de sécurité pour Windows XP (KB956802) Mise à jour de sécurité pour Windows XP (KB956803) Mise à jour de sécurité pour Windows XP (KB956841) Mise à jour de sécurité pour Windows XP (KB957095) Mise à jour de sécurité pour Windows XP (KB957097) Mise à jour de sécurité pour Windows XP (KB958644) Mise à jour pour Windows XP (KB951978) Mise à jour pour Windows XP (KB955839) Mozilla Firefox (3.0.5) MSn CoLoR Dégradé Namo WebEditor 5.5 Evaluation Nero 7 Demo Notepad++ NVIDIA Drivers oggcodecs 0.71.0946 Outil de téléchargement Windows Live Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) PDF To Image Converter v2.0 PDFCreator Python 2.6.1 QuickTime Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g Skype™ 3.6 Sony Media Manager 2.2 Sony Vegas 7.0 SUPER © Version 2008.bld.33 (Sep 2, 2008) SuperCopier2 ThiWeb Live 2.2 Unlocker 1.8.7 UpdateIcons VideoLAN VLC media player 0.8.6i Videora iPod Converter 4.04 WebFldrs XP Windows Internet Explorer 7 Windows Live installer Windows Live Mail Windows Live Messenger Windows Media Format Runtime Windows XP Service Pack 3 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2CDA-5998 Répertoire de C:\Program Files 27/12/2008 12:27 <REP> . 27/12/2008 12:27 <REP> .. 26/12/2008 13:45 <REP> Adobe 23/12/2008 22:10 <REP> Apple Software Update 26/12/2008 13:42 <REP> ArcSoft 18/12/2008 21:55 <REP> ASIO4ALL v2 26/12/2008 19:46 <REP> ATI Technologies 22/12/2008 10:14 <REP> Avira 24/12/2008 12:31 <REP> AviSynth 2.5 23/12/2008 22:11 <REP> Bonjour 18/12/2008 18:04 <REP> C-Media 6501 Sound 18/12/2008 17:53 <REP> ComPlus Applications 18/12/2008 21:39 <REP> DAMN NFO Viewer 18/12/2008 18:05 <REP> DIFX 18/12/2008 18:32 <REP> D-Tools 18/12/2008 21:02 <REP> DynDNS Updater 18/12/2008 19:48 <REP> Elaborate Bytes 26/12/2008 22:51 <REP> eMule 24/12/2008 12:14 <REP> eRightSoft 18/12/2008 19:01 <REP> ffdshow 27/12/2008 09:41 <REP> Fichiers communs 18/12/2008 19:55 <REP> FileZilla Server 20/12/2008 09:14 <REP> illiminable 18/12/2008 19:20 <REP> Image-Line 18/12/2008 21:50 <REP> Internet Explorer 23/12/2008 22:12 <REP> iPod 24/12/2008 00:39 <REP> IVCsoft 20/12/2008 09:14 <REP> Java 18/12/2008 18:09 <REP> Lavalys 20/12/2008 14:04 <REP> Malwarebytes' Anti-Malware 21/12/2008 14:43 <REP> MegaWorld 22/12/2008 15:19 <REP> Messenger 18/12/2008 22:03 <REP> Messenger Plus! Live 18/12/2008 17:57 <REP> microsoft frontpage 18/12/2008 18:45 <REP> Microsoft Office 18/12/2008 21:56 <REP> Microsoft SQL Server 18/12/2008 18:44 <REP> Microsoft Visual Studio 20/12/2008 17:19 <REP> Microsoft Works 18/12/2008 18:44 <REP> Microsoft.NET 22/12/2008 15:16 <REP> Movie Maker 27/12/2008 12:21 <REP> Mozilla Firefox 18/12/2008 17:53 <REP> MSN 18/12/2008 22:27 <REP> MSn CoLoR Dégradé 18/12/2008 17:53 <REP> MSN Gaming Zone 23/12/2008 08:56 <REP> MSN Messenger 20/12/2008 12:35 <REP> Namo 18/12/2008 22:29 <REP> Nero 22/12/2008 15:13 <REP> NetMeeting 20/12/2008 09:10 <REP> Notepad++ 18/12/2008 17:53 <REP> Online Services 22/12/2008 15:13 <REP> Outlook Express 21/12/2008 20:10 <REP> PDF2Image