séb59

Re J'ai préféré réinstaller directement les pilotes de ma livebox à partir du cd fournis, ca semble fonctionner normalement j'ai réinstaller Avast également car la protection résidente ne fonctionnait plus bref ca semble niquel Un très grand merci à toi pour ton aide, je vais finir de mettre à jour mon pc avec tes précédents conseils, bonne continuation à toi et toute l'equipe

Re J'ai peut etre été trop vite en disant que tout fonctionnait parfaitement, j'ai des soucis d'internet maintenant, le debit est tres faible (30ko/s alors que je suis en 8 mega) je poste ce message à partir de mon second pc relié à la meme livebox sur lequel la connection est normale, que dois-je faire? est-ce lié à un virus ou dois-je réinstaller qquechose?

Re Alors il n'y a plus d'alerte d'avast, c'est plutot bon signe, tout à l'air de bien fonctionner!! voici le dernier rapport: Malwarebytes' Anti-Malware 1.27 Version de la base de données: 1130 Windows 5.1.2600 Service Pack 2 08/09/2008 22:04:22 mbam-log-2008-09-08 (22-04-14).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 194822 Temps écoulé: 2 hour(s), 19 minute(s), 19 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 5 Valeur(s) du Registre infectée(s): 5 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken. HKEY_CLASSES_ROOT\TypeLib\{77d6ddfa-7834-4541-b2b3-a8b0fb0e3924} (Adware.BHO) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{4bd2d6c3-31dc-b947-23d0-dc52ec4f0c4c} (Adware.BHO) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{855f3b16-6d32-4fe6-8a56-bbb695989046} (Adware.BHO) -> No action taken. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{855f3b16-6d32-4fe6-8a56-bbb695989046} (Adware.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{855f3b16-6d32-4fe6-8a56-bbb695989046} (Adware.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{855f3b16-6d32-4fe6-8a56-bbb695989046} (Adware.BHO) -> No action taken. HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> No action taken. HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> No action taken. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\ICQToolbar\toolbaru.dll (Adware.BHO) -> No action taken. Juste une petite question au passage, 2 dossiers (SmitfraudFix et QooBox) se sont créés dans mon C:, que dois-je en faire?

Et voici le nouveau rapport: ComboFix 08-09-05.09 - Seb 2008-09-08 18:12:56.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.595 [GMT 2:00] Endroit: C:\Documents and Settings\Seb\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Seb\Bureau\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\tmp.reg . ((((((((((((((((((((((((((((( Fichiers créés 2008-08-08 to 2008-09-08 )))))))))))))))))))))))))))))))))))) . 2008-09-07 21:39 . 2008-09-07 21:39 <REP> d-------- C:\Virginie 2008-09-05 18:26 . 2008-09-05 18:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA 2008-09-01 14:44 . 2008-09-03 19:35 <REP> d-------- C:\Vacances2008 2008-08-26 18:53 . 2008-08-26 18:53 <REP> d-------- C:\Caro 2008-08-19 08:57 . 2008-05-01 16:31 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-08 16:08 --------- d-----w C:\Program Files\Wanadoo 2008-09-08 15:17 --------- d-----w C:\Program Files\ICQToolbar 2008-09-08 12:40 1,576,872 ----a-w C:\SmitfraudFix.exe 2008-09-05 16:29 --------- d-----w C:\Program Files\SpywareBlaster 2008-09-04 15:10 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-09-02 21:58 88,576 ----a-w C:\WINDOWS\system32\AntiXPVSTFix.exe 2008-09-02 14:51 86,528 ----a-w C:\WINDOWS\system32\VACFix.exe 2008-08-29 15:34 --------- d-----w C:\Program Files\ICQ6 2008-08-28 20:36 82,432 ----a-w C:\WINDOWS\system32\IEDFix.C.exe 2008-08-18 10:19 82,432 ----a-w C:\WINDOWS\system32\404Fix.exe 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll 2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll 2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-05-02 17:44 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2007-11-07 18:33 661 ----a-w C:\Documents and Settings\Seb\Application Data\waver_2.95.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 15360] "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 7700480] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-02-25 221184] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 86016] "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-04-13 185896] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 267048] "nwiz"="nwiz.exe" [2006-10-22 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm "vidc.yv12"= yv12vfw.dll "msacm.enc"= ITIG726.acm [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk backup=C:\WINDOWS\pss\Démarrage rapide de HP Photosmart Premier.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2006-02-19 03:41 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] --a------ 2004-02-25 18:15 454656 C:\Program Files\Logitech\Video\ISStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] --a------ 2004-02-25 18:06 212992 C:\Program Files\Logitech\Video\LogiTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] -ra------ 2001-07-09 12:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX] --a------ 2003-05-30 10:42 585728 C:\Program Files\Analog Devices\SoundMAX\SMax4.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] --a------ 2003-05-29 17:28 790528 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2007-03-14 03:43 83608 C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] --a------ 2006-03-30 16:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON] --------- 2004-10-05 17:00 61440 C:\PROGRA~1\Wanadoo\TaskBarIcon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] --------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "avast! Mail Scanner"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"= "C:\\Program Files\\THQ\\MotoGP URT 3\\motogp.exe"= "C:\\Program Files\\Soulseek\\slsk.exe"= "C:\\Rockstar Games MTA\\GTA San Andreas\\samp-server.exe"= "C:\\WINDOWS\\system32\\svchost.exe"= "C:\\Program Files\\Rockstar Games\\GTA San Andreas\\gta_sa.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "C:\\Program Files\\Microsoft Games\\Halo\\halo.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\ICQ6\\ICQ.exe"= R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040] S2 A4SII300;A4SII300;C:\WINDOWS\system32\drivers\A4SII300.SYS [ ] S3 ST330;ST330;C:\WINDOWS\system32\drivers\st330.sys [2008-01-06 30464] S3 STBUS;STBUS;C:\WINDOWS\system32\drivers\stbus.sys [2008-01-06 12672] S3 STETH;SpeedTouch Ethernet Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\steth.sys [2008-01-06 40320] *Newly Created Service* - CATCHME [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{070BD5DB-5852-935D-0807-010606020601}] C:\WINDOWS\Aim-.scr . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-08 18:16:22 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-09-08 18:18:16 ComboFix-quarantined-files.txt 2008-09-08 16:17:46 ComboFix2.txt 2008-09-08 15:13:41 Pre-Run: 6,658,215,936 octets libres Post-Run: 6,663,426,048 octets libres 170 --- E O F --- 2008-08-19 07:14:04

