Alesssandra

1 - Essaie en mode commande de faire un Chldsk x: /F (où 'x' est la lettre attribuée au lecteur). J'ai essayé de faire ça mais ça n'a pas marché. 2 - clic droit dans l'explorateur sur le disque externe, puis Propriétés, onglet Outils, bouton Vérifier maintenant. J'ai fait ça mais ça me dit que le disk ne peut pas être vérifié car Windows ne peut pas accéder au disk.

Désolée, c'est un portable, j'ai mis ma configuration maintenant dans ma signature. Le disque externe est un iomega/Samsung. J'ai donc suivi ton lien et téléchargé l'utilitaire Samsung mais je ne suis pas sure d'avoir réussi a lancer une analyse. L'invite de commande s'est ouverte avec ça: [AUTO DETECTION] LEGACY PRIMARY MASTER: None LEGACY PRIMARY SLAVE: None LEGACY SECONDARY MASTER: None LEGACY SECONDARY SLAVE: None RUN AUTO DETECTION AGAIN [READY] Auto-Detection was completed. To select the working drive, move cursor to the drive, and press Enter You can select SAMSUNG HDD only.

Merci pour ta réponse Notpa! Je ne sais pas exactement ce que tu veux dire par "vérifier l’état de santé du HDD" alors j'ai téléchargé "CrystalDiskInfo" et en effet, il semblerait qu'il y ait un problème. Health status= caution Et aussi tout est bleu a part "current pending sector count". Est-ce que vous pensez que cela explique le problème? Est-ce que je peux résoudre ce problème?

Bonjour a tous! Je sais que je devrais normalement mettre avant tout ma configuration, mais je ne suis pas sure que ce soit vraiment utile. J'utilise un disque dur externe depuis un an et j'en étais plutôt contente jusqu’à hier... Lorsque je l'ai branché, mon ordi me dit que je dois formater le disque dur externe pour pouvoir l'utiliser. Il ne m'avait jamais fait ça! Evidemment, je ne veux pas le formater, car j'ai plein de documents et de photos dessus que je ne veux pas perdre. Mon disque dur externe est un "plug and play" et n'a donc pas besoin de driver. Est-ce que vous pensez que je peux le refaire marcher sans le formater? Si ce n'est pas possible, est-ce que je peux faire un back-up? Merci d'avance!

Non carrement pas, quand j'ai recupere mon ordi et que j'ai vu qu'il ne marchait plus, je leur ai demande les cds et ils m'ont dit qu'ils n'y avait pas de cds avec (y'avait une boite a chaussure avec tous mes cds d'ordi dedans!!!). Je ne sais pas ce qu'ils en ont fait et je ne sais pas non plus ce qu'ils ont fait avec mon ordi, mais pour eux ce n'est pas de leur faute et je suis une menteuse... Donc, evidemment on n'est plus exactement en bons termes et si les cds d'installation sont la seule solution, je pense que je peux jeter mon ordi... Est-ce que tu penses que ca peut etre un virus? Est-ce que je devrais poster quelque chose dans la section securite?

Ha! J'ai reussi a entrer dans le mode sans echec mais je ne peux rien faire. C'est etrange, en fait il y a 2 comptes utilisateurs (ils n'en apparaissait qu'un quand je demarrais en mode normal). Il y a un compte administrateur et Alessandra. Le compte administrateur n'apparaissait pas en mode normal. J'ai choisi le compte admin mais je ne peux rien faire; au debut ca a fait pareil, messages de BDagent.exe, drwtsn32.exe, explorer.exe et quand je bouge le curseur sur "demarrer" le curseur se transforme en sablier.

Ok je vais essayer. Non, je n'ai aucun CD. J'avais laisse cet ordi avec mes anciens colocataires et quand je l'ai recupere il etait comme ca et ils avaient perdu tous les cds... Des gens tres sympas...

Salut Bleuet, J'ai XP. Je ne peux pas faire alt+F10, ca ne fait rien du tout. Quand j'ai redemaree j'ai essaye de faire F8 mais ca ne faisait rien. On m'a propose F2 pour entrer dans le set up, c'est ce que j'ai fait, j'ai choisi "upload default settings" ouquelque chose comme ca et quand windows a redemarre j'ai eu les memes messages que precedemment mais pendant un moment je pouvais acceder a mes documents mais apres tout s'est bloque a nouveau.

Salut a Tous! J'ai un ordinateur portable Acer Aspire 5100 qui est completement bloque, je ne peux plus acceder a rien. Lorsque je le demarre j'ai un message: "BDagent.exe, Lapplication n'a pas reussi a s'initialiser correctement (0xc00000005). Cliquez sur OK pour arreter l'application" Je clique sur OK, et le meme message revient une seconde fois. Je clique sur OK. Ensuite j'ai un autre message: "Explorer.exe a recontre un probleme et doit fermer..." On me propose d'envoyer un rapport, je ne l'envoie pas, et le meme message revient, je refais la meme chose. Ensuite c'est au tour de "drwtsn32.exe a rencontre un probleme, etc.", et je fais la meme chose. Ensuite c'est au tour de "ATI Graphique" qui me dit "vous n'avez pas l'autorisation de modifier les parametres de CATALYST control center. Contactez l'administrateur pour obtenir de l'aide" Ce qui est tres bizarre car l'administrateur c'est moi, il n'y a qu'un seul compte sur cet ordinateur. A partir de la le curseur se transforme en sablier et je ne peux plus acceder a rien (menu demarrer, tous les docs sur le bureau, rien!). Enfin si, je peux acceder au gestionnaire des taches en faisant ctrl + alt + sup. Par le gestionnaire des taches et avec une cle usb, j'avais reussi a acceder a mes documents et donc a recuperer quelques trucs, mais maintenant il ne me laisse meme plus faire ca. Je crois que cet ordi est devenu fou! Le probleme c'est que je ne peux meme pas acceder aux caracteristiques de mon ordi. Je pensais que je pourrais peut etre le demarrer en mode sans echec mais j'ai besoin d'aide car je ne sais pas vraiment quoi faire. Je n'ai pas essaye mais je me suis dit que peut etre je pourrais faire une analyse en mettant un programme sur une cle et essayer en mode sans echec, mais franchement, je sais pas trop de quoi je parle!!! Desolee de laisser un message si long, j'espere que quelqu'un aura le courage de le lire jusqu'au bout, et peut etre y a t'il une autre solution que de jeter mon ordinateur par la fenetre!!! Merci d'avance!