v2.0 21/12/2008 19:27 <REP> PDFCreator 23/12/2008 22:11 <REP> QuickTime 18/12/2008 18:19 <REP> SAGEM 18/12/2008 18:19 <REP> SAGEM Wi-Fi USB 802.11g 18/12/2008 17:55 <REP> Services en ligne 18/12/2008 18:32 <REP> Skype 18/12/2008 19:47 <REP> SlySoft 18/12/2008 19:46 <REP> Sony Setup 18/12/2008 19:17 <REP> Steinberg 25/12/2008 19:43 <REP> SuperCopier2 22/12/2008 17:13 <REP> The Foundry 18/12/2008 21:52 <REP> ThiWeb Live 2 19/12/2008 23:42 <REP> Trapcode 22/12/2008 10:02 <REP> trend micro 19/12/2008 23:42 36 868 uninst-3DStroke.exe 25/12/2008 09:33 <REP> Unlocker 27/12/2008 12:27 <REP> UpdateIcons 26/12/2008 17:51 <REP> VideoLAN 18/12/2008 21:54 <REP> Vstplugins 19/12/2008 23:44 <REP> Windows Live 19/12/2008 23:25 <REP> Windows Live SkyDrive 22/12/2008 15:13 <REP> Windows Media Player 22/12/2008 15:13 <REP> Windows NT 18/12/2008 21:25 <REP> WinRAR 18/12/2008 17:57 <REP> xerox 1 fichier(s) 36 868 octets 76 Rép(s) 9 426 329 600 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2CDA-5998 Répertoire de C:\Program Files\fichiers communs 27/12/2008 09:41 <REP> . 27/12/2008 09:41 <REP> .. 26/12/2008 13:45 <REP> Adobe 18/12/2008 22:40 <REP> Ahead 23/12/2008 22:12 <REP> Apple 26/12/2008 13:43 <REP> ArcSoft 24/12/2008 18:08 <REP> AVSMedia 18/12/2008 18:45 <REP> DESIGNER 18/12/2008 18:59 <REP> InstallShield 18/12/2008 19:45 <REP> Macrovision Shared 20/12/2008 17:19 <REP> Microsoft Shared 18/12/2008 17:54 <REP> MSSoap 18/12/2008 18:28 <REP> ODBC 18/12/2008 17:54 <REP> Services 18/12/2008 18:32 <REP> Skype 18/12/2008 18:28 <REP> SpeechEngines 22/12/2008 15:13 <REP> System 23/12/2008 23:51 <REP> TechSmith Shared 19/12/2008 23:14 <REP> Windows Live 0 fichier(s) 0 octets 19 Rép(s) 9 426 329 600 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2CDA-5998 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 20/12/2008 17:19 <REP> . 20/12/2008 17:19 <REP> .. 18/12/2008 18:45 <REP> 1033 20/12/2008 17:19 <REP> 1036 20/09/2005 12:33 1 293 008 MSONSEXT.DLL 22/03/2007 19:29 39 256 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 11/07/2003 02:25 80 448 PKMWS.DLL 5 fichier(s) 1 662 682 octets 4 Rép(s) 9 426 321 408 octets libres c:\Documents and Settings\Alexandre\Application Data\Sony Setup\09063B41-0916-4360-A80D-0C2A2B89D300\dotnetfx.exe c:\Documents and Settings\Alexandre\Bureau\6-11-pre-r300_xp-2k_dd_ccc_wdm_38185.exe c:\Documents and Settings\Alexandre\Bureau\catchme.exe c:\Documents and Settings\Alexandre\Bureau\HiJackThis.exe c:\Documents and Settings\Alexandre\Bureau\PDFCreator-0_9_6_setup2.exe c:\Documents and Settings\Alexandre\Bureau\SuperCopier2beta1-9.exe c:\Documents and Settings\Alexandre\Bureau\BORDEL\directx_nov2008_redist.exe c:\Documents and Settings\Alexandre\Bureau\BORDEL\internet_video_converter_fr.exe c:\Documents and Settings\Alexandre\Bureau\BORDEL\iTunesSetup.exe c:\Documents and Settings\Alexandre\Bureau\BORDEL\jxpiinstall-6u11-fcs-bin-b90-windows-i586-25_nov_2008.exe c:\Documents and Settings\Alexandre\Bureau\BORDEL\SUPERsetup.exe c:\Documents and Settings\Alexandre\Bureau\BORDEL\videora-ipod-404-setup.exe c:\Documents and Settings\Alexandre\Bureau\BORDEL\WLinstaller.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\find2.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Alexandre\Bureau\DiagHelp\tar.exe c:\Documents and Settings\Alexandre\Bureau\Utile\FileZilla\FileZilla.exe c:\Documents and Settings\Alexandre\Bureau\Utile\FileZilla\FzSFtp.exe c:\Documents and Settings\Alexandre\Bureau\Utile\FileZilla\uninstall.exe c:\Documents and Settings\Alexandre\Local Settings\Temporary Internet Files\Content.IE5\9MQZ7SHH\HiJackThis[1].exe c:\Documents and Settings\Alexandre\Mes documents\Downloads\ipod wizard v1.3\iPodWizard.exe c:\Documents and Settings\Alexandre\Mes documents\Downloads\Sonic The Hedgehog Ipod Game\Rar.exe c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.0.2.20\SetupAdmin.exe c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe c:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86\DifXInstall32.exe c:\Documents and Settings\Alexandre\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll c:\Documents and Settings\Alexandre\Application Data\Sun\Java\Deployment\cache\6.0\10\6bc65f4a-2b285df9-n\Decora-SSE.dll c:\Documents and Settings\Alexandre\Application Data\Sun\Java\Deployment\cache\6.0\11\4b13650b-4b0169e4-n\jogl.dll c:\Documents and Settings\Alexandre\Application Data\Sun\Java\Deployment\cache\6.0\11\4b13650b-4b0169e4-n\jogl_awt.dll c:\Documents and Settings\Alexandre\Application Data\Sun\Java\Deployment\cache\6.0\11\4b13650b-4b0169e4-n\jogl_cg.dll c:\Documents and Settings\Alexandre\Application Data\Sun\Java\Deployment\cache\6.0\53\5e8cbb75-3a5a591e-n\Decora-D3D.dll c:\Documents and Settings\Alexandre\Application Data\Sun\Java\Deployment\cache\6.0\55\35fdae37-1da28e78-n\jmc.dll c:\Documents and Settings\Alexandre\Application Data\Sun\Java\Deployment\cache\6.0\55\35fdae37-1da28e78-n\msvcp71.dll c:\Documents and Settings\Alexandre\Application Data\Sun\Java\Deployment\cache\6.0\55\35fdae37-1da28e78-n\msvcr71.dll c:\Documents and Settings\Alexandre\Application Data\Sun\Java\Deployment\cache\6.0\59\252441bb-6776f603-n\gluegen-rt.dll c:\Documents and Settings\Alexandre\Application Data\Sun\Java\jre1.6.0_11\lzma.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86\DIFxAPI.dll c:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86\x86\GEARAspi.dll ****** Fin du rapport DiagHelp

Bonjour et bonnes fêtes de fin d'année depuis que j'ai insallé VLC , mes associations de fichiers ont changés , c'est a dire que tous les fichiers vidéo quelque soit l'extension étaient lus par VLC . j'ai réeussi a changer l'application et sa s'ouvre bien avec mon appli favorite . Mais , j'ai des videos au format MP4 , mov , enfin tous les formats de quicktime , et j'ai , là aussi modifié l'application à demarrer . le problème c'est que sa s'ouvre bien avec quicktime ,mais ce n'est pa la bonne icone ! et comme je suis Hyper-maniac avec les icones ^^ , comment puis-je remetre les icônes comme avant (enfin le dessin )