Re Alors voici le rapport: ComboFix 08-09-05.09 - Seb 2008-09-08 16:57:45.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.663 [GMT 2:00] Endroit: C:\Documents and Settings\Seb\Bureau\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\lphcj4nj0e909.exe C:\WINDOWS\system32\phcj4nj0e909.bmp . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_poof -------\Service_TDSSserv ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-08-08 to 2008-09-08 )))))))))))))))))))))))))))))))))))) . 2008-09-08 14:41 . 2008-09-08 14:41 3,368 --a------ C:\WINDOWS\system32\tmp.reg 2008-09-07 21:39 . 2008-09-07 21:39 <REP> d-------- C:\Virginie 2008-09-05 18:26 . 2008-09-05 18:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA 2008-09-01 14:44 . 2008-09-03 19:35 <REP> d-------- C:\Vacances2008 2008-08-26 18:53 . 2008-08-26 18:53 <REP> d-------- C:\Caro 2008-08-19 08:57 . 2008-05-01 16:31 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-08 15:07 --------- d-----w C:\Program Files\Wanadoo 2008-09-08 12:40 1,576,872 ----a-w C:\SmitfraudFix.exe 2008-09-05 16:29 --------- d-----w C:\Program Files\SpywareBlaster 2008-09-04 15:10 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-09-02 21:58 88,576 ----a-w C:\WINDOWS\system32\AntiXPVSTFix.exe 2008-09-02 14:51 86,528 ----a-w C:\WINDOWS\system32\VACFix.exe 2008-08-29 15:34 --------- d-----w C:\Program Files\ICQ6 2008-08-28 20:36 82,432 ----a-w C:\WINDOWS\system32\IEDFix.C.exe 2008-08-18 10:19 82,432 ----a-w C:\WINDOWS\system32\404Fix.exe 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll 2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll 2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-05-02 17:44 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2007-11-07 18:33 661 ----a-w C:\Documents and Settings\Seb\Application Data\waver_2.95.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 15360] "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 7700480] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-02-25 221184] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 86016] "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-04-13 185896] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 267048] "nwiz"="nwiz.exe" [2006-10-22 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm "vidc.yv12"= yv12vfw.dll "msacm.enc"= ITIG726.acm [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk backup=C:\WINDOWS\pss\Démarrage rapide de HP Photosmart Premier.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2006-02-19 03:41 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] --a------ 2004-02-25 18:15 454656 C:\Program Files\Logitech\Video\ISStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] --a------ 2004-02-25 18:06 212992 C:\Program Files\Logitech\Video\LogiTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] -ra------ 2001-07-09 12:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX] --a------ 2003-05-30 10:42 585728 C:\Program Files\Analog Devices\SoundMAX\SMax4.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] --a------ 2003-05-29 17:28 790528 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2007-03-14 03:43 83608 C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] --a------ 2006-03-30 16:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON] --------- 2004-10-05 17:00 61440 C:\PROGRA~1\Wanadoo\TaskBarIcon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] --------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "avast! Mail Scanner"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"= "C:\\Program Files\\THQ\\MotoGP URT 3\\motogp.exe"= "C:\\Program Files\\Soulseek\\slsk.exe"= "C:\\Rockstar Games MTA\\GTA San Andreas\\samp-server.exe"= "C:\\WINDOWS\\system32\\svchost.exe"= "C:\\Program Files\\Rockstar Games\\GTA San Andreas\\gta_sa.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "C:\\Program Files\\Microsoft Games\\Halo\\halo.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\ICQ6\\ICQ.exe"= R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040] S2 A4SII300;A4SII300;C:\WINDOWS\system32\drivers\A4SII300.SYS [ ] S3 ST330;ST330;C:\WINDOWS\system32\drivers\st330.sys [2008-01-06 30464] S3 STBUS;STBUS;C:\WINDOWS\system32\drivers\stbus.sys [2008-01-06 12672] S3 STETH;SpeedTouch Ethernet Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\steth.sys [2008-01-06 40320] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{070BD5DB-5852-935D-0807-010606020601}] C:\WINDOWS\Aim-.scr . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' . - - - - ORPHANS REMOVED - - - - HKLM-Run-lphcj4nj0e909 - C:\WINDOWS\system32\lphcj4nj0e909.exe HKLM-Run-inrhcn4nj0e909 - C:\Documents and Settings\Seb\Local Settings\Temp\.tt116.tmp.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-08 17:04:23 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\drivers\CDANTSRV.EXE C:\WINDOWS\system32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Inventel\Gateway\WLANCFG.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\iPod\bin\iPodService.exe . ************************************************************************** . Temps d'accomplissement: 2008-09-08 17:13:40 - machine was rebooted ComboFix-quarantined-files.txt 2008-09-08 15:13:34 Pre-Run: 6,653,042,688 octets libres Post-Run: 6,692,192,256 octets libres 203 --- E O F --- 2008-08-19 07:14:04