You're the best! MERCI

Mon sujet est resolu, je sais pas comment faire pour marquer qu'il est resolu J'suis vraiment une assistee, et en plus je floode...

MERCI!!!!!!!! Mais j'aimerai bien comprendre comment j'ai chope ce truc, vraiment je ne comprends pas. Je n'ai pas de logiciels P2P et je ne telecharge rien, je ne vais pas sur les sites porno, je n'ouvre pas les emails que je trouve louches, comment c'est possible? J'ai essaye de me renseigner beaucoup (en lisant notamment beaucoup de posts sur ZEBULON) pour savoir quel antivirus choisir mais tout le monde semble avoir un avis tres different sur le sujet, c'est tres frustrant, il semble que l'informatique, c'est comme une religion, il y a differentes ecoles et differentes croyances! Merci beaucoup pour les liens que tu viens de me donner, crois-moi, je vais devenir une fidele, et convertir mes amis!!! Et, en fait c'est tres rassurant de savoir que tu etais une brele (HAHA, j'adore ce mot!!!) en informatique il y a quelques annees, ca donne de l'espoir! Merci 100 000 fois. Take care Apollo Alex X

Et la, carrement, je me suis prise pour toi parceque je relance une analyse avec MBAM, BAM! et il me dit que tout va bien!

Alors... J'ai fait tout ce que tu m'as dit dans ton dernier post, TFC et vider les temps dans JAVA et tout s'est bien passe. Du coup, je me suis sentie hyper confiante, genre "j'ai tout compris" et j'ai lance un scan avec mon nouvel ami antivir, et antivir il dit que mon ordi est tout propre! Voila le log Avira AntiVir Personal Report file date: 25 May 2010 22:04 Scanning for 2158107 virus strains and unwanted programs. The program is running as an unrestricted full version. Online services are available: Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows XP Windows version : (Service Pack 3) [5.1.2600] Boot mode : Normally booted Username : SYSTEM Computer name : 6910P Version information: BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00 AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 12:37:38 AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:04 LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 18:33:04 LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 19:27:49 VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 17:37:42 VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 16:37:42 VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 11:29:03 VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 18:26:51 VBASE006.VDF : 7.10.6.83 2048 Bytes 15/04/2010 18:26:51 VBASE007.VDF : 7.10.6.84 2048 Bytes 15/04/2010 18:26:51 VBASE008.VDF : 7.10.6.85 2048 Bytes 15/04/2010 18:26:51 VBASE009.VDF : 7.10.6.86 2048 Bytes 15/04/2010 18:26:51 VBASE010.VDF : 7.10.6.87 2048 Bytes 15/04/2010 18:26:51 VBASE011.VDF : 7.10.6.88 2048 Bytes 15/04/2010 18:26:51 VBASE012.VDF : 7.10.6.89 2048 Bytes 15/04/2010 18:26:51 VBASE013.VDF : 7.10.6.90 2048 Bytes 15/04/2010 18:26:51 VBASE014.VDF : 7.10.6.123 126464 Bytes 19/04/2010 18:26:52 VBASE015.VDF : 7.10.6.152 123392 Bytes 21/04/2010 18:26:52 VBASE016.VDF : 7.10.6.178 122880 Bytes 22/04/2010 18:26:53 VBASE017.VDF : 7.10.6.206 120320 Bytes 26/04/2010 18:26:53 VBASE018.VDF : 7.10.6.232 99328 Bytes 28/04/2010 18:26:54 VBASE019.VDF : 7.10.7.2 155648 Bytes 30/04/2010 18:26:54 VBASE020.VDF : 7.10.7.26 119808 Bytes 04/05/2010 18:26:55 VBASE021.VDF : 7.10.7.51 118272 Bytes 06/05/2010 18:26:55 VBASE022.VDF : 7.10.7.75 404992 Bytes 10/05/2010 18:26:56 VBASE023.VDF : 7.10.7.100 125440 Bytes 13/05/2010 18:26:57 VBASE024.VDF : 7.10.7.119 177664 Bytes 17/05/2010 18:26:57 VBASE025.VDF : 7.10.7.139 129024 Bytes 19/05/2010 18:26:58 VBASE026.VDF : 7.10.7.157 145920 Bytes 21/05/2010 18:26:58 VBASE027.VDF : 7.10.7.158 2048 Bytes 21/05/2010 18:26:58 VBASE028.VDF : 7.10.7.159 2048 Bytes 21/05/2010 18:26:59 VBASE029.VDF : 7.10.7.160 2048 Bytes 21/05/2010 18:26:59 VBASE030.VDF : 7.10.7.161 2048 Bytes 21/05/2010 18:26:59 VBASE031.VDF : 7.10.7.170 147456 Bytes 25/05/2010 18:26:59 Engineversion : 8.2.1.242 AEVDF.DLL : 8.1.2.0 106868 Bytes 25/05/2010 18:27:10 AESCRIPT.DLL : 8.1.3.29 1343866 Bytes 25/05/2010 18:27:10 AESCN.DLL : 8.1.6.1 127347 Bytes 25/05/2010 18:27:07 AESBX.DLL : 8.1.3.1 254324 Bytes 25/05/2010 18:27:10 AERDL.DLL : 8.1.4.6 541043 Bytes 25/05/2010 18:27:06 AEPACK.DLL : 8.2.1.1 426358 Bytes 19/03/2010 12:34:51 AEOFFICE.DLL : 8.1.1.0 201081 Bytes 25/05/2010 18:27:05 AEHEUR.DLL : 8.1.1.27 2670967 Bytes 25/05/2010 18:27:05 AEHELP.DLL : 8.1.11.3 242039 Bytes 01/04/2010 16:05:25 AEGEN.DLL : 8.1.3.9 377203 Bytes 25/05/2010 18:27:02 AEEMU.DLL : 8.1.2.0 393588 Bytes 25/05/2010 18:27:01 AECORE.DLL : 8.1.15.3 192886 Bytes 25/05/2010 18:27:00 AEBB.DLL : 8.1.1.0 53618 Bytes 25/05/2010 18:27:00 AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 12:03:38 AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 12:03:35 AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 16:47:40 AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 12:35:46 AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 12:39:51 AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 12:22:13 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 09:53:30 SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 12:57:58 AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 15:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 14:41:00 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20 RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 14:14:29 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, Process scan........................: on Extended process scan...............: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Start of the scan: 25 May 2010 22:04 Starting search for hidden objects. The scan of running processes will be started Scan process 'msdtc.exe' - '40' Module(s) have been scanned Scan process 'dllhost.exe' - '61' Module(s) have been scanned Scan process 'dllhost.exe' - '45' Module(s) have been scanned Scan process 'vssvc.exe' - '48' Module(s) have been scanned Scan process 'avscan.exe' - '67' Module(s) have been scanned Scan process 'avcenter.exe' - '63' Module(s) have been scanned Scan process 'iexplore.exe' - '152' Module(s) have been scanned Scan process 'alg.exe' - '33' Module(s) have been scanned Scan process 'SbPFCl.exe' - '41' Module(s) have been scanned Scan process 'iPodService.exe' - '30' Module(s) have been scanned Scan process 'svchost.exe' - '39' Module(s) have been scanned Scan process 'SbPFSvc.exe' - '88' Module(s) have been scanned Scan process 'SbPFLnch.exe' - '13' Module(s) have been scanned Scan process 'RichVideo.exe' - '22' Module(s) have been scanned Scan process 'avshadow.exe' - '26' Module(s) have been scanned Scan process 'mdm.exe' - '18' Module(s) have been scanned Scan process 'jqs.exe' - '33' Module(s) have been scanned Scan process 'btwdins.exe' - '21' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '33' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '29' Module(s) have been scanned Scan process 'avguard.exe' - '55' Module(s) have been scanned Scan process 'BTSTAC~1.EXE' - '47' Module(s) have been scanned Scan process 'Dropbox.exe' - '54' Module(s) have been scanned Scan process 'BTTray.exe' - '49' Module(s) have been scanned Scan process 'ctfmon.exe' - '27' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '55' Module(s) have been scanned Scan process 'avgnt.exe' - '51' Module(s) have been scanned Scan process 'jusched.exe' - '21' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '68' Module(s) have been scanned Scan process 'SynTPEnh.exe' - '26' Module(s) have been scanned Scan process 'smax4pnp.exe' - '33' Module(s) have been scanned Scan process 'igfxsrvc.exe' - '23' Module(s) have been scanned Scan process 'igfxpers.exe' - '23' Module(s) have been scanned Scan process 'hkcmd.exe' - '26' Module(s) have been scanned Scan process 'svchost.exe' - '34' Module(s) have been scanned Scan process 'Explorer.EXE' - '90' Module(s) have been scanned Scan process 'sched.exe' - '45' Module(s) have been scanned Scan process 'SCardSvr.exe' - '23' Module(s) have been scanned Scan process 'spoolsv.exe' - '63' Module(s) have been scanned Scan process 'svchost.exe' - '37' Module(s) have been scanned Scan process 'svchost.exe' - '32' Module(s) have been scanned Scan process 'svchost.exe' - '169' Module(s) have been scanned Scan process 'svchost.exe' - '39' Module(s) have been scanned Scan process 'svchost.exe' - '53' Module(s) have been scanned Scan process 'lsass.exe' - '58' Module(s) have been scanned Scan process 'services.exe' - '27' Module(s) have been scanned Scan process 'winlogon.exe' - '67' Module(s) have been scanned Scan process 'csrss.exe' - '12' Module(s) have been scanned Scan process 'smss.exe' - '2' Module(s) have been scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '1618' files ). Starting the file scan: Begin scan in 'C:\' End of the scan: 25 May 2010 22:28 Used time: 23:38 Minute(s) The scan has been done completely. 7567 Scanned directories 165658 Files were scanned 0 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 0 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 165658 Files not concerned 1279 Archives were scanned 0 Warnings 0 Notes 326415 Objects were scanned with rootkit scan 0 Hidden objects were found