Merci de me consacrer un peu de ton temps Alors voila les rapports comme demandé: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:39:43, on 08/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Seb\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [lphcj4nj0e909] C:\WINDOWS\system32\lphcj4nj0e909.exe O4 - HKLM\..\Run: [inrhcn4nj0e909] C:\Documents and Settings\Seb\Local Settings\Temp\.tt116.tmp.exe /CR=E378D6B80573F693830D714814CC3DF8BD2DB9700E088EFAE3B6060190FB4DEF7D649BEC9B1A4 C6117A679301FD27547CFBA5EF625B9D5707C967BC79BCFAA81EBA1DF94F517089FCDDFF80913D612 A4E7 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe -- End of file - 9332 bytes et l'autre: SmitFraudFix v2.346 Rapport fait à 14:41:18,35, 08/09/2008 Executé à partir de C:\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Seb\Bureau\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Seb »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Seb\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Seb\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: 802.11 USB Wireless LAN Adapter #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{1DBD56E9-60B4-4894-B4FE-1042A9B97D5B}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{1DBD56E9-60B4-4894-B4FE-1042A9B97D5B}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{1DBD56E9-60B4-4894-B4FE-1042A9B97D5B}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin voila encore merci.

Salut à tous J'ai eu la désagréable surprise en rallumant mon PC un matin d'avoir des allertes dans tous les coins d'Avast qui me signalait la présence de virus, trojan etc... mon fond d'ecran d'origine à fait place à un message d'alerte spyware... bref j'ai maintenant une alerte toutes les 10min. Alors j'ai tenté une désinfection à partir d'Avast (1h30 d'analyse avant le démarrage de window) avec supression de multiples fichiers prétendu etre nocifs, Ad-ware, j'ai réalisé le Pré-Nettoyage décrit dans les sujets importants, et j'aurais voulu, si c'est possible que vous jettiez un coup d'oeil à mon rapport HijackThis puisque les alertes continues d'arrivées. Logfile of HijackThis v1.99.1 Scan saved at 11:43:37, on 08/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Inventel\Gateway\wlancfg.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\Seb\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [lphcj4nj0e909] C:\WINDOWS\system32\lphcj4nj0e909.exe O4 - HKLM\..\Run: [inrhcn4nj0e909] C:\Documents and Settings\Seb\Local Settings\Temp\.tt116.tmp.exe /CR=E378D6B80573F693830D714814CC3DF8BD2DB9700E088EFAE3B6060190FB4DEF7D649BEC9B1A4 C6117A679301FD27547CFBA5EF625B9D5707C967BC79BCFAA81EBA1DF94F517089FCDDFF80913D61 2 A4E7 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe Merci d'avance à tous ceux qui regarderons.