Oui l'Irlande et l'Ecosse mais le temps est encore pire qu'ici, je suis alle en Irlande, le ciel n'est jamais bleu, il passe par toutes les nuances de gris possibles et imaginables, mais pas de gris, c'est frustrant... Apparemment y'a encore des trucs louches sur mon ordi... Rapport de antivir Avira AntiVir Personal Report file date: 25 May 2010 20:14 Scanning for 2158107 virus strains and unwanted programs. The program is running as an unrestricted full version. Online services are available: Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows XP Windows version : (Service Pack 3) [5.1.2600] Boot mode : Normally booted Username : SYSTEM Computer name : 6910P Version information: BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00 AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 12:37:38 AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:04 LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 18:33:04 LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 19:27:49 VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 17:37:42 VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 16:37:42 VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 11:29:03 VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 18:26:51 VBASE006.VDF : 7.10.6.83 2048 Bytes 15/04/2010 18:26:51 VBASE007.VDF : 7.10.6.84 2048 Bytes 15/04/2010 18:26:51 VBASE008.VDF : 7.10.6.85 2048 Bytes 15/04/2010 18:26:51 VBASE009.VDF : 7.10.6.86 2048 Bytes 15/04/2010 18:26:51 VBASE010.VDF : 7.10.6.87 2048 Bytes 15/04/2010 18:26:51 VBASE011.VDF : 7.10.6.88 2048 Bytes 15/04/2010 18:26:51 VBASE012.VDF : 7.10.6.89 2048 Bytes 15/04/2010 18:26:51 VBASE013.VDF : 7.10.6.90 2048 Bytes 15/04/2010 18:26:51 VBASE014.VDF : 7.10.6.123 126464 Bytes 19/04/2010 18:26:52 VBASE015.VDF : 7.10.6.152 123392 Bytes 21/04/2010 18:26:52 VBASE016.VDF : 7.10.6.178 122880 Bytes 22/04/2010 18:26:53 VBASE017.VDF : 7.10.6.206 120320 Bytes 26/04/2010 18:26:53 VBASE018.VDF : 7.10.6.232 99328 Bytes 28/04/2010 18:26:54 VBASE019.VDF : 7.10.7.2 155648 Bytes 30/04/2010 18:26:54 VBASE020.VDF : 7.10.7.26 119808 Bytes 04/05/2010 18:26:55 VBASE021.VDF : 7.10.7.51 118272 Bytes 06/05/2010 18:26:55 VBASE022.VDF : 7.10.7.75 404992 Bytes 10/05/2010 18:26:56 VBASE023.VDF : 7.10.7.100 125440 Bytes 13/05/2010 18:26:57 VBASE024.VDF : 7.10.7.119 177664 Bytes 17/05/2010 18:26:57 VBASE025.VDF : 7.10.7.139 129024 Bytes 19/05/2010 18:26:58 VBASE026.VDF : 7.10.7.157 145920 Bytes 21/05/2010 18:26:58 VBASE027.VDF : 7.10.7.158 2048 Bytes 21/05/2010 18:26:58 VBASE028.VDF : 7.10.7.159 2048 Bytes 21/05/2010 18:26:59 VBASE029.VDF : 7.10.7.160 2048 Bytes 21/05/2010 18:26:59 VBASE030.VDF : 7.10.7.161 2048 Bytes 21/05/2010 18:26:59 VBASE031.VDF : 7.10.7.170 147456 Bytes 25/05/2010 18:26:59 Engineversion : 8.2.1.242 AEVDF.DLL : 8.1.2.0 106868 Bytes 25/05/2010 18:27:10 AESCRIPT.DLL : 8.1.3.29 1343866 Bytes 25/05/2010 18:27:10 AESCN.DLL : 8.1.6.1 127347 Bytes 25/05/2010 18:27:07 AESBX.DLL : 8.1.3.1 254324 Bytes 25/05/2010 18:27:10 AERDL.DLL : 8.1.4.6 541043 Bytes 25/05/2010 18:27:06 AEPACK.DLL : 8.2.1.1 426358 Bytes 19/03/2010 12:34:51 AEOFFICE.DLL : 8.1.1.0 201081 Bytes 25/05/2010 18:27:05 AEHEUR.DLL : 8.1.1.27 2670967 Bytes 25/05/2010 18:27:05 AEHELP.DLL : 8.1.11.3 242039 Bytes 01/04/2010 16:05:25 AEGEN.DLL : 8.1.3.9 377203 Bytes 25/05/2010 18:27:02 AEEMU.DLL : 8.1.2.0 393588 Bytes 25/05/2010 18:27:01 AECORE.DLL : 8.1.15.3 192886 Bytes 25/05/2010 18:27:00 AEBB.DLL : 8.1.1.0 53618 Bytes 25/05/2010 18:27:00 AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 12:03:38 AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 12:03:35 AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 16:47:40 AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 12:35:46 AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 12:39:51 AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 12:22:13 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 09:53:30 SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 12:57:58 AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 15:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 14:41:00 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20 RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 14:14:29 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, Process scan........................: on Extended process scan...............: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Start of the scan: 25 May 2010 20:14 Starting search for hidden objects. The scan of running processes will be started Scan process 'bfgclient.exe' - '94' Module(s) have been scanned Scan process 'wmiprvse.exe' - '41' Module(s) have been scanned Scan process 'dllhost.exe' - '45' Module(s) have been scanned Scan process 'vssvc.exe' - '48' Module(s) have been scanned Scan process 'avscan.exe' - '70' Module(s) have been scanned Scan process 'avcenter.exe' - '63' Module(s) have been scanned Scan process 'iexplore.exe' - '157' Module(s) have been scanned Scan process 'bfggameservices.exe' - '38' Module(s) have been scanned Scan process 'wuauclt.exe' - '38' Module(s) have been scanned Scan process 'msdtc.exe' - '40' Module(s) have been scanned Scan process 'dllhost.exe' - '61' Module(s) have been scanned Scan process 'avgnt.exe' - '51' Module(s) have been scanned Scan process 'sched.exe' - '46' Module(s) have been scanned Scan process 'avshadow.exe' - '26' Module(s) have been scanned Scan process 'avguard.exe' - '56' Module(s) have been scanned Scan process 'svchost.exe' - '34' Module(s) have been scanned Scan process 'alg.exe' - '33' Module(s) have been scanned Scan process 'iPodService.exe' - '30' Module(s) have been scanned Scan process 'svchost.exe' - '39' Module(s) have been scanned Scan process 'RichVideo.exe' - '22' Module(s) have been scanned Scan process 'mdm.exe' - '21' Module(s) have been scanned Scan process 'jqs.exe' - '33' Module(s) have been scanned Scan process 'btwdins.exe' - '21' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '33' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '29' Module(s) have been scanned Scan process 'svchost.exe' - '34' Module(s) have been scanned Scan process 'BTSTAC~1.EXE' - '49' Module(s) have been scanned Scan process 'Dropbox.exe' - '54' Module(s) have been scanned Scan process 'BTTray.exe' - '51' Module(s) have been scanned Scan process 'ctfmon.exe' - '27' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '82' Module(s) have been scanned Scan process 'ClockTraySkins.exe' - '44' Module(s) have been scanned Scan process 'jusched.exe' - '21' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '70' Module(s) have been scanned Scan process 'SynTPEnh.exe' - '28' Module(s) have been scanned Scan process 'smax4pnp.exe' - '35' Module(s) have been scanned Scan process 'igfxpers.exe' - '29' Module(s) have been scanned Scan process 'igfxsrvc.exe' - '23' Module(s) have been scanned Scan process 'hkcmd.exe' - '28' Module(s) have been scanned Scan process 'Explorer.EXE' - '142' Module(s) have been scanned Scan process 'SCardSvr.exe' - '23' Module(s) have been scanned Scan process 'spoolsv.exe' - '63' Module(s) have been scanned Scan process 'svchost.exe' - '40' Module(s) have been scanned Scan process 'svchost.exe' - '32' Module(s) have been scanned Scan process 'svchost.exe' - '176' Module(s) have been scanned Scan process 'svchost.exe' - '39' Module(s) have been scanned Scan process 'svchost.exe' - '53' Module(s) have been scanned Scan process 'lsass.exe' - '58' Module(s) have been scanned Scan process 'services.exe' - '36' Module(s) have been scanned Scan process 'winlogon.exe' - '75' Module(s) have been scanned Scan process 'csrss.exe' - '12' Module(s) have been scanned Scan process 'smss.exe' - '2' Module(s) have been scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '1613' files ). Starting the file scan: Begin scan in 'C:\' C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\AVSCAN-20100525-192716-C4AB6C79\ARKC1.tmp [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan C:\Documents and Settings\Me\Application Data\Sun\Java\Deployment\cache\6.0\33\30feb821-7006d98b [0] Archive type: ZIP [DETECTION] Contains recognition pattern of the JAVA/Agent.F.1 Java virus --> vmain.class [DETECTION] Contains recognition pattern of the JAVA/Agent.F.1 Java virus C:\System Volume Information\_restore{D043BD29-D11C-4CE6-95EB-D97181C58E2F}\RP6\A0005527.exe [DETECTION] Is the TR/Trash.Gen Trojan Beginning disinfection: C:\System Volume Information\_restore{D043BD29-D11C-4CE6-95EB-D97181C58E2F}\RP6\A0005527.exe [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '46998d17.qua'. C:\Documents and Settings\Me\Application Data\Sun\Java\Deployment\cache\6.0\33\30feb821-7006d98b [DETECTION] Contains recognition pattern of the JAVA/Agent.F.1 Java virus [NOTE] The file was moved to the quarantine directory under the name '5e40a2b0.qua'. C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\AVSCAN-20100525-192716-C4AB6C79\ARKC1.tmp [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '6a0dbc00.qua'. End of the scan: 25 May 2010 20:47 Used time: 29:48 Minute(s) The scan has been done completely. 8636 Scanned directories 174454 Files were scanned 3 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 3 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 174451 Files not concerned 1658 Archives were scanned 0 Warnings 2 Notes 330856 Objects were scanned with rootkit scan 0 Hidden objects were found

Hey salut Apollo! Ca va super bien, il a fait beau et chaud ce weekend (j'habite a Londres). Et toi ca va? Ok, je vais lancer le scan. Il a pas de parefeu antivir? Je dois utiliser celui de microsoft, c'est ca?

Salut! Je suis de retour! Alors j'ai telecharge antivr et desinstalle microsoft security essentials. Voici le rapport de antivir Avira AntiVir Personal Report file date: 25 May 2010 19:28 Scanning for 2158107 virus strains and unwanted programs. The program is running as an unrestricted full version. Online services are available: Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows XP Windows version : (Service Pack 3) [5.1.2600] Boot mode : Normally booted Username : Me Computer name : 6910P Version information: BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00 AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 12:37:38 AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:04 LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 18:33:04 LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 19:27:49 VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 17:37:42 VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 16:37:42 VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 11:29:03 VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 18:26:51 VBASE006.VDF : 7.10.6.83 2048 Bytes 15/04/2010 18:26:51 VBASE007.VDF : 7.10.6.84 2048 Bytes 15/04/2010 18:26:51 VBASE008.VDF : 7.10.6.85 2048 Bytes 15/04/2010 18:26:51 VBASE009.VDF : 7.10.6.86 2048 Bytes 15/04/2010 18:26:51 VBASE010.VDF : 7.10.6.87 2048 Bytes 15/04/2010 18:26:51 VBASE011.VDF : 7.10.6.88 2048 Bytes 15/04/2010 18:26:51 VBASE012.VDF : 7.10.6.89 2048 Bytes 15/04/2010 18:26:51 VBASE013.VDF : 7.10.6.90 2048 Bytes 15/04/2010 18:26:51 VBASE014.VDF : 7.10.6.123 126464 Bytes 19/04/2010 18:26:52 VBASE015.VDF : 7.10.6.152 123392 Bytes 21/04/2010 18:26:52 VBASE016.VDF : 7.10.6.178 122880 Bytes 22/04/2010 18:26:53 VBASE017.VDF : 7.10.6.206 120320 Bytes 26/04/2010 18:26:53 VBASE018.VDF : 7.10.6.232 99328 Bytes 28/04/2010 18:26:54 VBASE019.VDF : 7.10.7.2 155648 Bytes 30/04/2010 18:26:54 VBASE020.VDF : 7.10.7.26 119808 Bytes 04/05/2010 18:26:55 VBASE021.VDF : 7.10.7.51 118272 Bytes 06/05/2010 18:26:55 VBASE022.VDF : 7.10.7.75 404992 Bytes 10/05/2010 18:26:56 VBASE023.VDF : 7.10.7.100 125440 Bytes 13/05/2010 18:26:57 VBASE024.VDF : 7.10.7.119 177664 Bytes 17/05/2010 18:26:57 VBASE025.VDF : 7.10.7.139 129024 Bytes 19/05/2010 18:26:58 VBASE026.VDF : 7.10.7.157 145920 Bytes 21/05/2010 18:26:58 VBASE027.VDF : 7.10.7.158 2048 Bytes 21/05/2010 18:26:58 VBASE028.VDF : 7.10.7.159 2048 Bytes 21/05/2010 18:26:59 VBASE029.VDF : 7.10.7.160 2048 Bytes 21/05/2010 18:26:59 VBASE030.VDF : 7.10.7.161 2048 Bytes 21/05/2010 18:26:59 VBASE031.VDF : 7.10.7.170 147456 Bytes 25/05/2010 18:26:59 Engineversion : 8.2.1.242 AEVDF.DLL : 8.1.2.0 106868 Bytes 25/05/2010 18:27:10 AESCRIPT.DLL : 8.1.3.29 1343866 Bytes 25/05/2010 18:27:10 AESCN.DLL : 8.1.6.1 127347 Bytes 25/05/2010 18:27:07 AESBX.DLL : 8.1.3.1 254324 Bytes 25/05/2010 18:27:10 AERDL.DLL : 8.1.4.6 541043 Bytes 25/05/2010 18:27:06 AEPACK.DLL : 8.2.1.1 426358 Bytes 19/03/2010 12:34:51 AEOFFICE.DLL : 8.1.1.0 201081 Bytes 25/05/2010 18:27:05 AEHEUR.DLL : 8.1.1.27 2670967 Bytes 25/05/2010 18:27:05 AEHELP.DLL : 8.1.11.3 242039 Bytes 01/04/2010 16:05:25 AEGEN.DLL : 8.1.3.9 377203 Bytes 25/05/2010 18:27:02 AEEMU.DLL : 8.1.2.0 393588 Bytes 25/05/2010 18:27:01 AECORE.DLL : 8.1.15.3 192886 Bytes 25/05/2010 18:27:00 AEBB.DLL : 8.1.1.0 53618 Bytes 25/05/2010 18:27:00 AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 12:03:38 AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 12:03:35 AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 16:47:40 AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 12:35:46 AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 12:39:51 AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 12:22:13 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 09:53:30 SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 12:57:58 AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 15:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 14:41:00 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20 RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 14:14:29 Configuration settings for the scan: Jobname.............................: Short system scan after installation Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Process scan........................: on Scan registry.......................: on Search for rootkits.................: off Integrity checking of system files..: off Scan all files......................: Intelligent file selection Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Start of the scan: 25 May 2010 19:28 The scan of running processes will be started Scan process 'MsiExec.exe' - '1' Module(s) have been scanned Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'rsmsink.exe' - '1' Module(s) have been scanned Scan process 'msdtc.exe' - '1' Module(s) have been scanned Scan process 'setup.exe' - '1' Module(s) have been scanned Scan process 'dllhost.exe' - '1' Module(s) have been scanned Scan process 'dllhost.exe' - '1' Module(s) have been scanned Scan process 'vssvc.exe' - '1' Module(s) have been scanned Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'avconfig.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'avshadow.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'setup.exe' - '1' Module(s) have been scanned Scan process 'msiexec.exe' - '1' Module(s) have been scanned Scan process 'presetup.exe' - '1' Module(s) have been scanned Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned Scan process 'wscntfy.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'iPodService.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'RichVideo.exe' - '1' Module(s) have been scanned Scan process 'mdm.exe' - '1' Module(s) have been scanned Scan process 'jqs.exe' - '1' Module(s) have been scanned Scan process 'btwdins.exe' - '1' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'BTSTAC~1.EXE' - '1' Module(s) have been scanned Scan process 'Dropbox.exe' - '1' Module(s) have been scanned Scan process 'BTTray.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'ClockTraySkins.exe' - '1' Module(s) have been scanned Module is OK -> <C:\Program Files\Clock Tray Skins\ClockTraySkins.exe> [WARNING] The file could not be opened! Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned Scan process 'igfxpers.exe' - '1' Module(s) have been scanned Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned Scan process 'hkcmd.exe' - '1' Module(s) have been scanned Scan process 'Explorer.EXE' - '1' Module(s) have been scanned Scan process 'SCardSvr.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! Start scanning boot sectors: Starting to scan executable files (registry). The registry was scanned ( '1613' files ). End of the scan: 25 May 2010 19:29 Used time: 00:51 Minute(s) The scan has been done completely. 0 Scanned directories 2647 Files were scanned 0 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 0 Files were moved to quarantine 0 Files were renamed 1 Files cannot be scanned 2646 Files not concerned 6 Archives were scanned 1 Warnings 0 Notes

OK, merci. Oui il est tard, je commence a avoir des failles, t'as remarque! Bonne nuit et encore merci A + tard

euh non, j'avais oublie... Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4125 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22/05/2010 00:27:55 mbam-log-2010-05-22 (00-27-55).txt Type d'examen: Examen rapide Elément(s) analysé(s): 126212 Temps écoulé: 5 minute(s), 14 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 8 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{3446af26-b8d7-199b-4cfc-6fd764ca5c9f} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{4776c4dc-e894-7c06-2148-5d73cef5f905} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{3446af26-b8d7-199b-4cfc-6fd764ca5c9f} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{4776c4dc-e894-7c06-2148-5d73cef5f905} (Backdoor.Bot) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\config\systemprofile\Application Data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.

Cool, MBAM a pas foire cette fois ci! Plus que 8 fichiers infectes! La victoire est proche. Voici le rapport: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4125 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22/05/2010 00:20:32 mbam-log-2010-05-22 (00-20-32).txt Type d'examen: Examen rapide Elément(s) analysé(s): 126212 Temps écoulé: 5 minute(s), 14 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 8 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{3446af26-b8d7-199b-4cfc-6fd764ca5c9f} (Backdoor.Bot) -> No action taken. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{4776c4dc-e894-7c06-2148-5d73cef5f905} (Backdoor.Bot) -> No action taken. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{3446af26-b8d7-199b-4cfc-6fd764ca5c9f} (Backdoor.Bot) -> No action taken. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{4776c4dc-e894-7c06-2148-5d73cef5f905} (Backdoor.Bot) -> No action taken. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\config\systemprofile\Application Data\avdrn.dat (Malware.Trace) -> No action taken.

OK! Le voila le log (ca rigole pas combifix, il est pas la pour beurrer les sandwichs) ComboFix 10-05-20.A4 - Me 21/05/2010 23:46:57.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2039.1522 [GMT 1:00] Running from: c:\documents and settings\Me\Desktop\panpan.exe AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF} * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\pragmamfeklnmal.dll c:\documents and settings\All Users\Favorites\_favdata.dat c:\documents and settings\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\Data Protection.lnk c:\documents and settings\Me\Start Menu\Programs\Data Protection c:\documents and settings\Me\Start Menu\Programs\Data Protection\About.lnk c:\documents and settings\Me\Start Menu\Programs\Data Protection\Activate.lnk c:\documents and settings\Me\Start Menu\Programs\Data Protection\Buy.lnk c:\documents and settings\Me\Start Menu\Programs\Data Protection\Data Protection Support.lnk c:\documents and settings\Me\Start Menu\Programs\Data Protection\Data Protection.lnk c:\documents and settings\Me\Start Menu\Programs\Data Protection\Scan.lnk c:\documents and settings\Me\Start Menu\Programs\Data Protection\Settings.lnk c:\documents and settings\Me\Start Menu\Programs\Data Protection\Update.lnk c:\windows\PRAGMAradcdbdecy c:\windows\PRAGMAradcdbdecy\pragmabbr.dll c:\windows\PRAGMAradcdbdecy\PRAGMAc.dll c:\windows\PRAGMAradcdbdecy\PRAGMAcfg.ini c:\windows\PRAGMAradcdbdecy\PRAGMAd.sys c:\windows\PRAGMAradcdbdecy\pragmaserf.dll c:\windows\PRAGMAradcdbdecy\PRAGMAsrcr.dat c:\windows\system32\197705482.dat c:\windows\system32\actxprxyw.exe c:\windows\system32\drivers\aguyyen.sys c:\windows\system32\drivers\dsnsuf.sys c:\windows\system32\drivers\xaeytn.sys c:\windows\system32\lowsec c:\windows\system32\lowsec\local.ds c:\windows\system32\lowsec\user.ds c:\windows\system32\pragmasrcr.dat c:\windows\system32\sdra64.exe c:\windows\system32\Thumbs.db Infected copy of c:\windows\system32\DRIVERS\mouclass.sys was found and disinfected Restored copy from - Kitty had a snack . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_PRAGMAradcdbdecy -------\Legacy_PRAGMAradcdbdecy -------\Legacy_BTWDINSNETTCPPORTSHARING -------\Legacy_NTLMSSPEAPHOST -------\Legacy_SHELLHWDETECTIONSPOOLER -------\Service_btwdinsNetTcpPortSharing -------\Service_NtLmSspEapHost -------\Service_ShellHWDetectionSpooler -------\Legacy_hidjb -------\Legacy_mbeptdqk -------\Legacy_ugvdsjt -------\Service_hidjb -------\Service_mbeptdqk -------\Service_ugvdsjt ((((((((((((((((((((((((( Files Created from 2010-04-21 to 2010-05-21 ))))))))))))))))))))))))))))))) . 2010-05-21 22:43 . 2008-04-13 18:39 23040 -c--a-w- c:\windows\system32\dllcache\mouclass.sys 2010-05-21 22:43 . 2008-04-13 18:39 23040 ----a-w- c:\windows\system32\drivers\mouclass.sys 2010-05-21 21:33 . 2010-05-21 21:33 -------- d-----w- c:\documents and settings\Me\Application Data\Malwarebytes 2010-05-21 21:33 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-21 21:33 . 2010-05-21 21:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-21 21:33 . 2010-05-21 21:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-05-21 21:33 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-21 20:58 . 2010-05-21 20:59 -------- d-----w- C:\rsit 2010-05-20 23:07 . 2010-05-20 23:07 69232 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-05-20 23:07 . 2010-05-20 23:07 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2010-05-20 23:00 . 2010-05-20 23:00 23040 ----a-w- c:\windows\system32\drivers\srlgraza.sys 2010-05-20 20:54 . 2010-05-20 20:54 -------- d-----w- c:\program files\Microsoft Security Essentials 2010-05-20 20:05 . 2010-05-20 20:05 -------- d-----w- c:\documents and settings\Me\Local Settings\Application Data\Threat Expert 2010-05-20 19:56 . 2010-05-20 22:55 -------- d-----w- c:\program files\Spyware Doctor 2010-05-20 19:46 . 2010-05-21 21:23 -------- d-----w- c:\program files\Trend Micro 2010-05-20 19:46 . 2010-05-20 19:46 388096 ----a-r- c:\documents and settings\Me\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-05-17 09:37 . 2010-05-17 09:37 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe 2010-05-08 23:41 . 2010-05-17 22:05 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-05-08 23:27 . 2010-05-08 23:27 -------- d-----w- c:\program files\Advanced GIF Animator 2010-05-07 18:48 . 2010-05-07 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games 2010-05-07 18:48 . 2010-05-07 18:48 4096 ----a-w- c:\windows\d3dx.dat 2010-05-07 18:44 . 2010-05-07 18:45 -------- d-----w- c:\program files\Westward IV - All Aboard 2010-05-07 18:07 . 2010-05-07 18:07 -------- d-----w- c:\documents and settings\Me\Application Data\Oberon Games 2010-05-07 17:45 . 2010-05-07 17:45 -------- d-----w- c:\documents and settings\All Users\Application Data\GoBit Games 2010-05-02 17:40 . 2010-05-02 17:40 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache 2010-05-02 17:40 . 2010-05-02 17:40 -------- d-----w- c:\documents and settings\LocalService\Application Data\Trusteer . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-21 22:54 . 2010-03-06 14:54 -------- d-----w- c:\documents and settings\Me\Application Data\Dropbox 2010-05-21 20:16 . 2009-12-14 16:50 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-05-20 21:09 . 2009-04-09 21:43 -------- d-----w- c:\documents and settings\Me\Application Data\Vyogb 2010-05-20 21:02 . 2008-07-05 23:00 -------- d-----w- c:\program files\Common Files\Symantec Shared 2010-05-20 21:02 . 2008-07-05 23:00 -------- d-----w- c:\program files\Symantec 2010-05-20 21:02 . 2008-07-05 23:00 -------- d-----w- c:\program files\Symantec AntiVirus 2010-05-20 21:02 . 2008-07-05 23:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec 2010-05-20 20:39 . 2008-10-12 17:06 -------- d-----w- c:\documents and settings\Me\Application Data\Atyz 2010-05-20 18:31 . 2009-04-28 20:03 -------- d-----w- c:\program files\Windows Media Connect 2 2010-05-20 18:31 . 2008-07-05 23:05 -------- d-----w- c:\program files\Real Alternative 2010-05-20 18:31 . 2010-03-26 10:05 -------- d-----w- c:\program files\Oberon Media 2010-05-20 18:31 . 2008-07-05 23:05 -------- d-----w- c:\program files\QuickTime Alternative 2010-05-20 18:31 . 2008-07-05 22:45 -------- d-----w- c:\program files\Desktop Sidebar 2010-05-18 09:08 . 2010-03-06 15:00 -------- d-----w- c:\program files\Farm Mania 2 2010-05-14 02:01 . 2008-07-05 22:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-05-07 18:07 . 2010-01-04 17:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Oberon Games 2010-04-16 22:21 . 2010-04-16 22:21 -------- d-----w- c:\program files\Common Files\Java 2010-04-16 22:21 . 2010-04-16 22:21 503808 ----a-w- c:\documents and settings\Me\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-69ab1eed-n\msvcp71.dll 2010-04-16 22:21 . 2010-04-16 22:21 499712 ----a-w- c:\documents and settings\Me\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-69ab1eed-n\jmc.dll 2010-04-16 22:21 . 2010-04-16 22:21 348160 ----a-w- c:\documents and settings\Me\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-69ab1eed-n\msvcr71.dll 2010-04-16 22:21 . 2010-04-16 22:21 61440 ----a-w- c:\documents and settings\Me\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-51a9c242-n\decora-sse.dll 2010-04-16 22:21 . 2010-04-16 22:21 12800 ----a-w- c:\documents and settings\Me\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-51a9c242-n\decora-d3d.dll 2010-04-16 22:20 . 2010-04-16 22:20 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-16 22:20 . 2010-04-16 22:20 -------- d-----w- c:\program files\Java 2010-04-13 16:47 . 2010-04-13 16:47 -------- d-----w- c:\documents and settings\Me\Application Data\CasualForge 2010-04-13 16:47 . 2010-04-13 16:47 -------- d-----w- c:\documents and settings\All Users\Application Data\CasualForge 2010-04-12 08:31 . 2008-07-05 23:00 -------- d-----w- c:\program files\Google 2010-04-11 22:47 . 2010-04-11 22:47 -------- d-----w- c:\program files\Hotel Mogul 2010-04-10 19:33 . 2010-04-10 19:33 -------- d-----w- c:\program files\SopCast 2010-04-10 19:14 . 2010-01-14 20:39 -------- d-----w- c:\program files\TV Player Pro 2010-04-02 16:09 . 2010-04-02 16:08 -------- d-----w- c:\program files\iTunes 2010-04-02 16:09 . 2010-04-02 16:08 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-04-02 16:09 . 2010-04-02 16:09 -------- d-----w- c:\program files\iPod 2010-04-02 16:08 . 2009-12-31 01:27 -------- d-----w- c:\program files\Common Files\Apple 2010-04-02 16:03 . 2010-04-02 16:03 -------- d-----w- c:\program files\Bonjour 2010-04-02 16:00 . 2010-04-02 16:00 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.0.79\SetupAdmin.exe 2010-03-26 16:05 . 2010-03-26 16:04 -------- d-----w- c:\program files\Zylom Games 2010-03-26 16:04 . 2010-03-26 16:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Zylom 2010-03-26 11:21 . 2010-03-26 10:05 -------- d-----w- c:\program files\MSN Games 2010-03-26 10:06 . 2010-03-26 10:06 -------- d-----w- c:\documents and settings\Me\Application Data\Merscom 2010-03-26 10:06 . 2010-03-26 10:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Merscom 2010-03-25 18:58 . 2009-12-31 01:29 -------- d-----w- c:\documents and settings\Me\Application Data\Apple Computer 2010-03-25 18:56 . 2010-05-20 23:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\Trusteer 2010-03-21 14:43 . 2010-03-21 14:43 3085800 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\Upgrade\Unpack\bfgsetup_s1_l1.exe 2010-03-13 01:52 . 2010-03-13 01:52 552 ----a-w- c:\windows\system32\d3d8caps.dat 2010-03-11 20:50 . 2010-03-11 20:50 56532 ---ha-w- c:\windows\system32\mlfcache.dat 2010-03-10 06:15 . 2006-02-28 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-06 14:54 . 2010-03-06 14:54 89831 ----a-w- c:\documents and settings\Me\Application Data\Dropbox\bin\Uninstall.exe 2010-03-03 22:38 . 2010-03-03 22:38 390528 ----a-w- c:\windows\system32\drivers\RapportBuka.sys 2010-03-03 22:38 . 2010-03-03 22:38 390528 ----a-w- c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportBukaBroom\13897\RapportBuka.sys 2010-03-03 22:38 . 2010-03-03 22:38 249856 ----a-w- c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportBukaBroom\13897\RapportBukaBroom.dll 2010-02-26 05:10 . 2010-02-26 05:10 21979992 ----a-w- c:\documents and settings\Me\Application Data\Dropbox\bin\Dropbox.exe 2010-02-25 06:24 . 2006-02-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2006-02-28 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-21 03:08 . 2009-12-14 15:35 69232 ----a-w- c:\documents and settings\Me\Local Settings\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Me\Application Data\Dropbox\bin\DropboxExt.13.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Me\Application Data\Dropbox\bin\DropboxExt.13.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Me\Application Data\Dropbox\bin\DropboxExt.13.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="c:\program files\Clock Tray Skins\ClockTraySkins.exe" [2006-09-17 446976] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-05 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-18 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-18 162584] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-18 138008] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1040384] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-16 47392] "QuickTime Task"="c:\program files\QuickTime Alternative\qttask.exe" [2010-03-17 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-03-26 142120] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208] "Malwarebytes Anti-Malware (rootkit-scan)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Me\Start Menu\Programs\Startup\ Dropbox.lnk - c:\documents and settings\Me\Application Data\Dropbox\bin\Dropbox.exe [2010-2-26 21979992] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-2-27 581693] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Documents and Settings\\Me\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= R1 RapportBuka;RapportBuka;c:\windows\system32\drivers\RapportBuka.sys [03/03/2010 23:38 390528] R1 RapportKELL;RapportKELL;c:\program files\Trusteer\Rapport\bin\RapportKELL.sys [15/03/2010 14:47 58984] R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [15/03/2010 14:47 116328] R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [15/03/2010 14:47 779496] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [05/07/2008 23:36 36608] R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [05/07/2008 23:21 47616] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29/03/2010 22:24 136176] . Contents of the 'Scheduled Tasks' folder 2010-04-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2010-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-29 21:24] 2010-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-29 21:24] 2010-05-21 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-12-09 17:02] 2010-05-21 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 15:07] 2010-05-21 c:\windows\Tasks\User_Feed_Synchronization-{47CBA7B5-E51F-49A4-AA4B-F3853B982FC0}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.co.uk/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm . - - - - ORPHANS REMOVED - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-{FF07ECB6-AB17-668B-B840-3805FC5F861E} - c:\documents and settings\Me\Application Data\Vyogb\akepa.exe Notify-NavLogon - (no file) AddRemove-Data Protection - c:\program files\Data Protection\Pklkvqdii+`}` ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-21 23:54 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(6696) c:\windows\system32\WININET.dll c:\program files\Trusteer\Rapport\bin\rooksbas.dll c:\documents and settings\Me\Application Data\Dropbox\bin\DropboxExt.13.dll c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\ieframe.dll c:\program files\Clock Tray Skins\Clock.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Microsoft Security Essentials\MsMpEng.exe c:\windows\System32\SCardSvr.exe c:\windows\system32\igfxsrvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe c:\program files\CyberLink\Shared files\RichVideo.exe c:\windows\system32\wscntfy.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Completion time: 2010-05-21 23:58:37 - machine was rebooted ComboFix-quarantined-files.txt 2010-05-21 22:58 Pre-Run: 51,184,066,560 bytes free Post-Run: 51,576,406,016 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - AC3DB5FFA2C1CED7945822DD611C85C6