Salut Dsl de ne répondre que maintenant mais un gros souci est apparu en plus. Le pc se bloque tout seul des que je lui en demande un peu trop, ca fait 2 jours que je tente d'envoyer ce message mais il coupe trop rapidement. Voila un screen du rapport d'erreur j'ai tenter memtest86+ qui sur le faible tps de fonctionnement ne detecte rien, est ce lié aux infections?

Salut Voila voila j'ai suivi les étapes Encore merci de prendre de ton temps pour m'aider!! voici les rapports: --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 13:58:57 17/09/2006 + Scan result: :mozilla.143:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.150:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined). :mozilla.112:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.113:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined). :mozilla.124:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined). :mozilla.28:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). C:\Documents and Settings\Seb\Cookies\seb@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined). :mozilla.20:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). C:\Documents and Settings\Seb\Cookies\seb@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined). :mozilla.32:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined). :mozilla.19:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). C:\Documents and Settings\Seb\Cookies\seb@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined). :mozilla.41:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.42:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.43:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.44:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined). :mozilla.98:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup (quarantined). :mozilla.27:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined). :mozilla.114:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.115:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.116:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.117:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.118:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.21:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.23:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.24:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.25:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). C:\Documents and Settings\Seb\Cookies\[email protected][2].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined). :mozilla.97:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup (quarantined). :mozilla.45:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.46:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined). :mozilla.22:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). C:\Documents and Settings\Seb\Cookies\seb@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined). :mozilla.102:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined). :mozilla.62:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.63:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.64:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). :mozilla.65:C:\Documents and Settings\Seb\Application Data\Mozilla\Firefox\Profiles\exdjai58.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\Documents and Settings\Seb\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined). C:\Documents and Settings\Seb\NETVISION.exe -> Trojan.Diamin.br : Cleaned with backup (quarantined). ::Report end ***************************************************************************************************** Celui par Blacklight 06/16/07 15:33:04 [info]: BlackLight Engine 1.0.61 initialized 06/16/07 15:33:04 [info]: OS: 5.1 build 2600 (Service Pack 2) 06/16/07 15:33:04 [Note]: 7019 4 06/16/07 15:33:04 [Note]: 7005 0 06/16/07 15:33:23 [Note]: 7006 0 06/16/07 15:33:23 [Note]: 7011 1896 06/16/07 15:33:23 [Note]: 7026 0 06/16/07 15:33:23 [Note]: 7026 0 06/16/07 15:33:27 [Note]: FSRAW library version 1.7.1021 06/16/07 15:44:56 [Note]: 7007 0 ***************************************************************************************************** Logfile of HijackThis v1.99.1 Scan saved at 16:24:56, on 16/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Seb\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{EA94D13C-7705-4F7D-9F09-A46A07DAB8D1}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe Tout ce que je peux dire, c'est courage pour le déchiffrage de toutes ces lignes parce que pour moi

Re Alors j'ai respecter à la lettre les explications et voici les nouveaux rapports: SDFix: Version 1.87 Run by Seb on 15/06/2007 at 21:30 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\Seb\Bureau\SDFix Safe Mode: Checking Services: Name: Windows Log ImagePath: C:\WINDOWS\system32\nvsvcd.exe Windows Log - Deleted Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Missing Security Center Service Restoring Missing SharedAccess Service Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\DOCUME~1\Seb\LOCALS~1\Temp\15exinjs.a9.exe - Deleted C:\DOCUME~1\Seb\LOCALS~1\Temp\59exinjs.a9.exe - Deleted C:\DOCUME~1\Seb\LOCALS~1\Temp\injs.a9.exe.conf - Deleted C:\WINDOWS\system\smss.exe - Deleted Removing Temp Files... ADS Check: Checking C:\WINDOWS\ C:\WINDOWS No streams found. Checking C:\WINDOWS\system32 C:\WINDOWS\system32 No streams found. Checking C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Checking C:\WINDOWS\system32\ntoskrnl.exe C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"="C:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe:*:Enabled:speed" "C:\\CodeRED Alien Arena\\crx.exe"="C:\\CodeRED Alien Arena\\crx.exe:*:Enabled:crx" "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Ex‚cuter une DLL en tant qu'application" "C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"="C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe:*:Enabled:TmNationsESWC" "C:\\Program Files\\THQ\\MotoGP URT 3\\motogp.exe"="C:\\Program Files\\THQ\\MotoGP URT 3\\motogp.exe:*:Enabled:motogp" "C:\\Program Files\\Counter-Strike Source By The Master\\hl2.exe"="C:\\Program Files\\Counter-Strike Source By The Master\\hl2.exe:*:Enabled:hl2" "C:\\Rockstar Games MTA\\GTA San Andreas\\samp-server.exe"="C:\\Rockstar Games MTA\\GTA San Andreas\\samp-server.exe:*:Enabled:samp-server" "C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update" "C:\\Program Files\\Rockstar Games\\GTA San Andreas\\gta_sa.exe"="C:\\Program Files\\Rockstar Games\\GTA San Andreas\\gta_sa.exe:*:Enabled:gta_sa" "C:\\SIMS\\RACER\\racer.exe"="C:\\SIMS\\RACER\\racer.exe:*:Enabled:racer" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\14exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\14exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\21exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\21exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\46exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\46exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\90exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\90exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\92exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\92exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\63exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\63exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\81exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\81exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\91exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\91exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\11exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\11exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\84exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\84exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\88exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\88exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\39exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\39exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\25exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\25exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\3exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\3exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\44exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\44exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\87exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\87exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\5exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\5exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\58exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\58exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\99exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\99exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\18exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\18exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\40exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\40exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\13exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\13exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\28exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\28exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\86exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\86exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\56exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\56exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\67exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\67exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\53exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\53exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\7exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\7exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\62exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\62exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\31exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\31exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\69exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\69exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\72exinjs.a6.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\72exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\84exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\84exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\93exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\93exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\91exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\91exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\27exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\27exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\40exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\40exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\19exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\19exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\34exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\34exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\97exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\97exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\95exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\95exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\3exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\3exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\28exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\28exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\66exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\66exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\14exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\14exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\70exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\70exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\13exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\13exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\87exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\87exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\25exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\25exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\10exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\10exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\82exinjs.a7.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\82exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\70exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\70exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\95exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\95exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\87exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\87exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\8exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\8exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\93exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\93exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\20exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\20exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\18exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\18exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\67exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\67exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\89exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\89exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\47exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\47exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\79exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\79exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\59exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\59exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\74exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\74exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\56exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\56exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\88exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\88exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\43exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\43exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\13exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\13exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\5exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\5exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\15exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\15exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\55exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\55exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\30exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\30exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\10exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\10exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\71exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\71exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\84exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\84exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\78exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\78exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\68exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\68exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\81exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\81exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\37exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\37exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\46exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\46exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\53exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\53exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\57exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\57exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\96exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\96exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\63exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\63exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\83exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\83exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\66exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\66exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\11exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\11exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\92exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\92exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\17exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\17exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\94exinjs.a8.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\94exinjs.a8.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\15exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\15exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\10exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\10exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\93exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\93exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\89exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\89exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\90exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\90exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\60exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\60exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\65exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\65exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\57exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\57exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\74exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\74exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\36exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\36exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\6exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\6exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\63exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\63exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\3exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\3exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\85exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\85exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\28exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\28exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\48exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\48exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\35exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\35exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\51exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\51exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\97exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\97exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\46exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\46exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\54exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\54exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\29exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\29exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\25exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\25exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\22exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\22exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\84exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\84exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\20exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\20exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\83exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\83exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\94exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\94exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\18exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\18exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\14exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\14exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\52exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\52exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\21exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\21exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\4exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\4exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\11exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\11exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\33exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\33exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\75exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\75exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\13exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\13exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\70exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\70exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\23exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\23exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\Program Files\\ICQ6\\ICQ.exe"="C:\\Program Files\\ICQ6\\ICQ.exe:*:Enabled:ICQ6" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\76exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\76exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\16exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\16exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\7exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\7exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\50exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\50exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\77exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\77exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\5exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\5exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\66exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\66exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\53exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\53exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\41exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\41exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\79exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\79exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\49exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\49exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\73exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\73exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\2exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\2exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\31exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\31exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\86exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\86exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\19exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\19exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\92exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\92exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\45exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\45exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\91exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\91exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\30exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\30exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\27exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\27exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\78exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\78exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\81exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\81exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\37exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\37exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\47exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\47exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\1exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\1exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\88exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\88exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\9exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\9exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\87exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\87exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\38exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\38exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\61exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\61exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\68exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\68exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\40exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\40exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\67exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\67exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\64exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\64exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\26exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\26exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\72exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\72exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\99exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\99exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\39exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\39exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\58exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\58exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\42exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\42exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\59exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\59exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\8exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\8exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\96exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\96exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\56exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\56exinjs.a9.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\82exinjs.a9.exe"="C:\\DOCUME~1\\Seb\\LOCALS~1\\Temp\\82exinjs.a9.exe:*:Enabled:Microsoft Update" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files: --------------- Backups Folder: - C:\DOCUME~1\Seb\Bureau\SDFix\backups\backups.zip Listing Files with Hidden Attributes: C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp C:\Documents and Settings\Seb\Application Data\Microsoft\Word\~WRL0004.tmp Listing User Accounts: comptes d'utilisateurs de \\AAA-JW37Y6KJQ2U Administrateur ASPNET HelpAssistant Invit‚ Seb SUPPORT_388945a0 La commande s'est termin‚e correctement. Finished ********************************************************************************************************************** Suivi du nouveau rapport hijackthis 1.99.1: Logfile of HijackThis v1.99.1 Scan saved at 21:47:41, on 15/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Seb\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{EA94D13C-7705-4F7D-9F09-A46A07DAB8D1}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe ********************************************************************************************************************** Voila