Houlalalalalalala punaise, j'ai peur, mais j'y vais. A L'ATTAAAAAQUE Adieu

Desolee on s'est croise. J'ai essaye de faire ca mais y'a rien sous rapports/logs Mais que se passe t'il? Mais qu'est-ce qu'il se passe?

Bon alors, j'ai relance MBAM en desespoir de cause! Ca a fait la meme chose, MBAM detecte 42 elements infectes. Quand il a fini, je clique sur ok mais ca ferme automatiquement le programme. Grrrrrrr! Je m'attendais a ce que cela se reproduise, donc pendant l'analyse j'ai essaye de voir ou il les trouvait (je sais pas si c'est utile mais ca fait mal aux yeux en tous cas). Je pense qu'il y en a -8 dans le registre --> HKEY local machine system -2 dans les temp -et le reste, il les a trouves a la fin quand ca dit "Analyses supplementaires d’elements dans le systeme" Je sais pas si je t'aide ou si je te floode, mais j'ai l'impression de faire quelque chose comme ca! Merci A+

Desolee Apollo mais j'ai lance le scan avec MBAM 4 fois d'affilee et a chaque, il trouve beaucoup de fichiers infectes, mais a chaque qu'il termine et qu'il me dit "L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés" Je clique sur "Ok" pour poursuivre. Et la BAM!!! MBAM se ferme automatiquement. C'est louche non?