Salut Merci Gof d'avoir répondu à mon appel. Alors voici le rapport hijackthis en question Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 10:15:43, on 15/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Seb\Bureau\HiJackThis_v2.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{EA94D13C-7705-4F7D-9F09-A46A07DAB8D1}: NameServer = 80.10.246.130 80.10.246.3 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 9328 bytes Alors pauvre de moi, malgrés un cruel manque de connaissance en la matière j'ai essayer de trouver les lignes non conformes Peut etre celle ci: O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w

Salut Alors voila, j'ai un petit souci d'infection sur mon pc, je m'explique: Au démarrage d'internet, d'MSN, de jeu en réseau type MTA, etc.. des alertes de mon antivirus Avast apparaissent. La zone d'infection est toujours la meme: C:\Documents and Settings\Seb\Local Settings\Temp , il s'agit de fichiers temporaires dans un premier temps qui deviennent des .exe par je ne sais quel processus (mes connaissances en informatique sont faibles). La plupart du temps je désactive ces .exe à partir du gestionnaire des taches de Windows (alt Gr/ Ctrl/ Suppr) et je les supprimes ensuite. Voici un screen de mon dossier Temp, plus parlant que mes mots: Les effets engendrés par ces virus sont divers: -Souci de connection, lenteur dans la navigation internet, coupure msn -Redémarrage intempestif du pc -Alerte Avast incessante -Désactivation des autres processus... au final c'est très perturbant J'ai tenter une analyse complete avec Avast, Ad-Aware SE Personal, et SpywareBlaster sans succès, j'imagine qu'un fichier plus profondement caché permet à ces virus de s'installer dans mon dossier Temp Pour vérifier ceci je suppose qu'une analyse "HijackThis" s'impose donc si quelqu'un peut m'aider qu'il le dise et je posterai un rapport complet ou toutes autres choses permettant de résoudre mon probleme Merci d'avance.

Salut Oula je n'ai aucun mérite, sans tes explications je n'y serais jamais parvenu, donc un très grand merci Alors visiblement non, je me suis servi d'internet explorer sans probleme, msn se connecte bien, et svchost.exe semble etre calmé, donc plutot des bons signes J'ai une question, lors de cette étape: je desactive Window log, dois-je le reactiver?

Re Alors voila le nouveau scan en entier: Voila ce coup ci il indique 0 virus

Re Alors voici l'analyse en ligne: