lea38

désolée, fausse manip' Donc je disais que j'ai desinstallé, reinstallé, puis re desinstallé avast et ad aware (peut être à tort) tout à l'heure quand ça marchait plus... Allez je met au boulot

Ca va être compliqué pour ne pas surfer tant que c'est pas reglé, car je n'ai qu'un pc, celui ci....Et pour Avast et

merci, t'inquiètes je patiente en parcourant le forum de malekalmorte sur avast, ad aware ...etc....j'm'endormirai moins bête ce soir... @ tout'

Re Voici le rapport : ComboFix 08-12-18.01 - emily 2008-12-18 23:03:36.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.447.181 [GMT 1:00] Lancé depuis: d:\documents and settings\emily\Bureau\lea38.exe * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\apps\skype\phone\Skype.exe c:\windows\system32\ban_list.txt c:\windows\system32\mdelk.exe c:\windows\system32\wintems.exe d:\documents and settings\emily\Application Data\drivers\downld d:\documents and settings\emily\Application Data\drivers\downld\100062.exe d:\documents and settings\emily\Application Data\drivers\downld\100265.exe d:\documents and settings\emily\Application Data\drivers\downld\102031.exe d:\documents and settings\emily\Application Data\drivers\downld\102687.exe d:\documents and settings\emily\Application Data\drivers\downld\102796.exe d:\documents and settings\emily\Application Data\drivers\downld\108296.exe d:\documents and settings\emily\Application Data\drivers\downld\109062.exe d:\documents and settings\emily\Application Data\drivers\downld\109312.exe d:\documents and settings\emily\Application Data\drivers\downld\109359.exe d:\documents and settings\emily\Application Data\drivers\downld\110671.exe d:\documents and settings\emily\Application Data\drivers\downld\111125.exe d:\documents and settings\emily\Application Data\drivers\downld\111203.exe d:\documents and settings\emily\Application Data\drivers\downld\112562.exe d:\documents and settings\emily\Application Data\drivers\downld\113125.exe d:\documents and settings\emily\Application Data\drivers\downld\113312.exe d:\documents and settings\emily\Application Data\drivers\downld\114703.exe d:\documents and settings\emily\Application Data\drivers\downld\115031.exe d:\documents and settings\emily\Application Data\drivers\downld\115609.exe d:\documents and settings\emily\Application Data\drivers\downld\117500.exe d:\documents and settings\emily\Application Data\drivers\downld\118156.exe d:\documents and settings\emily\Application Data\drivers\downld\118343.exe d:\documents and settings\emily\Application Data\drivers\downld\119343.exe d:\documents and settings\emily\Application Data\drivers\downld\120187.exe d:\documents and settings\emily\Application Data\drivers\downld\120484.exe d:\documents and settings\emily\Application Data\drivers\downld\120687.exe d:\documents and settings\emily\Application Data\drivers\downld\120890.exe d:\documents and settings\emily\Application Data\drivers\downld\121265.exe d:\documents and settings\emily\Application Data\drivers\downld\123843.exe d:\documents and settings\emily\Application Data\drivers\downld\125203.exe d:\documents and settings\emily\Application Data\drivers\downld\125734.exe d:\documents and settings\emily\Application Data\drivers\downld\126328.exe d:\documents and settings\emily\Application Data\drivers\downld\127250.exe d:\documents and settings\emily\Application Data\drivers\downld\127781.exe d:\documents and settings\emily\Application Data\drivers\downld\128000.exe d:\documents and settings\emily\Application Data\drivers\downld\130500.exe d:\documents and settings\emily\Application Data\drivers\downld\131171.exe d:\documents and settings\emily\Application Data\drivers\downld\131500.exe d:\documents and settings\emily\Application Data\drivers\downld\139125.exe d:\documents and settings\emily\Application Data\drivers\downld\139343.exe d:\documents and settings\emily\Application Data\drivers\downld\142484.exe d:\documents and settings\emily\Application Data\drivers\downld\142859.exe d:\documents and settings\emily\Application Data\drivers\downld\143343.exe d:\documents and settings\emily\Application Data\drivers\downld\143375.exe d:\documents and settings\emily\Application Data\drivers\downld\143906.exe d:\documents and settings\emily\Application Data\drivers\downld\143937.exe d:\documents and settings\emily\Application Data\drivers\downld\143968.exe d:\documents and settings\emily\Application Data\drivers\downld\146234.exe d:\documents and settings\emily\Application Data\drivers\downld\146937.exe d:\documents and settings\emily\Application Data\drivers\downld\14718093.exe d:\documents and settings\emily\Application Data\drivers\downld\14718359.exe d:\documents and settings\emily\Application Data\drivers\downld\14718375.exe d:\documents and settings\emily\Application Data\drivers\downld\14723875.exe d:\documents and settings\emily\Application Data\drivers\downld\147250.exe d:\documents and settings\emily\Application Data\drivers\downld\14732703.exe d:\documents and settings\emily\Application Data\drivers\downld\14734281.exe d:\documents and settings\emily\Application Data\drivers\downld\14734687.exe d:\documents and settings\emily\Application Data\drivers\downld\147703.exe d:\documents and settings\emily\Application Data\drivers\downld\147765.exe d:\documents and settings\emily\Application Data\drivers\downld\14776656.exe d:\documents and settings\emily\Application Data\drivers\downld\14777296.exe d:\documents and settings\emily\Application Data\drivers\downld\14777750.exe d:\documents and settings\emily\Application Data\drivers\downld\14795062.exe d:\documents and settings\emily\Application Data\drivers\downld\148046.exe d:\documents and settings\emily\Application Data\drivers\downld\14812890.exe d:\documents and settings\emily\Application Data\drivers\downld\14812953.exe d:\documents and settings\emily\Application Data\drivers\downld\14812968.exe d:\documents and settings\emily\Application Data\drivers\downld\14827859.exe d:\documents and settings\emily\Application Data\drivers\downld\14828062.exe d:\documents and settings\emily\Application Data\drivers\downld\14828109.exe d:\documents and settings\emily\Application Data\drivers\downld\14845781.exe d:\documents and settings\emily\Application Data\drivers\downld\14847406.exe d:\documents and settings\emily\Application Data\drivers\downld\14848187.exe d:\documents and settings\emily\Application Data\drivers\downld\14849046.exe d:\documents and settings\emily\Application Data\drivers\downld\14849781.exe d:\documents and settings\emily\Application Data\drivers\downld\14850671.exe d:\documents and settings\emily\Application Data\drivers\downld\14866031.exe d:\documents and settings\emily\Application Data\drivers\downld\14866640.exe d:\documents and settings\emily\Application Data\drivers\downld\14866953.exe d:\documents and settings\emily\Application Data\drivers\downld\148796.exe d:\documents and settings\emily\Application Data\drivers\downld\148921.exe d:\documents and settings\emily\Application Data\drivers\downld\14926859.exe d:\documents and settings\emily\Application Data\drivers\downld\14933156.exe d:\documents and settings\emily\Application Data\drivers\downld\14934328.exe d:\documents and settings\emily\Application Data\drivers\downld\14935046.exe d:\documents and settings\emily\Application Data\drivers\downld\14970437.exe d:\documents and settings\emily\Application Data\drivers\downld\14971828.exe d:\documents and settings\emily\Application Data\drivers\downld\14972234.exe d:\documents and settings\emily\Application Data\drivers\downld\151828.exe d:\documents and settings\emily\Application Data\drivers\downld\151921.exe d:\documents and settings\emily\Application Data\drivers\downld\153140.exe d:\documents and settings\emily\Application Data\drivers\downld\153171.exe d:\documents and settings\emily\Application Data\drivers\downld\153531.exe d:\documents and settings\emily\Application Data\drivers\downld\153656.exe d:\documents and settings\emily\Application Data\drivers\downld\153843.exe d:\documents and settings\emily\Application Data\drivers\downld\153890.exe d:\documents and settings\emily\Application Data\drivers\downld\156156.exe d:\documents and settings\emily\Application Data\drivers\downld\156687.exe d:\documents and settings\emily\Application Data\drivers\downld\157171.exe d:\documents and settings\emily\Application Data\drivers\downld\158468.exe d:\documents and settings\emily\Application Data\drivers\downld\159406.exe d:\documents and settings\emily\Application Data\drivers\downld\159812.exe d:\documents and settings\emily\Application Data\drivers\downld\160968.exe d:\documents and settings\emily\Application Data\drivers\downld\161000.exe d:\documents and settings\emily\Application Data\drivers\downld\161031.exe d:\documents and settings\emily\Application Data\drivers\downld\161140.exe d:\documents and settings\emily\Application Data\drivers\downld\161671.exe d:\documents and settings\emily\Application Data\drivers\downld\162156.exe d:\documents and settings\emily\Application Data\drivers\downld\162671.exe d:\documents and settings\emily\Application Data\drivers\downld\162718.exe d:\documents and settings\emily\Application Data\drivers\downld\163281.exe d:\documents and settings\emily\Application Data\drivers\downld\163765.exe d:\documents and settings\emily\Application Data\drivers\downld\163796.exe d:\documents and settings\emily\Application Data\drivers\downld\164281.exe d:\documents and settings\emily\Application Data\drivers\downld\164296.exe d:\documents and settings\emily\Application Data\drivers\downld\165375.exe d:\documents and settings\emily\Application Data\drivers\downld\165406.exe d:\documents and settings\emily\Application Data\drivers\downld\166250.exe d:\documents and settings\emily\Application Data\drivers\downld\166484.exe d:\documents and settings\emily\Application Data\drivers\downld\166968.exe d:\documents and settings\emily\Application Data\drivers\downld\167578.exe d:\documents and settings\emily\Application Data\drivers\downld\167687.exe d:\documents and settings\emily\Application Data\drivers\downld\167812.exe d:\documents and settings\emily\Application Data\drivers\downld\167968.exe d:\documents and settings\emily\Application Data\drivers\downld\169031.exe d:\documents and settings\emily\Application Data\drivers\downld\169046.exe d:\documents and settings\emily\Application Data\drivers\downld\170000.exe d:\documents and settings\emily\Application Data\drivers\downld\170734.exe d:\documents and settings\emily\Application Data\drivers\downld\170765.exe d:\documents and settings\emily\Application Data\drivers\downld\171406.exe d:\documents and settings\emily\Application Data\drivers\downld\171484.exe d:\documents and settings\emily\Application Data\drivers\downld\171625.exe d:\documents and settings\emily\Application Data\drivers\downld\171703.exe d:\documents and settings\emily\Application Data\drivers\downld\171843.exe d:\documents and settings\emily\Application Data\drivers\downld\172031.exe d:\documents and settings\emily\Application Data\drivers\downld\172890.exe d:\documents and settings\emily\Application Data\drivers\downld\173000.exe d:\documents and settings\emily\Application Data\drivers\downld\173187.exe d:\documents and settings\emily\Application Data\drivers\downld\173234.exe d:\documents and settings\emily\Application Data\drivers\downld\173484.exe d:\documents and settings\emily\Application Data\drivers\downld\174109.exe d:\documents and settings\emily\Application Data\drivers\downld\175171.exe d:\documents and settings\emily\Application Data\drivers\downld\175750.exe d:\documents and settings\emily\Application Data\drivers\downld\176015.exe d:\documents and settings\emily\Application Data\drivers\downld\176984.exe d:\documents and settings\emily\Application Data\drivers\downld\177375.exe d:\documents and settings\emily\Application Data\drivers\downld\178828.exe d:\documents and settings\emily\Application Data\drivers\downld\180484.exe d:\documents and settings\emily\Application Data\drivers\downld\182218.exe d:\documents and settings\emily\Application Data\drivers\downld\182328.exe d:\documents and settings\emily\Application Data\drivers\downld\183218.exe d:\documents and settings\emily\Application Data\drivers\downld\183437.exe d:\documents and settings\emily\Application Data\drivers\downld\183687.exe d:\documents and settings\emily\Application Data\drivers\downld\183828.exe d:\documents and settings\emily\Application Data\drivers\downld\184000.exe d:\documents and settings\emily\Application Data\drivers\downld\184203.exe d:\documents and settings\emily\Application Data\drivers\downld\184421.exe d:\documents and settings\emily\Application Data\drivers\downld\184515.exe d:\documents and settings\emily\Application Data\drivers\downld\185015.exe d:\documents and settings\emily\Application Data\drivers\downld\185390.exe d:\documents and settings\emily\Application Data\drivers\downld\185453.exe d:\documents and settings\emily\Application Data\drivers\downld\185718.exe d:\documents and settings\emily\Application Data\drivers\downld\185781.exe d:\documents and settings\emily\Application Data\drivers\downld\186015.exe d:\documents and settings\emily\Application Data\drivers\downld\186031.exe d:\documents and settings\emily\Application Data\drivers\downld\186125.exe d:\documents and settings\emily\Application Data\drivers\downld\186218.exe d:\documents and settings\emily\Application Data\drivers\downld\186312.exe d:\documents and settings\emily\Application Data\drivers\downld\186546.exe d:\documents and settings\emily\Application Data\drivers\downld\186562.exe d:\documents and settings\emily\Application Data\drivers\downld\186718.exe d:\documents and settings\emily\Application Data\drivers\downld\187281.exe d:\documents and settings\emily\Application Data\drivers\downld\187812.exe d:\documents and settings\emily\Application Data\drivers\downld\188078.exe d:\documents and settings\emily\Application Data\drivers\downld\188875.exe d:\documents and settings\emily\Application Data\drivers\downld\193656.exe d:\documents and settings\emily\Application Data\drivers\downld\193781.exe d:\documents and settings\emily\Application Data\drivers\downld\194453.exe d:\documents and settings\emily\Application Data\drivers\downld\194906.exe d:\documents and settings\emily\Application Data\drivers\downld\195015.exe d:\documents and settings\emily\Application Data\drivers\downld\195187.exe d:\documents and settings\emily\Application Data\drivers\downld\195343.exe d:\documents and settings\emily\Application Data\drivers\downld\195953.exe d:\documents and settings\emily\Application Data\drivers\downld\196250.exe d:\documents and settings\emily\Application Data\drivers\downld\198093.exe d:\documents and settings\emily\Application Data\drivers\downld\198421.exe d:\documents and settings\emily\Application Data\drivers\downld\198593.exe d:\documents and settings\emily\Application Data\drivers\downld\199078.exe d:\documents and settings\emily\Application Data\drivers\downld\199234.exe d:\documents and settings\emily\Application Data\drivers\downld\199500.exe d:\documents and settings\emily\Application Data\drivers\downld\200187.exe d:\documents and settings\emily\Application Data\drivers\downld\200328.exe d:\documents and settings\emily\Application Data\drivers\downld\200406.exe d:\documents and settings\emily\Application Data\drivers\downld\200531.exe d:\documents and settings\emily\Application Data\drivers\downld\201062.exe d:\documents and settings\emily\Application Data\drivers\downld\201328.exe d:\documents and settings\emily\Application Data\drivers\downld\201546.exe d:\documents and settings\emily\Application Data\drivers\downld\201578.exe d:\documents and settings\emily\Application Data\drivers\downld\201953.exe d:\documents and settings\emily\Application Data\drivers\downld\202218.exe d:\documents and settings\emily\Application Data\drivers\downld\202656.exe d:\documents and settings\emily\Application Data\drivers\downld\202671.exe d:\documents and settings\emily\Application Data\drivers\downld\202875.exe d:\documents and settings\emily\Application Data\drivers\downld\203000.exe d:\documents and settings\emily\Application Data\drivers\downld\203390.exe d:\documents and settings\emily\Application Data\drivers\downld\203531.exe d:\documents and settings\emily\Application Data\drivers\downld\203734.exe d:\documents and settings\emily\Application Data\drivers\downld\203828.exe d:\documents and settings\emily\Application Data\drivers\downld\204031.exe d:\documents and settings\emily\Application Data\drivers\downld\204656.exe d:\documents and settings\emily\Application Data\drivers\downld\204906.exe d:\documents and settings\emily\Application Data\drivers\downld\205140.exe d:\documents and settings\emily\Application Data\drivers\downld\205531.exe d:\documents and settings\emily\Application Data\drivers\downld\205703.exe d:\documents and settings\emily\Application Data\drivers\downld\206125.exe d:\documents and settings\emily\Application Data\drivers\downld\206250.exe d:\documents and settings\emily\Application Data\drivers\downld\210734.exe d:\documents and settings\emily\Application Data\drivers\downld\211718.exe d:\documents and settings\emily\Application Data\drivers\downld\212468.exe d:\documents and settings\emily\Application Data\drivers\downld\213812.exe d:\documents and settings\emily\Application Data\drivers\downld\219796.exe d:\documents and settings\emily\Application Data\drivers\downld\220359.exe d:\documents and settings\emily\Application Data\drivers\downld\221000.exe d:\documents and settings\emily\Application Data\drivers\downld\224375.exe d:\documents and settings\emily\Application Data\drivers\downld\225375.exe d:\documents and settings\emily\Application Data\drivers\downld\225390.exe d:\documents and settings\emily\Application Data\drivers\downld\225437.exe d:\documents and settings\emily\Application Data\drivers\downld\225781.exe d:\documents and settings\emily\Application Data\drivers\downld\225890.exe d:\documents and settings\emily\Application Data\drivers\downld\226031.exe d:\documents and settings\emily\Application Data\drivers\downld\226312.exe d:\documents and settings\emily\Application Data\drivers\downld\226328.exe d:\documents and settings\emily\Application Data\drivers\downld\227000.exe d:\documents and settings\emily\Application Data\drivers\downld\227015.exe d:\documents and settings\emily\Application Data\drivers\downld\227234.exe d:\documents and settings\emily\Application Data\drivers\downld\227515.exe d:\documents and settings\emily\Application Data\drivers\downld\228109.exe d:\documents and settings\emily\Application Data\drivers\downld\228171.exe d:\documents and settings\emily\Application Data\drivers\downld\228453.exe d:\documents and settings\emily\Application Data\drivers\downld\229296.exe d:\documents and settings\emily\Application Data\drivers\downld\229781.exe d:\documents and settings\emily\Application Data\drivers\downld\230375.exe d:\documents and settings\emily\Application Data\drivers\downld\230515.exe d:\documents and settings\emily\Application Data\drivers\downld\230937.exe d:\documents and settings\emily\Application Data\drivers\downld\231250.exe d:\documents and settings\emily\Application Data\drivers\downld\232125.exe d:\documents and settings\emily\Application Data\drivers\downld\234453.exe d:\documents and settings\emily\Application Data\drivers\downld\235281.exe d:\documents and settings\emily\Application Data\drivers\downld\235296.exe d:\documents and settings\emily\Application Data\drivers\downld\239312.exe d:\documents and settings\emily\Application Data\drivers\downld\240531.exe d:\documents and settings\emily\Application Data\drivers\downld\240984.exe d:\documents and settings\emily\Application Data\drivers\downld\241390.exe d:\documents and settings\emily\Application Data\drivers\downld\241453.exe d:\documents and settings\emily\Application Data\drivers\downld\241640.exe d:\documents and settings\emily\Application Data\drivers\downld\243000.exe d:\documents and settings\emily\Application Data\drivers\downld\243093.exe d:\documents and settings\emily\Application Data\drivers\downld\243859.exe d:\documents and settings\emily\Application Data\drivers\downld\243953.exe d:\documents and settings\emily\Application Data\drivers\downld\248796.exe d:\documents and settings\emily\Application Data\drivers\downld\249312.exe d:\documents and settings\emily\Application Data\drivers\downld\249328.exe d:\documents and settings\emily\Application Data\drivers\downld\252906.exe d:\documents and settings\emily\Application Data\drivers\downld\253406.exe d:\documents and settings\emily\Application Data\drivers\downld\253890.exe d:\documents and settings\emily\Application Data\drivers\downld\256281.exe d:\documents and settings\emily\Application Data\drivers\downld\256968.exe d:\documents and settings\emily\Application Data\drivers\downld\257140.exe d:\documents and settings\emily\Application Data\drivers\downld\257265.exe d:\documents and settings\emily\Application Data\drivers\downld\257828.exe d:\documents and settings\emily\Application Data\drivers\downld\259187.exe d:\documents and settings\emily\Application Data\drivers\downld\259203.exe d:\documents and settings\emily\Application Data\drivers\downld\260093.exe d:\documents and settings\emily\Application Data\drivers\downld\260109.exe d:\documents and settings\emily\Application Data\drivers\downld\260984.exe d:\documents and settings\emily\Application Data\drivers\downld\261109.exe d:\documents and settings\emily\Application Data\drivers\downld\261140.exe d:\documents and settings\emily\Application Data\drivers\downld\262015.exe d:\documents and settings\emily\Application Data\drivers\downld\262062.exe d:\documents and settings\emily\Application Data\drivers\downld\262609.exe d:\documents and settings\emily\Application Data\drivers\downld\262687.exe d:\documents and settings\emily\Application Data\drivers\downld\262765.exe d:\documents and settings\emily\Application Data\drivers\downld\263078.exe d:\documents and settings\emily\Application Data\drivers\downld\263718.exe d:\documents and settings\emily\Application Data\drivers\downld\264359.exe d:\documents and settings\emily\Application Data\drivers\downld\264765.exe d:\documents and settings\emily\Application Data\drivers\downld\268593.exe d:\documents and settings\emily\Application Data\drivers\downld\272390.exe d:\documents and settings\emily\Application Data\drivers\downld\273718.exe d:\documents and settings\emily\Application Data\drivers\downld\274109.exe d:\documents and settings\emily\Application Data\drivers\downld\274296.exe d:\documents and settings\emily\Application Data\drivers\downld\275312.exe d:\documents and settings\emily\Application Data\drivers\downld\276250.exe d:\documents and settings\emily\Application Data\drivers\downld\276968.exe d:\documents and settings\emily\Application Data\drivers\downld\280031.exe d:\documents and settings\emily\Application Data\drivers\downld\284171.exe d:\documents and settings\emily\Application Data\drivers\downld\284375.exe d:\documents and settings\emily\Application Data\drivers\downld\284718.exe d:\documents and settings\emily\Application Data\drivers\downld\284921.exe d:\documents and settings\emily\Application Data\drivers\downld\285156.exe d:\documents and settings\emily\Application Data\drivers\downld\285187.exe d:\documents and settings\emily\Application Data\drivers\downld\285281.exe d:\documents and settings\emily\Application Data\drivers\downld\285500.exe d:\documents and settings\emily\Application Data\drivers\downld\286296.exe d:\documents and settings\emily\Application Data\drivers\downld\286718.exe d:\documents and settings\emily\Application Data\drivers\downld\287312.exe d:\documents and settings\emily\Application Data\drivers\downld\287328.exe d:\documents and settings\emily\Application Data\drivers\downld\288406.exe d:\documents and settings\emily\Application Data\drivers\downld\288703.exe d:\documents and settings\emily\Application Data\drivers\downld\288984.exe d:\documents and settings\emily\Application Data\drivers\downld\289343.exe d:\documents and settings\emily\Application Data\drivers\downld\289375.exe d:\documents and settings\emily\Application Data\drivers\downld\289656.exe d:\documents and settings\emily\Application Data\drivers\downld\291218.exe d:\documents and settings\emily\Application Data\drivers\downld\291515.exe d:\documents and settings\emily\Application Data\drivers\downld\292390.exe d:\documents and settings\emily\Application Data\drivers\downld\298359.exe d:\documents and settings\emily\Application Data\drivers\downld\298734.exe d:\documents and settings\emily\Application Data\drivers\downld\299078.exe d:\documents and settings\emily\Application Data\drivers\downld\299390.exe d:\documents and settings\emily\Application Data\drivers\downld\299812.exe d:\documents and settings\emily\Application Data\drivers\downld\307359.exe d:\documents and settings\emily\Application Data\drivers\downld\311015.exe d:\documents and settings\emily\Application Data\drivers\downld\311875.exe d:\documents and settings\emily\Application Data\drivers\downld\312218.exe d:\documents and settings\emily\Application Data\drivers\downld\312765.exe d:\documents and settings\emily\Application Data\drivers\downld\314421.exe d:\documents and settings\emily\Application Data\drivers\downld\315484.exe d:\documents and settings\emily\Application Data\drivers\downld\315859.exe d:\documents and settings\emily\Application Data\drivers\downld\318390.exe d:\documents and settings\emily\Application Data\drivers\downld\319937.exe d:\documents and settings\emily\Application Data\drivers\downld\320281.exe d:\documents and settings\emily\Application Data\drivers\downld\321921.exe d:\documents and settings\emily\Application Data\drivers\downld\322531.exe d:\documents and settings\emily\Application Data\drivers\downld\323640.exe d:\documents and settings\emily\Application Data\drivers\downld\323843.exe d:\documents and settings\emily\Application Data\drivers\downld\324078.exe d:\documents and settings\emily\Application Data\drivers\downld\324546.exe d:\documents and settings\emily\Application Data\drivers\downld\328000.exe d:\documents and settings\emily\Application Data\drivers\downld\329250.exe d:\documents and settings\emily\Application Data\drivers\downld\329734.exe d:\documents and settings\emily\Application Data\drivers\downld\330828.exe d:\documents and settings\emily\Application Data\drivers\downld\331953.exe d:\documents and settings\emily\Application Data\drivers\downld\332296.exe d:\documents and settings\emily\Application Data\drivers\downld\343000.exe d:\documents and settings\emily\Application Data\drivers\downld\344750.exe d:\documents and settings\emily\Application Data\drivers\downld\345546.exe d:\documents and settings\emily\Application Data\drivers\downld\346015.exe d:\documents and settings\emily\Application Data\drivers\downld\346984.exe d:\documents and settings\emily\Application Data\drivers\downld\347359.exe d:\documents and settings\emily\Application Data\drivers\downld\348734.exe d:\documents and settings\emily\Application Data\drivers\downld\349015.exe d:\documents and settings\emily\Application Data\drivers\downld\349937.exe d:\documents and settings\emily\Application Data\drivers\downld\351500.exe d:\documents and settings\emily\Application Data\drivers\downld\351687.exe d:\documents and settings\emily\Application Data\drivers\downld\355687.exe d:\documents and settings\emily\Application Data\drivers\downld\357921.exe d:\documents and settings\emily\Application Data\drivers\downld\359671.exe d:\documents and settings\emily\Application Data\drivers\downld\360078.exe d:\documents and settings\emily\Application Data\drivers\downld\360312.exe d:\documents and settings\emily\Application Data\drivers\downld\360671.exe d:\documents and settings\emily\Application Data\drivers\downld\361453.exe d:\documents and settings\emily\Application Data\drivers\downld\361703.exe d:\documents and settings\emily\Application Data\drivers\downld\361890.exe d:\documents and settings\emily\Application Data\drivers\downld\362187.exe d:\documents and settings\emily\Application Data\drivers\downld\364046.exe d:\documents and settings\emily\Application Data\drivers\downld\364640.exe d:\documents and settings\emily\Application Data\drivers\downld\386703.exe d:\documents and settings\emily\Application Data\drivers\downld\388156.exe d:\documents and settings\emily\Application Data\drivers\downld\388890.exe d:\documents and settings\emily\Application Data\drivers\downld\397843.exe d:\documents and settings\emily\Application Data\drivers\downld\398781.exe d:\documents and settings\emily\Application Data\drivers\downld\399390.exe d:\documents and settings\emily\Application Data\drivers\downld\401921.exe d:\documents and settings\emily\Application Data\drivers\downld\401953.exe d:\documents and settings\emily\Application Data\drivers\downld\403171.exe d:\documents and settings\emily\Application Data\drivers\downld\403359.exe d:\documents and settings\emily\Application Data\drivers\downld\403593.exe d:\documents and settings\emily\Application Data\drivers\downld\403890.exe d:\documents and settings\emily\Application Data\drivers\downld\612406.exe d:\documents and settings\emily\Application Data\drivers\downld\613468.exe d:\documents and settings\emily\Application Data\drivers\downld\613484.exe d:\documents and settings\emily\Application Data\drivers\downld\626562.exe d:\documents and settings\emily\Application Data\drivers\downld\627031.exe d:\documents and settings\emily\Application Data\drivers\downld\627140.exe d:\documents and settings\emily\Application Data\drivers\downld\638671.exe d:\documents and settings\emily\Application Data\drivers\downld\640296.exe d:\documents and settings\emily\Application Data\drivers\downld\640984.exe d:\documents and settings\emily\Application Data\drivers\downld\641921.exe d:\documents and settings\emily\Application Data\drivers\downld\642765.exe d:\documents and settings\emily\Application Data\drivers\downld\643156.exe d:\documents and settings\emily\Application Data\drivers\downld\656546.exe d:\documents and settings\emily\Application Data\drivers\downld\657062.exe d:\documents and settings\emily\Application Data\drivers\downld\657484.exe d:\documents and settings\emily\Application Data\drivers\downld\68546.exe d:\documents and settings\emily\Application Data\drivers\downld\68953.exe d:\documents and settings\emily\Application Data\drivers\downld\69187.exe d:\documents and settings\emily\Application Data\drivers\downld\69843.exe d:\documents and settings\emily\Application Data\drivers\downld\713515.exe d:\documents and settings\emily\Application Data\drivers\downld\716843.exe d:\documents and settings\emily\Application Data\drivers\downld\720921.exe d:\documents and settings\emily\Application Data\drivers\downld\722687.exe d:\documents and settings\emily\Application Data\drivers\downld\723328.exe d:\documents and settings\emily\Application Data\drivers\downld\754390.exe d:\documents and settings\emily\Application Data\drivers\downld\755781.exe d:\documents and settings\emily\Application Data\drivers\downld\756250.exe d:\documents and settings\emily\Application Data\drivers\downld\75640.exe d:\documents and settings\emily\Application Data\drivers\downld\75703.exe d:\documents and settings\emily\Application Data\drivers\downld\78015.exe d:\documents and settings\emily\Application Data\drivers\downld\79531.exe d:\documents and settings\emily\Application Data\drivers\downld\80500.exe d:\documents and settings\emily\Application Data\drivers\downld\80515.exe d:\documents and settings\emily\Application Data\drivers\downld\80875.exe d:\documents and settings\emily\Application Data\drivers\downld\80921.exe d:\documents and settings\emily\Application Data\drivers\downld\80937.exe d:\documents and settings\emily\Application Data\drivers\downld\81062.exe d:\documents and settings\emily\Application Data\drivers\downld\84734.exe d:\documents and settings\emily\Application Data\drivers\downld\87281.exe d:\documents and settings\emily\Application Data\drivers\downld\87656.exe d:\documents and settings\emily\Application Data\drivers\downld\88359.exe d:\documents and settings\emily\Application Data\drivers\downld\89125.exe d:\documents and settings\emily\Application Data\drivers\downld\89515.exe d:\documents and settings\emily\Application Data\drivers\downld\89531.exe d:\documents and settings\emily\Application Data\drivers\downld\89781.exe d:\documents and settings\emily\Application Data\drivers\downld\89843.exe d:\documents and settings\emily\Application Data\drivers\downld\90796.exe d:\documents and settings\emily\Application Data\drivers\downld\90843.exe d:\documents and settings\emily\Application Data\drivers\downld\95953.exe d:\documents and settings\emily\Application Data\drivers\downld\97765.exe d:\documents and settings\emily\Application Data\drivers\downld\97828.exe d:\documents and settings\emily\Application Data\drivers\downld\98500.exe d:\documents and settings\emily\Application Data\drivers\downld\98546.exe d:\documents and settings\emily\Application Data\drivers\downld\98765.exe d:\documents and settings\emily\Application Data\drivers\downld\99218.exe d:\documents and settings\emily\Application Data\drivers\downld\99609.exe d:\documents and settings\emily\Application Data\drivers\downld\99906.exe d:\documents and settings\emily\Application Data\drivers\downld\99968.exe d:\documents and settings\emily\Application Data\drivers\srosa.sys d:\documents and settings\emily\Application Data\drivers\srosa2.sys d:\documents and settings\emily\Application Data\drivers\winupgro.exe d:\documents and settings\emily\Application Data\m d:\documents and settings\emily\Application Data\m\data.oct d:\documents and settings\emily\Application Data\m\flec006.exe d:\documents and settings\emily\Application Data\m\list.oct d:\documents and settings\emily\Application Data\m\shared\[Nokia 6680 - Games] - Micro Billiard.zip d:\documents and settings\emily\Application Data\m\shared\1ClickWebSlideShow 2.0 Build 2.0.0.28.zip d:\documents and settings\emily\Application Data\m\shared\2G PosterWorks 1.0.6.zip d:\documents and settings\emily\Application Data\m\shared\4DSite Designer 3.1.0340.zip d:\documents and settings\emily\Application Data\m\shared\50-686 - Novell Foundations of Novell Networking Practice Test Questions 1.0.zip d:\documents and settings\emily\Application Data\m\shared\A1 DVD Audio Ripper 1.1.48.zip d:\documents and settings\emily\Application Data\m\shared\Address URL Editor 1.1.zip d:\documents and settings\emily\Application Data\m\shared\Admin Arsenal 1.4.zip d:\documents and settings\emily\Application Data\m\shared\Aimersoft Blackberry Media Converter 1.0.1.17.zip d:\documents and settings\emily\Application Data\m\shared\Aimersoft DVD Studio Pack 2.0.2.13.zip d:\documents and settings\emily\Application Data\m\shared\Alcea Fast BugTrack 6.0.zip d:\documents and settings\emily\Application Data\m\shared\All Video to 3GP iPod iPhone Zune Converter 4.0.zip d:\documents and settings\emily\Application Data\m\shared\Amazing 3D Aquarium - Chrysiptera Fish Pack 1.0.zip d:\documents and settings\emily\Application Data\m\shared\AMI GIF 3D Effects 1 2.0a.03.zip d:\documents and settings\emily\Application Data\m\shared\Analog Simple White Clock 1.0.zip d:\documents and settings\emily\Application Data\m\shared\Answers Search 1.2.zip d:\documents and settings\emily\Application Data\m\shared\Ashore Screensaver 1.0.zip d:\documents and settings\emily\Application Data\m\shared\AVG.Anti-Spyware.+.Serial.zip d:\documents and settings\emily\Application Data\m\shared\Banana Accounting Cash Book 5.0.10.zip d:\documents and settings\emily\Application Data\m\shared\BixBookmark 2.3.zip d:\documents and settings\emily\Application Data\m\shared\BlinkLn 0.2.1.zip d:\documents and settings\emily\Application Data\m\shared\BMP2000 4.00.28.zip d:\documents and settings\emily\Application Data\m\shared\BT ColorPicker 2.0.zip d:\documents and settings\emily\Application Data\m\shared\C++ Code Export 1.0.0.zip d:\documents and settings\emily\Application Data\m\shared\Channel4 1.0.zip d:\documents and settings\emily\Application Data\m\shared\ChatMan 1.5.zip d:\documents and settings\emily\Application Data\m\shared\Chevron Cars 1.0.0.0.zip d:\documents and settings\emily\Application Data\m\shared\CollTrak 1.1.zip d:\documents and settings\emily\Application Data\m\shared\Color Tuner 1.0.zip d:\documents and settings\emily\Application Data\m\shared\Computing and Information Technology 9.2.zip d:\documents and settings\emily\Application Data\m\shared\Cornucopia 1.1.zip d:\documents and settings\emily\Application Data\m\shared\CPPBackup 1.5.1 build 45.zip d:\documents and settings\emily\Application Data\m\shared\Create A Quiz 5.16.zip d:\documents and settings\emily\Application Data\m\shared\DataThief 1.0.zip d:\documents and settings\emily\Application Data\m\shared\Desktop4ever 1.1.zip d:\documents and settings\emily\Application Data\m\shared\DietMP3 4.03.00.zip d:\documents and settings\emily\Application Data\m\shared\DISQLite3 Pro Edition 1.6.1.zip d:\documents and settings\emily\Application Data\m\shared\DLL Indexer 1.0.zip d:\documents and settings\emily\Application Data\m\shared\DXTBmp 4.00.84.zip d:\documents and settings\emily\Application Data\m\shared\Echo 1.00.0025.zip d:\documents and settings\emily\Application Data\m\shared\EmptyDesk 1.0.1.zip d:\documents and settings\emily\Application Data\m\shared\ENT Server Data Migrator 1.3.12.zip d:\documents and settings\emily\Application Data\m\shared\Euro Millions Manager 1.04J.zip d:\documents and settings\emily\Application Data\m\shared\Face Beauty Rank 1.5.0.zip d:\documents and settings\emily\Application Data\m\shared\File Compare 1.2.0.zip d:\documents and settings\emily\Application Data\m\shared\formEZ 0.7.4.zip d:\documents and settings\emily\Application Data\m\shared\Google Icon 1.10.zip d:\documents and settings\emily\Application Data\m\shared\Great Artist - French Artist 1.1.zip d:\documents and settings\emily\Application Data\m\shared\Griddlers Solver 1.3.zip d:\documents and settings\emily\Application Data\m\shared\Hex Editor Pro 1.00.0025.zip d:\documents and settings\emily\Application Data\m\shared\Home Based Business Opportunity 2.6.zip d:\documents and settings\emily\Application Data\m\shared\IISBack 2.2.zip d:\documents and settings\emily\Application Data\m\shared\In Flight Screensaver.zip d:\documents and settings\emily\Application Data\m\shared\Innovative Firewall Manager 2.0.zip d:\documents and settings\emily\Application Data\m\shared\iRenew 2.7.3.14809.zip d:\documents and settings\emily\Application Data\m\shared\Kaspersky.Antivirus.Personal.Pro.v5.0.388.cracked.zip d:\documents and settings\emily\Application Data\m\shared\Kaspersky.å¡å·´æ–¯åŸº.防毒.v5.0.227.防ç«.v1.7.130.最新.2.åˆ.1æ•´åˆ .zip d:\documents and settings\emily\Application Data\m\shared\KoolKode 2.0.zip d:\documents and settings\emily\Application Data\m\shared\LamaHub 0.0.5.2.zip d:\documents and settings\emily\Application Data\m\shared\LingvoSoft Learning PhraseBook 2008 Italian - Albanian 2.3.91.zip d:\documents and settings\emily\Application Data\m\shared\LingvoSoft Suite 2008 English - Korean 2.1.28.zip d:\documents and settings\emily\Application Data\m\shared\LiteWeb 2.7.zip d:\documents and settings\emily\Application Data\m\shared\LittleFunny Mp3 Player 1.0.zip d:\documents and settings\emily\Application Data\m\shared\Logon Script Creator 2.0.2.zip d:\documents and settings\emily\Application Data\m\shared\M Color 9.1.278.0.zip d:\documents and settings\emily\Application Data\m\shared\Magic ASCII Picture Convert 1.30.zip d:\documents and settings\emily\Application Data\m\shared\MB Free Astrology-Numerology Glossary 1.60.zip d:\documents and settings\emily\Application Data\m\shared\McAfee.GroupShield.v6.0.for.Microsoft.Exchange.crack.zip d:\documents and settings\emily\Application Data\m\shared\MDB Password Recovery 1.0.2.zip d:\documents and settings\emily\Application Data\m\shared\MediaHeal for Removable Disks 1.0.0831.zip d:\documents and settings\emily\Application Data\m\shared\Memory Management System 10.3.zip d:\documents and settings\emily\Application Data\m\shared\Mesh Viewer 0.3.1.zip d:\documents and settings\emily\Application Data\m\shared\Mess Box AR 4.0.0.26.zip d:\documents and settings\emily\Application Data\m\shared\MF Shutdown Manager 0.9.6.zip d:\documents and settings\emily\Application Data\m\shared\MIDCNTIN 1.1.zip d:\documents and settings\emily\Application Data\m\shared\MiMail worm free removal tool 1.0.zip d:\documents and settings\emily\Application Data\m\shared\MING Network Monitor 2.0.zip d:\documents and settings\emily\Application Data\m\shared\MiniSysMon 1.4.zip d:\documents and settings\emily\Application Data\m\shared\MKN MemoryMonitor 2.0.zip d:\documents and settings\emily\Application Data\m\shared\Mr.B's Multiplication 1.0.zip d:\documents and settings\emily\Application Data\m\shared\NetComp Connector 1.14.zip d:\documents and settings\emily\Application Data\m\shared\OfficeFIX Office Data Recovery 6.33.zip d:\documents and settings\emily\Application Data\m\shared\Old File Purger 1.0.1.zip d:\documents and settings\emily\Application Data\m\shared\Open Menu+ Portable 1.5.6.zip d:\documents and settings\emily\Application Data\m\shared\PassMark Rebooter 1.3 build 1002.zip d:\documents and settings\emily\Application Data\m\shared\PlanLink 2.41.zip d:\documents and settings\emily\Application Data\m\shared\plingme 1.02.zip d:\documents and settings\emily\Application Data\m\shared\poedIRC 1.3.41.zip d:\documents and settings\emily\Application Data\m\shared\Portable AcroPad 1.3.2.zip d:\documents and settings\emily\Application Data\m\shared\Powware Visual Programming 1.0.zip d:\documents and settings\emily\Application Data\m\shared\Product Finder 1.1.zip d:\documents and settings\emily\Application Data\m\shared\ProSchematic 1.01.014.zip d:\documents and settings\emily\Application Data\m\shared\QMailFilter 2.2.zip d:\documents and settings\emily\Application Data\m\shared\RandomSaver 2.0.3.zip d:\documents and settings\emily\Application Data\m\shared\Registry Fast 4.0.zip d:\documents and settings\emily\Application Data\m\shared\Rental Software 4.12.1.zip d:\documents and settings\emily\Application Data\m\shared\Ripper 2.2.zip d:\documents and settings\emily\Application Data\m\shared\SCDJWS Preparation Kit 6.0.1.zip d:\documents and settings\emily\Application Data\m\shared\Screen Movie Studio 1.25.zip d:\documents and settings\emily\Application Data\m\shared\ScripTrap 1.03.zip d:\documents and settings\emily\Application Data\m\shared\SF Maskerade 3.3.zip d:\documents and settings\emily\Application Data\m\shared\Shift 1.0.0.0.zip d:\documents and settings\emily\Application Data\m\shared\Sidebar Preview 1.0.0.0.zip d:\documents and settings\emily\Application Data\m\shared\Sound Postcard 1.02.zip d:\documents and settings\emily\Application Data\m\shared\Spytech PrivacyAgent 4.00.04.zip d:\documents and settings\emily\Application Data\m\shared\SUMo 2.3.8.64.zip d:\documents and settings\emily\Application Data\m\shared\Symantec.Norton.Internet.Security.2006.(Italiano).+.Istruzioni.+.Serial+att ivazione-FUNGE100%.zip d:\documents and settings\emily\Application Data\m\shared\SysMetrix 3.41.zip d:\documents and settings\emily\Application Data\m\shared\The Green Search Widget 0.1.zip d:\documents and settings\emily\Application Data\m\shared\The Ultimate Troubleshooter 4.84.zip d:\documents and settings\emily\Application Data\m\shared\Validaty 1.4.1.zip d:\documents and settings\emily\Application Data\m\shared\VBdocman 2.25.zip d:\documents and settings\emily\Application Data\m\shared\Visual Paradigm for UML (Community Edition) 6.3 SP1.zip d:\documents and settings\emily\Application Data\m\shared\Webcpp 1.3.7.zip d:\documents and settings\emily\Application Data\m\shared\Websites Cop - Automatic File Disinfector 1.0.0.zip d:\documents and settings\emily\Application Data\m\shared\WebTidy 1.00.003.zip d:\documents and settings\emily\Application Data\m\shared\WinBPFix 1.0.zip d:\documents and settings\emily\Application Data\m\shared\Windows Installer 4.5 SDK.zip d:\documents and settings\emily\Application Data\m\shared\Winter Reflections Screensaver 1.0.zip d:\documents and settings\emily\Application Data\m\shared\WordDocDiff.zip d:\documents and settings\emily\Application Data\m\shared\WordMaestro 1.51.zip d:\documents and settings\emily\Application Data\m\shared\Work At Home Moms Masters Course 1.0.zip d:\documents and settings\emily\Application Data\m\shared\World Cup Screensaver 1.02.zip d:\documents and settings\emily\Application Data\m\shared\World Display Wallpaper Manager 0.2.1 Beta.zip d:\documents and settings\emily\Application Data\m\shared\World Woe 1.0.zip d:\documents and settings\emily\Application Data\m\shared\wwiTV 1.zip d:\documents and settings\emily\Application Data\m\shared\Yahoo Photo Album Downloader 2.6.1.6.zip d:\documents and settings\emily\Application Data\m\shared\Yeti's Shirt.Woot 1.1.zip d:\documents and settings\emily\Application Data\m\shared\ZModeler 2.1.0 Build 940.zip d:\documents and settings\emily\Application Data\m\srvlist.oct . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SROSA -------\Legacy_SROSA -------\Legacy_SK9OU0S -------\Service_sK9Ou0s ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-18 au 2008-12-18 )))))))))))))))))))))))))))))))))))) . 2008-12-18 22:03 . 2008-12-18 22:26 <REP> d-------- c:\program files\trend micro 2008-12-18 22:00 . 2008-12-18 22:00 <REP> d-------- C:\rsit 2008-12-17 23:02 . 2008-12-18 23:16 <REP> d--h----- d:\documents and settings\emily\Application Data\drivers 2008-12-10 16:31 . 2008-12-10 16:31 54,156 --ah----- c:\windows\QTFont.qfn 2008-12-10 16:31 . 2008-12-10 16:31 1,409 --a------ c:\windows\QTFont.for . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-18 20:55 218,112 ----a-w d:\documents and settings\emily\HijackThis.exe 2008-12-18 14:23 --------- d-----w c:\program files\Lavasoft 2008-12-18 14:19 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard 2008-12-18 13:10 --------- d-----w c:\program files\Azureus 2008-12-18 13:09 --------- d-----w d:\documents and settings\All Users\Application Data\WinZip 2008-12-17 21:52 --------- d-----w c:\program files\eMule 2008-12-17 21:44 --------- d-----w d:\documents and settings\emily\Application Data\Skype 2008-12-15 14:45 --------- d-----w c:\program files\Lx_cats 2008-12-11 22:22 --------- d-----w d:\documents and settings\emily\Application Data\Azureus 2008-12-04 21:30 --------- d-----w c:\program files\Fichiers communs\Adobe 2008-11-17 17:09 3,713,997 ----a-w c:\windows\system32\drivers\fwdrv.err 2008-11-02 17:54 --------- d-----w d:\documents and settings\All Users\Application Data\CyberLink 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll 2008-10-16 20:18 826,368 ----a-w c:\windows\system32\wininet.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-03 10:03 247,326 ----a-w c:\windows\system32\strmdll.dll 2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll 2008-08-06 07:27 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008080620080807\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2006-10-31 204843] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "ATIPTA"="c:\ati technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496] "Ulead AutoDetector v2"="c:\program files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2008-12-18 90112] "PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576] "lxcgmon.exe"="c:\program files\Lexmark 2300 Series\lxcgmon.exe" [2005-05-05 200704] "EzPrint"="c:\program files\Lexmark 2300 Series\ezprint.exe" [2005-06-08 94208] "FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2005-05-03 299008] "LVCOMS"="c:\program files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022] "LogitechGalleryRepair"="c:\program files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 155648] "LogitechImageStudioTray"="c:\program files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 61440] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2006-06-07 35328] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-10-11 98304] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-10-11 180269] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "LXCGCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-04-27 69632] "SoundMan"="SOUNDMAN.EXE" [2005-05-17 c:\windows\SOUNDMAN.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264] d:\documents and settings\emily\Menu D‚marrer\Programmes\D‚marrage\ Outil de notification Live Search.lnk - d:\documents and settings\emily\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-07-30 143360] d:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-03-15 67128] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-01-21 65588] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm "msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm "msacm.mpegacm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm "vidc.mxmc"= MimicICM.DLL "VIDC.ACDV"= ACDV.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%ProgramFiles%\\AOL 9.0\\aol.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\APPS\\Inventime\\my.exe"= "c:\\WINDOWS\\system32\\lxcgcoms.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [2007-04-26 72624] R3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2005-10-11 799744] S2 SPF4;Sunbelt Personal Firewall 4;"c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 1234480] S4 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [2007-04-26 302000] . Contenu du dossier 'Tâches planifiées' 2008-12-18 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20] . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-Skype - c:\apps\skype\phone\Skype.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.msn.fr/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = localhost uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll FF - ProfilePath - d:\documents and settings\emily\Application Data\Mozilla\Firefox\Profiles\r9rqc6cj.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://www.msn.fr/ FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA2&q= FF - plugin: c:\program files\Mozilla Firefox\plugins\NPStreamPlug.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ATTENTION: FIREFOX POLICES IS IN FORCE c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.version", 3); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.3.shown", false); . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-18 23:21:11 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCGCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\MysqlInventime] "ImagePath"="c:\apps\INVENT~1\mysql\bin\mysqld-nt --defaults-file=c:\apps\Inventime\mysql\my.ini MysqlInventime" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(528) c:\windows\system32\Ati2evxx.dll . ------------------------ Autres processus actifs ------------------------ . c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\windows\system32\wdfmgr.exe c:\apps\Powercinema\Kernel\TV\CLSched.exe c:\apps\ABOARD\AOSD.EXE d:\documents and settings\emily\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe c:\windows\system32\lxcgcoms.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2008-12-18 23:28:38 - La machine a redémarré ComboFix-quarantined-files.txt 2008-12-18 22:28:30 Avant-CF: 15,539,879,936 octets libres Après-CF: 15,220,822,016 octets libres 768 --- E O F --- 2008-12-11 10:01:19

Bon, ça non plus il veut pas quand je double click sur lea.exe, toujours le même message d'erreur : " ...........n'est pas un aplication valide win32"

Bonsoir Thanos et merci de t'occuper de mon cas Par contre ça commence mal : après "continue" ( et une barre de progression) il se passe rien, j'ai retenté et j'ai pu accepter la licence puis rien...ou message d'erreur. Autre souci, j'arrive plus à démarrer en mode sans echec au cas où. Merci @ +

Bonsoir à tous Je reviens vers vous car j'ai besoin d'un coup de main. Je pense qu'il s'agit d'une infection, en même temps j'ai teléchargé un fichier zip et lancé une appli, (je peux m'en prendre qu'à moi même...)et depuis c'est la folie. L'ordi n'a pas arreté de me planter, après maintes bidouille (mode sans echec, essayé de restaurer système....) Avast, Ad aware, power cinema...plus rien de marchait, dont VLC, winamp...que j'ai débloqué grace à l'aide... Mais ce qui m'ennuie bien c'est que je peux plus regarder la téloche car Power cinema me dit qu'il n'y a pas de periphérique tv :P Il y aurait il ici une ame charitable pour m'aider à débloquer tout ça ? Faut t il que je poste un rapport hijacthis ? (fait en mode sans echec j'imagine car là ça marche pas) D'avance merci à tous Bonne soirée. Lea38

le voilà : C:\WINDOWS\System32/drivers\fwdrv.err -->27/03/2007 21:38:27 C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 19:26:08 C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 19:25:24 C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 01:56:13 C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 01:56:00 C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 01:51:58 C:\WINDOWS\System32/drivers\AvgAsCln.sys -->05/09/2006 18:03:16 C:\WINDOWS\System32\wpa.dbl -->31/03/2007 09:13:26 C:\WINDOWS\System32\PerfStringBackup.INI -->25/03/2007 20:15:41 C:\WINDOWS\System32\perfh00C.dat -->25/03/2007 20:15:41 C:\WINDOWS\System32\perfh009.dat -->25/03/2007 20:15:41 C:\WINDOWS\System32\perfc00C.dat -->25/03/2007 20:15:41 C:\WINDOWS\System32\perfc009.dat -->25/03/2007 20:15:41 C:\WINDOWS\System32\LEXSUP.HTM -->15/03/2007 19:49:32 C:\WINDOWS\System32\MRT.exe -->07/03/2007 22:36:32 C:\WINDOWS\System32\CONFIG.NT -->07/03/2007 20:09:17 C:\WINDOWS\System32\WgaTray.exe -->15/02/2007 19:01:36 C:\WINDOWS\System32\LegitCheckControl.dll -->15/02/2007 19:01:04 C:\WINDOWS\System32\WgaLogon.dll -->15/02/2007 19:00:28 C:\WINDOWS\System32\TZLog.log -->14/02/2007 08:16:34 C:\WINDOWS\System32\tzchange.exe -->29/01/2007 10:58:06 C:\WINDOWS\System32\hhctrl.ocx -->23/01/2007 21:31:20 C:\WINDOWS\System32\aswBoot.exe -->15/01/2007 19:32:07 C:\WINDOWS\System32\AVASTSS.scr -->15/01/2007 19:23:20 C:\WINDOWS\System32\wininet.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\webcheck.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\urlmon.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\mstime.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\mshtmled.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\mshtml.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\msfeedsbs.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\msfeeds.dll -->12/01/2007 10:27:42 C:\WINDOWS\WindowsUpdate.log -->02/04/2007 19:06:03 C:\WINDOWS.log -->31/03/2007 09:12:40 C:\WINDOWS\wiadebug.log -->31/03/2007 09:12:13 C:\WINDOWS\wiaservc.log -->31/03/2007 09:12:11 C:\WINDOWS\bootstat.dat -->31/03/2007 09:10:53 C:\WINDOWS\SchedLgU.Txt -->30/03/2007 23:20:24 C:\WINDOWS\ntbtlog.txt -->27/03/2007 21:39:59 C:\WINDOWS\setupapi.log -->27/03/2007 17:40:13 C:\WINDOWS\tsoc.log -->14/03/2007 22:09:10 C:\WINDOWS\ocmsn.log -->14/03/2007 22:09:10 C:\WINDOWS\ocgen.log -->14/03/2007 22:09:10 C:\WINDOWS\ntdtcsetup.log -->14/03/2007 22:09:10 C:\WINDOWS\msgsocm.log -->14/03/2007 22:09:10 C:\WINDOWS\KB929338.log -->14/03/2007 22:09:10 C:\WINDOWS\imsins.log -->14/03/2007 22:09:10 C:\WINDOWS\alcrmv.exe |11/10/2005 19:52:28 C:\WINDOWS\alcupd.exe |11/10/2005 19:52:28 C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe |12/05/2006 22:23:28 C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |22/12/2006 20:39:39 C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe |15/03/2007 19:50:45 C:\WINDOWS\IsUn040c.exe |16/08/2004 18:25:14 C:\WINDOWS\IsUninst.exe |11/10/2005 20:02:31 C:\WINDOWS\SOUNDMAN.EXE |11/10/2005 19:52:29 C:\WINDOWS\twunk_16.exe |16/08/2004 17:41:16 C:\WINDOWS\twunk_32.exe |16/08/2004 17:41:16 C:\WINDOWS\unvise32qt.exe |11/10/2005 20:02:10 C:\WINDOWS\twain.dll |16/08/2004 17:41:16 C:\WINDOWS\twain_32.dll |16/08/2004 17:41:16 C:\WINDOWS\system32\append.exe |16/08/2004 17:39:57 C:\WINDOWS\system32\aswBoot.exe |08/04/2006 21:45:00 C:\WINDOWS\system32\ati2evxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\Ati2mdxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ChCfg.exe |11/10/2005 19:52:29 C:\WINDOWS\system32\CIMSVR.exe |12/05/2006 22:26:47 C:\WINDOWS\system32\debug.exe |16/08/2004 17:40:04 C:\WINDOWS\system32\dosx.exe |16/08/2004 17:40:08 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 17:47:34 C:\WINDOWS\system32\edlin.exe |16/08/2004 17:40:20 C:\WINDOWS\system32\exe2bin.exe |16/08/2004 17:40:21 C:\WINDOWS\system32\fastopen.exe |16/08/2004 17:40:21 C:\WINDOWS\system32\gsw32.exe |15/02/2007 22:26:51 C:\WINDOWS\system32\java.exe |26/04/2006 18:14:19 C:\WINDOWS\system32\javaw.exe |26/04/2006 18:14:19 C:\WINDOWS\system32\javaws.exe |26/04/2006 18:14:19 C:\WINDOWS\system32\LVComS.exe |12/05/2006 22:27:33 C:\WINDOWS\system32\lxcgcoms.exe |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgih.exe |11/12/2005 21:28:17 C:\WINDOWS\system32\mem.exe |16/08/2004 17:40:35 C:\WINDOWS\system32\mscdexnt.exe |16/08/2004 17:40:39 C:\WINDOWS\system32\nlsfunc.exe |16/08/2004 17:40:48 C:\WINDOWS\system32\Process.exe |02/04/2007 18:44:55 C:\WINDOWS\system32\pxcpya64.exe |09/05/2006 11:26:07 C:\WINDOWS\system32\pxhpinst.exe |09/05/2006 11:26:07 C:\WINDOWS\system32\pxinsa64.exe |09/05/2006 11:26:07 C:\WINDOWS\system32\redir.exe |16/08/2004 17:41:00 C:\WINDOWS\system32\RTLCPL.EXE |11/10/2005 19:52:29 C:\WINDOWS\system32\setver.exe |16/08/2004 17:41:03 C:\WINDOWS\system32\share.exe |16/08/2004 17:41:03 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\34CoInstaller.dll |11/10/2005 19:51:44 C:\WINDOWS\system32\amstream.dll |16/08/2004 17:39:57 C:\WINDOWS\system32\ati2cqag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2dvag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2edxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2evxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati3duag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDDC.DLL |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDEMGR.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atiiiexx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atikvmag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atioglx1.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atioglxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atipdlxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atitvo32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativcoxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativvaxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atmfd.dll |16/08/2004 17:39:57 C:\WINDOWS\system32\atmlib.dll |16/08/2004 17:39:57 C:\WINDOWS\system32\cbaseintf.dll |15/02/2007 21:39:36 C:\WINDOWS\system32\cbaselocal.dll |15/02/2007 21:39:37 C:\WINDOWS\system32\cdintf251.dll |15/02/2007 21:39:52 C:\WINDOWS\system32\CIMSVRps.dll |12/05/2006 22:26:47 C:\WINDOWS\system32\CIMVIEW.dll |12/05/2006 22:26:47 C:\WINDOWS\system32\compatUI.dll |16/08/2004 17:40:03 C:\WINDOWS\system32\crun500.dll |15/02/2007 21:39:40 C:\WINDOWS\system32\dgrpsetu.dll |16/08/2004 17:55:15 C:\WINDOWS\system32\dgsetup.dll |16/08/2004 17:55:15 C:\WINDOWS\system32\EDT32D30.dll |15/02/2007 22:26:52 C:\WINDOWS\system32\encdec.dll |16/08/2004 17:40:21 C:\WINDOWS\system32\EqnClass.Dll |16/08/2004 17:55:15 C:\WINDOWS\system32\gswag32.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\gswdll32.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\hedlg32.dll |15/02/2007 22:26:50 C:\WINDOWS\system32\heicon32.dll |15/02/2007 22:26:50 C:\WINDOWS\system32\hekrnl32.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\hertf32.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\hetool32.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\hticons.dll |16/08/2004 18:03:32 C:\WINDOWS\system32\hypertrm.dll |16/08/2004 18:03:05 C:\WINDOWS\system32\iccvid.dll |16/08/2004 17:40:27 C:\WINDOWS\system32\imgman30.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\IMGMAN32.DLL |11/12/2005 21:42:59 C:\WINDOWS\system32\IMHOST32.DLL |11/12/2005 21:42:59 C:\WINDOWS\system32\imp32d20.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\Inetwh32.dll |11/10/2005 20:01:45 C:\WINDOWS\system32\ir32_32.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\ir41_qc.dll |16/08/2004 17:41:37 C:\WINDOWS\system32\ir41_qcx.dll |16/08/2004 17:41:37 C:\WINDOWS\system32\ir50_32.dll |16/08/2004 17:41:37 C:\WINDOWS\system32\ir50_qc.dll |16/08/2004 17:41:37 C:\WINDOWS\system32\ir50_qcx.dll |16/08/2004 17:41:37 C:\WINDOWS\system32\isrdbg32.dll |16/08/2004 18:06:15 C:\WINDOWS\system32\jgaw400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\jgdw400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\jgmd400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\jgpl400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\jgsd400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\jgsh400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\LCamCpl.dll |10/12/2002 18:30:18 C:\WINDOWS\system32\lfbmp12n.dll |10/12/2002 17:47:08 C:\WINDOWS\system32\LFCMP12n.DLL |10/12/2002 17:47:08 C:\WINDOWS\system32\LFFAX12n.DLL |10/12/2002 17:47:08 C:\WINDOWS\system32\lftif12n.dll |10/12/2002 17:47:08 C:\WINDOWS\system32\LQCUI.dll |10/12/2002 18:05:04 C:\WINDOWS\system32\LTDIS12n.dll |10/12/2002 17:47:10 C:\WINDOWS\system32\ltefx12n.dll |10/12/2002 17:47:12 C:\WINDOWS\system32\ltfil12n.DLL |10/12/2002 17:47:12 C:\WINDOWS\system32\ltimg12n.dll |10/12/2002 17:47:12 C:\WINDOWS\system32\ltkrn12n.dll |10/12/2002 17:47:12 C:\WINDOWS\system32\Ltwvc12n.dll |10/12/2002 17:47:16 C:\WINDOWS\system32\lvcodec2.dll |12/05/2006 22:27:33 C:\WINDOWS\system32\lvcoinst.dll |12/05/2006 22:27:33 C:\WINDOWS\system32\LVComC.dll |12/05/2006 22:27:33 C:\WINDOWS\system32\Lvkrn12n.dll |10/12/2002 17:47:16 C:\WINDOWS\system32\LVUI2.dll |12/05/2006 22:27:33 C:\WINDOWS\system32\LVUI2RC.dll |12/05/2006 22:27:33 C:\WINDOWS\system32\lxcgcfg.dll |26/04/2005 19:57:20 C:\WINDOWS\system32\lxcgcomc.dll |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgcomm.dll |11/12/2005 21:28:17 C:\WINDOWS\system32\lxcgcu.dll |11/12/2005 21:28:15 C:\WINDOWS\system32\lxcgcub.dll |11/12/2005 21:28:13 C:\WINDOWS\system32\lxcgcur.dll |11/12/2005 21:28:15 C:\WINDOWS\system32\lxcgins.dll |11/12/2005 21:28:18 C:\WINDOWS\system32\lxcginsb.dll |11/12/2005 21:28:14 C:\WINDOWS\system32\lxcginsr.dll |11/12/2005 21:28:18 C:\WINDOWS\system32\lxcgjswr.dll |11/12/2005 21:28:13 C:\WINDOWS\system32\lxcglmpm.dll |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgpplc.dll |11/12/2005 21:28:17 C:\WINDOWS\system32\lxcgprox.dll |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgserv.dll |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgusb1.dll |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgutil.dll |11/12/2005 21:28:15 C:\WINDOWS\system32\lxcgvs.dll |11/12/2005 21:28:17 C:\WINDOWS\system32\LXPMONRC.DLL |11/12/2005 21:42:59 C:\WINDOWS\system32\LXPMONUI.DLL |11/12/2005 21:43:19 C:\WINDOWS\system32\LXPRMON.DLL |11/12/2005 21:43:19 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 17:47:06 C:\WINDOWS\system32\MEM32D20.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\MimicICM.dll |12/05/2006 22:26:47 C:\WINDOWS\system32\mlcorert.dll |15/02/2007 21:39:38 C:\WINDOWS\system32\msdmo.dll |16/08/2004 17:40:40 C:\WINDOWS\system32\msencode.dll |16/08/2004 17:40:40 C:\WINDOWS\system32\MSRTEDIT.DLL |22/01/1999 20:46:58 C:\WINDOWS\system32\Oemdspif.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\paqsp.dll |23/08/2001 17:47:16 C:\WINDOWS\system32\PCDLIB32.DLL |09/12/1998 04:53:58 C:\WINDOWS\system32\pncrt.dll |11/10/2005 20:01:58 C:\WINDOWS\system32\pndx5016.dll |11/10/2005 20:01:58 C:\WINDOWS\system32\pndx5032.dll |11/10/2005 20:01:58 C:\WINDOWS\system32\PsisDecd.dll |11/10/2005 19:51:44 C:\WINDOWS\system32\Px.dll |19/10/2004 16:56:36 C:\WINDOWS\system32\pxdrv.dll |06/05/2005 01:01:00 C:\WINDOWS\system32\pxmas.dll |19/10/2004 16:55:44 C:\WINDOWS\system32\pxsfs.dll |08/06/2006 20:22:34 C:\WINDOWS\system32\PxWave.dll |19/10/2004 16:55:16 C:\WINDOWS\system32\PXWMA.dll |25/03/2004 10:30:40 C:\WINDOWS\system32\QCUI.dll |10/12/2002 18:05:52 C:\WINDOWS\system32\qedwipes.dll |16/08/2004 17:40:58 C:\WINDOWS\system32\rmoc3260.dll |11/10/2005 20:01:59 C:\WINDOWS\system32\roboex32.dll |11/10/2005 20:01:45 C:\WINDOWS\system32\RtlCPAPI.dll |11/10/2005 19:52:29 C:\WINDOWS\system32\SAGEPERS.DLL |15/02/2007 21:39:40 C:\WINDOWS\system32\sbe.dll |16/08/2004 17:41:02 C:\WINDOWS\system32\slbcsp.dll |16/08/2004 17:41:05 C:\WINDOWS\system32\slbiop.dll |16/08/2004 17:41:05 C:\WINDOWS\system32\slbrccsp.dll |16/08/2004 17:41:05 C:\WINDOWS\system32\Snadosql.dll |15/02/2007 22:26:52 C:\WINDOWS\system32\SNFORM32.DLL |15/02/2007 22:26:51 C:\WINDOWS\system32\spnike.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\spr32d60.dll |15/02/2007 22:26:52 C:\WINDOWS\system32\sprio600.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\spxcoins.dll |16/08/2004 17:55:15 C:\WINDOWS\system32\ss32d25.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\tab32d20.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\tsd32.dll |16/08/2004 17:41:16 C:\WINDOWS\system32\umloader.dll |07/01/2004 01:01:00 C:\WINDOWS\system32\unzip32.dll |11/10/2005 20:01:09 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\VXBLOCK.dll |20/05/2004 01:00:00 C:\WINDOWS\system32\win87em.dll |16/08/2004 17:41:22 C:\WINDOWS\system32\_psisdecd.dll |11/10/2005 20:12:49 Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\WINDOWS\system32 05/08/2004 14:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 22 272 360 448 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\WINDOWS\Downloaded Program Files 13/01/2007 19:00 <REP> . 13/01/2007 19:00 <REP> .. 16/08/2004 18:08 65 desktop.ini 25/07/2002 17:13 24 576 dwusplay.dll 25/07/2002 17:13 196 608 dwusplay.exe 24/01/2005 12:38 1 249 erma.inf 25/07/2002 17:05 172 032 isusweb.dll 08/08/2006 12:45 576 kavwebscan.inf 11/12/2006 17:44 367 LegitCheckControl.inf 7 fichier(s) 395 473 octets Total des fichiers listés : 7 fichier(s) 395 473 octets 2 Rép(s) 22 272 360 448 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCGCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Liste des programmes installes ABBYY FineReader 6.0 Sprint Ad-Aware SE Personal Adobe Reader 7.0.8 - Français Archiveur WinRAR avast! Antivirus AVG Anti-Spyware 7.5 Codeur Windows Media Série 9 Comptabilité Correctif pour Windows XP (KB914440) Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893066 Correctif Windows XP - KB893086 eMule eMusic - 50 Free MP3 offer Gestion commerciale Google Toolbar for Internet Explorer HijackThis 1.99.1 Hotfix for Windows XP (KB915865) Immobilisations IncrediMail Xe J2SE Runtime Environment 5.0 Update 2 J2SE Runtime Environment 5.0 Update 6 Kaspersky On-line Scanner Kaspersky Online Scanner Kit de Connexion Alice ADSL Language pack for Ad-Aware SE Lecteur Windows Media 10 Lexmark 2300 Series Logitech Desktop Messenger Logitech Desktop Messenger Logitech IM Video Companion Logitech ImageStudio Macromedia Flash Player 8 Macromedia Shockwave Player Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2000 SR-1 Premium Microsoft Visual J# .NET Redistributable Package 1.1 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911280) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922760) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB931836) Moyens de Paiement MP3 Player Utilities MSXML 4.0 SP2 (KB927978) NoSpam 0.5.32 Panneau de contrôle ATI QALITEL logigramme Realtek AC'97 Audio Sage Pilote Saisie de caisse décentralisée Security Update for Microsoft .NET Framework 2.0 (KB922770) Security Update pour Microsoft .NET Framework 2.0 (KB917283) Skype 2.0 Solutions de télécopie Lexmark Sonic MyDVD Sonic RecordNow! Suivi de trésorerie 100 Sunbelt Kerio Personal Firewall VideoLAN VLC media player 0.8.4a WebFldrs XP Winamp (remove only) Windows Defender Windows Genuine Advantage Notifications (KB905474) Windows Installer 3.1 (KB893803) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format Runtime WinZip Yahoo! Install Manager Yahoo! Toolbar Yahoo! Toolbar Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\Program Files 27/03/2007 21:18 <REP> . 27/03/2007 21:18 <REP> .. 11/12/2005 21:44 <REP> Abbyy FineReader 6.0 Sprint 02/11/2005 20:34 <REP> Adobe 19/04/2006 20:50 <REP> Alice 08/04/2006 21:44 <REP> Alwil Software 02/11/2005 20:34 <REP> AMD 02/11/2005 20:34 <REP> ComPlus Applications 02/11/2005 20:34 <REP> CyberLink 12/05/2006 22:31 <REP> directx 17/03/2007 21:00 <REP> eMule 15/02/2007 21:54 <REP> Fichiers communs 15/02/2007 22:12 <REP> GecoMaes 02/11/2005 20:34 <REP> GMixon 28/10/2006 16:15 <REP> Google 11/01/2007 19:28 <REP> Grisoft 15/02/2007 22:29 <REP> ImmoMaes 16/11/2006 19:55 <REP> IncrediMail 14/02/2007 08:15 <REP> Internet Explorer 26/04/2006 18:14 <REP> Java 08/04/2006 22:25 <REP> Lavasoft 02/11/2005 20:34 <REP> Learn2.com 11/12/2005 21:42 <REP> Lexmark 2300 Series 11/12/2005 21:43 <REP> Lexmark Fax Solutions 12/05/2006 22:26 <REP> Logitech 27/03/2007 20:49 <REP> Lx_cats 15/02/2007 21:40 <REP> Maestria 02/11/2005 20:37 <REP> Messenger 02/11/2005 20:34 <REP> microsoft frontpage 11/12/2005 21:15 <REP> Microsoft Office 11/12/2005 21:19 <REP> Microsoft Visual Studio 15/02/2007 22:17 <REP> MopaMaes 02/11/2005 20:37 <REP> Movie Maker 20/05/2006 19:52 <REP> MP3 Player Utilities 02/11/2005 20:34 <REP> MSN 02/11/2005 20:34 <REP> MSN Gaming Zone 04/07/2006 18:17 <REP> MSN Messenger 16/11/2006 08:48 <REP> MSXML 4.0 02/11/2005 20:37 <REP> NetMeeting 02/11/2005 20:37 <REP> Online Services 15/12/2006 08:53 <REP> Outlook Express 02/11/2005 20:37 <REP> QuickTime 02/11/2005 20:34 <REP> Real 11/04/2006 21:22 <REP> ReflexiveArcade 15/02/2007 21:52 <REP> Sage 15/02/2007 22:14 <REP> SCDMaes 02/11/2005 20:38 <REP> Services en ligne 02/11/2005 20:34 <REP> Sonic 16/01/2007 20:46 <REP> StofWare 08/04/2006 22:08 <REP> Sunbelt Software 02/11/2005 20:34 <REP> Ulead Systems 08/04/2006 22:47 <REP> VideoLAN 02/11/2005 20:34 <REP> Viewpoint 01/11/2006 18:43 <REP> Winamp 06/01/2007 00:01 <REP> Windows Defender 02/11/2005 20:34 <REP> Windows Media Components 06/05/2006 10:50 <REP> Windows Media Player 02/11/2005 20:38 <REP> Windows NT 23/11/2006 21:00 <REP> WinRAR 06/01/2007 00:41 <REP> WinZip 02/11/2005 20:34 <REP> xerox 20/03/2006 22:11 <REP> Yahoo! 0 fichier(s) 0 octets 62 Rép(s) 22 272 905 216 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\Program Files\fichiers communs 15/02/2007 21:54 <REP> . 15/02/2007 21:54 <REP> .. 15/02/2007 21:54 <REP> Adobe 19/11/2006 14:20 <REP> AOL 11/12/2005 21:19 <REP> Designer 02/11/2005 20:34 <REP> InstallShield 02/11/2005 20:34 <REP> Java 12/05/2006 22:30 <REP> Logitech 12/12/2005 22:51 <REP> Microsoft Shared 02/11/2005 20:34 <REP> MSSoap 02/11/2005 20:34 <REP> Nullsoft 02/11/2005 20:34 <REP> ODBC 02/11/2005 20:34 <REP> Real 15/02/2007 22:29 <REP> SAGE 02/11/2005 20:36 <REP> Services 02/11/2005 20:36 <REP> Sonic Shared 02/11/2005 20:34 <REP> SpeechEngines 02/11/2005 20:36 <REP> SureThing Shared 08/04/2006 22:02 <REP> Symantec Shared 15/12/2006 08:53 <REP> System 02/11/2005 20:34 <REP> Ulead Systems 02/11/2005 20:34 <REP> xing shared 0 fichier(s) 0 octets 22 Rép(s) 22 272 905 216 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 11/12/2005 21:19 <REP> . 11/12/2005 21:19 <REP> .. 18/05/2001 15:57 561 209 MSONSEXT.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 18/03/1999 06:37 593 977 RAGENT.DLL 4 fichier(s) 1 405 156 octets 2 Rép(s) 22 272 905 216 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 24/05/2001 12:59 162 304 UNWISE.EXE 3 fichier(s) 333 824 octets 0 Rép(s) 22 272 905 216 octets libres C:\WINDOWS\System32/drivers\fwdrv.err -->27/03/2007 21:38:27 C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 19:26:08 C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 19:25:24 C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 01:56:13 C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 01:56:00 C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 01:51:58 C:\WINDOWS\System32/drivers\AvgAsCln.sys -->05/09/2006 18:03:16 C:\WINDOWS\System32\wpa.dbl -->31/03/2007 09:13:26 C:\WINDOWS\System32\PerfStringBackup.INI -->25/03/2007 20:15:41 C:\WINDOWS\System32\perfh00C.dat -->25/03/2007 20:15:41 C:\WINDOWS\System32\perfh009.dat -->25/03/2007 20:15:41 C:\WINDOWS\System32\perfc00C.dat -->25/03/2007 20:15:41 C:\WINDOWS\System32\perfc009.dat -->25/03/2007 20:15:41 C:\WINDOWS\System32\LEXSUP.HTM -->15/03/2007 19:49:32 C:\WINDOWS\System32\MRT.exe -->07/03/2007 22:36:32 C:\WINDOWS\System32\CONFIG.NT -->07/03/2007 20:09:17 C:\WINDOWS\System32\WgaTray.exe -->15/02/2007 19:01:36 C:\WINDOWS\System32\LegitCheckControl.dll -->15/02/2007 19:01:04 C:\WINDOWS\System32\WgaLogon.dll -->15/02/2007 19:00:28 C:\WINDOWS\System32\TZLog.log -->14/02/2007 08:16:34 C:\WINDOWS\System32\tzchange.exe -->29/01/2007 10:58:06 C:\WINDOWS\System32\hhctrl.ocx -->23/01/2007 21:31:20 C:\WINDOWS\System32\aswBoot.exe -->15/01/2007 19:32:07 C:\WINDOWS\System32\AVASTSS.scr -->15/01/2007 19:23:20 C:\WINDOWS\System32\wininet.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\webcheck.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\urlmon.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\mstime.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\mshtmled.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\mshtml.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\msfeedsbs.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\msfeeds.dll -->12/01/2007 10:27:42 C:\WINDOWS\WindowsUpdate.log -->02/04/2007 19:06:03 C:\WINDOWS.log -->31/03/2007 09:12:40 C:\WINDOWS\wiadebug.log -->31/03/2007 09:12:13 C:\WINDOWS\wiaservc.log -->31/03/2007 09:12:11 C:\WINDOWS\bootstat.dat -->31/03/2007 09:10:53 C:\WINDOWS\SchedLgU.Txt -->30/03/2007 23:20:24 C:\WINDOWS\ntbtlog.txt -->27/03/2007 21:39:59 C:\WINDOWS\setupapi.log -->27/03/2007 17:40:13 C:\WINDOWS\tsoc.log -->14/03/2007 22:09:10 C:\WINDOWS\ocmsn.log -->14/03/2007 22:09:10 C:\WINDOWS\ocgen.log -->14/03/2007 22:09:10 C:\WINDOWS\ntdtcsetup.log -->14/03/2007 22:09:10 C:\WINDOWS\msgsocm.log -->14/03/2007 22:09:10 C:\WINDOWS\KB929338.log -->14/03/2007 22:09:10 C:\WINDOWS\imsins.log -->14/03/2007 22:09:10 C:\WINDOWS\alcrmv.exe |11/10/2005 19:52:28 C:\WINDOWS\alcupd.exe |11/10/2005 19:52:28 C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe |12/05/2006 22:23:28 C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |22/12/2006 20:39:39 C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe |15/03/2007 19:50:45 C:\WINDOWS\IsUn040c.exe |16/08/2004 18:25:14 C:\WINDOWS\IsUninst.exe |11/10/2005 20:02:31 C:\WINDOWS\SOUNDMAN.EXE |11/10/2005 19:52:29 C:\WINDOWS\twunk_16.exe |16/08/2004 17:41:16 C:\WINDOWS\twunk_32.exe |16/08/2004 17:41:16 C:\WINDOWS\unvise32qt.exe |11/10/2005 20:02:10 C:\WINDOWS\twain.dll |16/08/2004 17:41:16 C:\WINDOWS\twain_32.dll |16/08/2004 17:41:16 C:\WINDOWS\system32\append.exe |16/08/2004 17:39:57 C:\WINDOWS\system32\aswBoot.exe |08/04/2006 21:45:00 C:\WINDOWS\system32\ati2evxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\Ati2mdxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ChCfg.exe |11/10/2005 19:52:29 C:\WINDOWS\system32\CIMSVR.exe |12/05/2006 22:26:47 C:\WINDOWS\system32\debug.exe |16/08/2004 17:40:04 C:\WINDOWS\system32\dosx.exe |16/08/2004 17:40:08 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 17:47:34 C:\WINDOWS\system32\edlin.exe |16/08/2004 17:40:20 C:\WINDOWS\system32\exe2bin.exe |16/08/2004 17:40:21 C:\WINDOWS\system32\fastopen.exe |16/08/2004 17:40:21 C:\WINDOWS\system32\gsw32.exe |15/02/2007 22:26:51 C:\WINDOWS\system32\java.exe |26/04/2006 18:14:19 C:\WINDOWS\system32\javaw.exe |26/04/2006 18:14:19 C:\WINDOWS\system32\javaws.exe |26/04/2006 18:14:19 C:\WINDOWS\system32\LVComS.exe |12/05/2006 22:27:33 C:\WINDOWS\system32\lxcgcoms.exe |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgih.exe |11/12/2005 21:28:17 C:\WINDOWS\system32\mem.exe |16/08/2004 17:40:35 C:\WINDOWS\system32\mscdexnt.exe |16/08/2004 17:40:39 C:\WINDOWS\system32\nlsfunc.exe |16/08/2004 17:40:48 C:\WINDOWS\system32\Process.exe |02/04/2007 18:44:55 C:\WINDOWS\system32\pxcpya64.exe |09/05/2006 11:26:07 C:\WINDOWS\system32\pxhpinst.exe |09/05/2006 11:26:07 C:\WINDOWS\system32\pxinsa64.exe |09/05/2006 11:26:07 C:\WINDOWS\system32\redir.exe |16/08/2004 17:41:00 C:\WINDOWS\system32\RTLCPL.EXE |11/10/2005 19:52:29 C:\WINDOWS\system32\setver.exe |16/08/2004 17:41:03 C:\WINDOWS\system32\share.exe |16/08/2004 17:41:03 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\34CoInstaller.dll |11/10/2005 19:51:44 C:\WINDOWS\system32\amstream.dll |16/08/2004 17:39:57 C:\WINDOWS\system32\ati2cqag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2dvag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2edxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2evxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati3duag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDDC.DLL |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDEMGR.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atiiiexx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atikvmag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atioglx1.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atioglxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atipdlxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atitvo32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativcoxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativvaxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atmfd.dll |16/08/2004 17:39:57 C:\WINDOWS\system32\atmlib.dll |16/08/2004 17:39:57 C:\WINDOWS\system32\cbaseintf.dll |15/02/2007 21:39:36 C:\WINDOWS\system32\cbaselocal.dll |15/02/2007 21:39:37 C:\WINDOWS\system32\cdintf251.dll |15/02/2007 21:39:52 C:\WINDOWS\system32\CIMSVRps.dll |12/05/2006 22:26:47 C:\WINDOWS\system32\CIMVIEW.dll |12/05/2006 22:26:47 C:\WINDOWS\system32\compatUI.dll |16/08/2004 17:40:03 C:\WINDOWS\system32\crun500.dll |15/02/2007 21:39:40 C:\WINDOWS\system32\dgrpsetu.dll |16/08/2004 17:55:15 C:\WINDOWS\system32\dgsetup.dll |16/08/2004 17:55:15 C:\WINDOWS\system32\EDT32D30.dll |15/02/2007 22:26:52 C:\WINDOWS\system32\encdec.dll |16/08/2004 17:40:21 C:\WINDOWS\system32\EqnClass.Dll |16/08/2004 17:55:15 C:\WINDOWS\system32\gswag32.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\gswdll32.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\hedlg32.dll |15/02/2007 22:26:50 C:\WINDOWS\system32\heicon32.dll |15/02/2007 22:26:50 C:\WINDOWS\system32\hekrnl32.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\hertf32.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\hetool32.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\hticons.dll |16/08/2004 18:03:32 C:\WINDOWS\system32\hypertrm.dll |16/08/2004 18:03:05 C:\WINDOWS\system32\iccvid.dll |16/08/2004 17:40:27 C:\WINDOWS\system32\imgman30.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\IMGMAN32.DLL |11/12/2005 21:42:59 C:\WINDOWS\system32\IMHOST32.DLL |11/12/2005 21:42:59 C:\WINDOWS\system32\imp32d20.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\Inetwh32.dll |11/10/2005 20:01:45 C:\WINDOWS\system32\ir32_32.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\ir41_qc.dll |16/08/2004 17:41:37 C:\WINDOWS\system32\ir41_qcx.dll |16/08/2004 17:41:37 C:\WINDOWS\system32\ir50_32.dll |16/08/2004 17:41:37 C:\WINDOWS\system32\ir50_qc.dll |16/08/2004 17:41:37 C:\WINDOWS\system32\ir50_qcx.dll |16/08/2004 17:41:37 C:\WINDOWS\system32\isrdbg32.dll |16/08/2004 18:06:15 C:\WINDOWS\system32\jgaw400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\jgdw400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\jgmd400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\jgpl400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\jgsd400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\jgsh400.dll |16/08/2004 17:40:31 C:\WINDOWS\system32\LCamCpl.dll |10/12/2002 18:30:18 C:\WINDOWS\system32\lfbmp12n.dll |10/12/2002 17:47:08 C:\WINDOWS\system32\LFCMP12n.DLL |10/12/2002 17:47:08 C:\WINDOWS\system32\LFFAX12n.DLL |10/12/2002 17:47:08 C:\WINDOWS\system32\lftif12n.dll |10/12/2002 17:47:08 C:\WINDOWS\system32\LQCUI.dll |10/12/2002 18:05:04 C:\WINDOWS\system32\LTDIS12n.dll |10/12/2002 17:47:10 C:\WINDOWS\system32\ltefx12n.dll |10/12/2002 17:47:12 C:\WINDOWS\system32\ltfil12n.DLL |10/12/2002 17:47:12 C:\WINDOWS\system32\ltimg12n.dll |10/12/2002 17:47:12 C:\WINDOWS\system32\ltkrn12n.dll |10/12/2002 17:47:12 C:\WINDOWS\system32\Ltwvc12n.dll |10/12/2002 17:47:16 C:\WINDOWS\system32\lvcodec2.dll |12/05/2006 22:27:33 C:\WINDOWS\system32\lvcoinst.dll |12/05/2006 22:27:33 C:\WINDOWS\system32\LVComC.dll |12/05/2006 22:27:33 C:\WINDOWS\system32\Lvkrn12n.dll |10/12/2002 17:47:16 C:\WINDOWS\system32\LVUI2.dll |12/05/2006 22:27:33 C:\WINDOWS\system32\LVUI2RC.dll |12/05/2006 22:27:33 C:\WINDOWS\system32\lxcgcfg.dll |26/04/2005 19:57:20 C:\WINDOWS\system32\lxcgcomc.dll |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgcomm.dll |11/12/2005 21:28:17 C:\WINDOWS\system32\lxcgcu.dll |11/12/2005 21:28:15 C:\WINDOWS\system32\lxcgcub.dll |11/12/2005 21:28:13 C:\WINDOWS\system32\lxcgcur.dll |11/12/2005 21:28:15 C:\WINDOWS\system32\lxcgins.dll |11/12/2005 21:28:18 C:\WINDOWS\system32\lxcginsb.dll |11/12/2005 21:28:14 C:\WINDOWS\system32\lxcginsr.dll |11/12/2005 21:28:18 C:\WINDOWS\system32\lxcgjswr.dll |11/12/2005 21:28:13 C:\WINDOWS\system32\lxcglmpm.dll |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgpplc.dll |11/12/2005 21:28:17 C:\WINDOWS\system32\lxcgprox.dll |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgserv.dll |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgusb1.dll |11/12/2005 21:28:16 C:\WINDOWS\system32\lxcgutil.dll |11/12/2005 21:28:15 C:\WINDOWS\system32\lxcgvs.dll |11/12/2005 21:28:17 C:\WINDOWS\system32\LXPMONRC.DLL |11/12/2005 21:42:59 C:\WINDOWS\system32\LXPMONUI.DLL |11/12/2005 21:43:19 C:\WINDOWS\system32\LXPRMON.DLL |11/12/2005 21:43:19 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 17:47:06 C:\WINDOWS\system32\MEM32D20.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\MimicICM.dll |12/05/2006 22:26:47 C:\WINDOWS\system32\mlcorert.dll |15/02/2007 21:39:38 C:\WINDOWS\system32\msdmo.dll |16/08/2004 17:40:40 C:\WINDOWS\system32\msencode.dll |16/08/2004 17:40:40 C:\WINDOWS\system32\MSRTEDIT.DLL |22/01/1999 20:46:58 C:\WINDOWS\system32\Oemdspif.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\paqsp.dll |23/08/2001 17:47:16 C:\WINDOWS\system32\PCDLIB32.DLL |09/12/1998 04:53:58 C:\WINDOWS\system32\pncrt.dll |11/10/2005 20:01:58 C:\WINDOWS\system32\pndx5016.dll |11/10/2005 20:01:58 C:\WINDOWS\system32\pndx5032.dll |11/10/2005 20:01:58 C:\WINDOWS\system32\PsisDecd.dll |11/10/2005 19:51:44 C:\WINDOWS\system32\Px.dll |19/10/2004 16:56:36 C:\WINDOWS\system32\pxdrv.dll |06/05/2005 01:01:00 C:\WINDOWS\system32\pxmas.dll |19/10/2004 16:55:44 C:\WINDOWS\system32\pxsfs.dll |08/06/2006 20:22:34 C:\WINDOWS\system32\PxWave.dll |19/10/2004 16:55:16 C:\WINDOWS\system32\PXWMA.dll |25/03/2004 10:30:40 C:\WINDOWS\system32\QCUI.dll |10/12/2002 18:05:52 C:\WINDOWS\system32\qedwipes.dll |16/08/2004 17:40:58 C:\WINDOWS\system32\rmoc3260.dll |11/10/2005 20:01:59 C:\WINDOWS\system32\roboex32.dll |11/10/2005 20:01:45 C:\WINDOWS\system32\RtlCPAPI.dll |11/10/2005 19:52:29 C:\WINDOWS\system32\SAGEPERS.DLL |15/02/2007 21:39:40 C:\WINDOWS\system32\sbe.dll |16/08/2004 17:41:02 C:\WINDOWS\system32\slbcsp.dll |16/08/2004 17:41:05 C:\WINDOWS\system32\slbiop.dll |16/08/2004 17:41:05 C:\WINDOWS\system32\slbrccsp.dll |16/08/2004 17:41:05 C:\WINDOWS\system32\Snadosql.dll |15/02/2007 22:26:52 C:\WINDOWS\system32\SNFORM32.DLL |15/02/2007 22:26:51 C:\WINDOWS\system32\spnike.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\spr32d60.dll |15/02/2007 22:26:52 C:\WINDOWS\system32\sprio600.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\spxcoins.dll |16/08/2004 17:55:15 C:\WINDOWS\system32\ss32d25.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\tab32d20.dll |15/02/2007 22:26:51 C:\WINDOWS\system32\tsd32.dll |16/08/2004 17:41:16 C:\WINDOWS\system32\umloader.dll |07/01/2004 01:01:00 C:\WINDOWS\system32\unzip32.dll |11/10/2005 20:01:09 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\VXBLOCK.dll |20/05/2004 01:00:00 C:\WINDOWS\system32\win87em.dll |16/08/2004 17:41:22 C:\WINDOWS\system32\_psisdecd.dll |11/10/2005 20:12:49 Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\WINDOWS\system32 05/08/2004 14:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 22 272 360 448 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\WINDOWS\Downloaded Program Files 13/01/2007 19:00 <REP> . 13/01/2007 19:00 <REP> .. 16/08/2004 18:08 65 desktop.ini 25/07/2002 17:13 24 576 dwusplay.dll 25/07/2002 17:13 196 608 dwusplay.exe 24/01/2005 12:38 1 249 erma.inf 25/07/2002 17:05 172 032 isusweb.dll 08/08/2006 12:45 576 kavwebscan.inf 11/12/2006 17:44 367 LegitCheckControl.inf 7 fichier(s) 395 473 octets Total des fichiers listés : 7 fichier(s) 395 473 octets 2 Rép(s) 22 272 360 448 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCGCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Liste des programmes installes ABBYY FineReader 6.0 Sprint Ad-Aware SE Personal Adobe Reader 7.0.8 - Français Archiveur WinRAR avast! Antivirus AVG Anti-Spyware 7.5 Codeur Windows Media Série 9 Comptabilité Correctif pour Windows XP (KB914440) Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893066 Correctif Windows XP - KB893086 eMule eMusic - 50 Free MP3 offer Gestion commerciale Google Toolbar for Internet Explorer HijackThis 1.99.1 Hotfix for Windows XP (KB915865) Immobilisations IncrediMail Xe J2SE Runtime Environment 5.0 Update 2 J2SE Runtime Environment 5.0 Update 6 Kaspersky On-line Scanner Kaspersky Online Scanner Kit de Connexion Alice ADSL Language pack for Ad-Aware SE Lecteur Windows Media 10 Lexmark 2300 Series Logitech Desktop Messenger Logitech Desktop Messenger Logitech IM Video Companion Logitech ImageStudio Macromedia Flash Player 8 Macromedia Shockwave Player Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2000 SR-1 Premium Microsoft Visual J# .NET Redistributable Package 1.1 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911280) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922760) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB931836) Moyens de Paiement MP3 Player Utilities MSXML 4.0 SP2 (KB927978) NoSpam 0.5.32 Panneau de contrôle ATI QALITEL logigramme Realtek AC'97 Audio Sage Pilote Saisie de caisse décentralisée Security Update for Microsoft .NET Framework 2.0 (KB922770) Security Update pour Microsoft .NET Framework 2.0 (KB917283) Skype 2.0 Solutions de télécopie Lexmark Sonic MyDVD Sonic RecordNow! Suivi de trésorerie 100 Sunbelt Kerio Personal Firewall VideoLAN VLC media player 0.8.4a WebFldrs XP Winamp (remove only) Windows Defender Windows Genuine Advantage Notifications (KB905474) Windows Installer 3.1 (KB893803) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format Runtime WinZip Yahoo! Install Manager Yahoo! Toolbar Yahoo! Toolbar Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\Program Files 27/03/2007 21:18 <REP> . 27/03/2007 21:18 <REP> .. 11/12/2005 21:44 <REP> Abbyy FineReader 6.0 Sprint 02/11/2005 20:34 <REP> Adobe 19/04/2006 20:50 <REP> Alice 08/04/2006 21:44 <REP> Alwil Software 02/11/2005 20:34 <REP> AMD 02/11/2005 20:34 <REP> ComPlus Applications 02/11/2005 20:34 <REP> CyberLink 12/05/2006 22:31 <REP> directx 17/03/2007 21:00 <REP> eMule 15/02/2007 21:54 <REP> Fichiers communs 15/02/2007 22:12 <REP> GecoMaes 02/11/2005 20:34 <REP> GMixon 28/10/2006 16:15 <REP> Google 11/01/2007 19:28 <REP> Grisoft 15/02/2007 22:29 <REP> ImmoMaes 16/11/2006 19:55 <REP> IncrediMail 14/02/2007 08:15 <REP> Internet Explorer 26/04/2006 18:14 <REP> Java 08/04/2006 22:25 <REP> Lavasoft 02/11/2005 20:34 <REP> Learn2.com 11/12/2005 21:42 <REP> Lexmark 2300 Series 11/12/2005 21:43 <REP> Lexmark Fax Solutions 12/05/2006 22:26 <REP> Logitech 27/03/2007 20:49 <REP> Lx_cats 15/02/2007 21:40 <REP> Maestria 02/11/2005 20:37 <REP> Messenger 02/11/2005 20:34 <REP> microsoft frontpage 11/12/2005 21:15 <REP> Microsoft Office 11/12/2005 21:19 <REP> Microsoft Visual Studio 15/02/2007 22:17 <REP> MopaMaes 02/11/2005 20:37 <REP> Movie Maker 20/05/2006 19:52 <REP> MP3 Player Utilities 02/11/2005 20:34 <REP> MSN 02/11/2005 20:34 <REP> MSN Gaming Zone 04/07/2006 18:17 <REP> MSN Messenger 16/11/2006 08:48 <REP> MSXML 4.0 02/11/2005 20:37 <REP> NetMeeting 02/11/2005 20:37 <REP> Online Services 15/12/2006 08:53 <REP> Outlook Express 02/11/2005 20:37 <REP> QuickTime 02/11/2005 20:34 <REP> Real 11/04/2006 21:22 <REP> ReflexiveArcade 15/02/2007 21:52 <REP> Sage 15/02/2007 22:14 <REP> SCDMaes 02/11/2005 20:38 <REP> Services en ligne 02/11/2005 20:34 <REP> Sonic 16/01/2007 20:46 <REP> StofWare 08/04/2006 22:08 <REP> Sunbelt Software 02/11/2005 20:34 <REP> Ulead Systems 08/04/2006 22:47 <REP> VideoLAN 02/11/2005 20:34 <REP> Viewpoint 01/11/2006 18:43 <REP> Winamp 06/01/2007 00:01 <REP> Windows Defender 02/11/2005 20:34 <REP> Windows Media Components 06/05/2006 10:50 <REP> Windows Media Player 02/11/2005 20:38 <REP> Windows NT 23/11/2006 21:00 <REP> WinRAR 06/01/2007 00:41 <REP> WinZip 02/11/2005 20:34 <REP> xerox 20/03/2006 22:11 <REP> Yahoo! 0 fichier(s) 0 octets 62 Rép(s) 22 272 905 216 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\Program Files\fichiers communs 15/02/2007 21:54 <REP> . 15/02/2007 21:54 <REP> .. 15/02/2007 21:54 <REP> Adobe 19/11/2006 14:20 <REP> AOL 11/12/2005 21:19 <REP> Designer 02/11/2005 20:34 <REP> InstallShield 02/11/2005 20:34 <REP> Java 12/05/2006 22:30 <REP> Logitech 12/12/2005 22:51 <REP> Microsoft Shared 02/11/2005 20:34 <REP> MSSoap 02/11/2005 20:34 <REP> Nullsoft 02/11/2005 20:34 <REP> ODBC 02/11/2005 20:34 <REP> Real 15/02/2007 22:29 <REP> SAGE 02/11/2005 20:36 <REP> Services 02/11/2005 20:36 <REP> Sonic Shared 02/11/2005 20:34 <REP> SpeechEngines 02/11/2005 20:36 <REP> SureThing Shared 08/04/2006 22:02 <REP> Symantec Shared 15/12/2006 08:53 <REP> System 02/11/2005 20:34 <REP> Ulead Systems 02/11/2005 20:34 <REP> xing shared 0 fichier(s) 0 octets 22 Rép(s) 22 272 905 216 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 11/12/2005 21:19 <REP> . 11/12/2005 21:19 <REP> .. 18/05/2001 15:57 561 209 MSONSEXT.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 18/03/1999 06:37 593 977 RAGENT.DLL 4 fichier(s) 1 405 156 octets 2 Rép(s) 22 272 905 216 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est F411-D926 Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 24/05/2001 12:59 162 304 UNWISE.EXE 3 fichier(s) 333 824 octets 0 Rép(s) 22 272 905 216 octets libres

Bonjour Malekal Morte et merci de t'occuper de moi Du coup je comprends mieux ce qui m'arrive; j'avais téléchargé webmediaplayer, toute contente d'avoir quelques chaînes en plus..J'imagine que je vais devoir l'enlever ? Et D'ailleurs j'ai aussi téléchargé Incredimail (je sais plus où) à la place d'outlook, est-ce que ça craint ? Car depuis que je l'ai je reçois des spam bizzarres (viagra ..etc) Bon j'arrête de te raconter ma vie et voici mes rapports : Search Navipromo version 1.0.8 commencé le 02/04/2007 à 18:45:40,60 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis D:\Documents and Settings\emily\Bureau Mise a jour le 26.03.2007 a 08h00 by IL-MAFIOSO Executé en mode normal *** Recherche Programmes installes *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans D:\Documents and Settings\emily\Application Data *** *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR ====================================== Copyright 2005-2006 F-Secure Corporation. All rights reserved. This is a beta version. It will expire on 1st of April, 2007. Version information: 2.2.1055. [+] Started on 04/02/07 at 18:45:45. [-] ERROR: This version of F-Secure BlackLight has expired. [+] Exited on 04/02/07 at 18:45:45 (return code = 3). *** Recherche fichiers *** *** Recherche cles registre *** Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] Recherche Clé Magic Control *** Module de recherche complémentaire *** (recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : * ** *** **** ***** ****** ******* ******** *** Analyse Terminé le 02/04/2007 à 18:46:03,40 *** Logfile of HijackThis v1.99.1 Scan saved at 18:46:50, on 02/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\apps\ABoard\ABoard.exe C:\Program Files\Lexmark 2300 Series\lxcgmon.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Lexmark 2300 Series\ezprint.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\APPS\skype\phone\Skype.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\lxcgcoms.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\WINDOWS\system32\notepad.exe D:\Documents and Settings\emily\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.incredimail.com/french R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: LXCGCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

ok mais pour le scan navilog, je le fais en mode sans echec ou normal ? Et faut-il que je me deconnecte à chaque scan? merci @ +

Coucou Bruce Lee Voici les rapports : cleanavi, AVG et hijacthis Par contre quelques problèmes style : "etape 3/ Démarrer/panneau de configuration/ajout et suppression de programmes et vérifie la présence de: Starware Si ce programme est présent désinstalle-le." Pas de programme de ce nom et "étape 7/Supprime ce qui est en gras: C:\Program Files\ Starware<== tout le dossier" Pas trouvé non plus Alors je sais pas si j'ai raté un épisode ou quoi... Clean Navipromo version 1.0.8 commencé le 27/03/2007 à 21:42:10,76 Fix lancé depuis D:\Documents and Settings\emily\Bureau Mise a jour le 26.03.2007 a 08h00 by IL-MAFIOSO Executé en mode sans echec Mode suppression automatique avec prise en charge résultats Blacklight *** fsbl1.txt non trouvé *** (Assurez-vous que Blacklight n'avait rien trouvé lors de la recherche) *** Suppression dossiers dans C:\WINDOWS *** *** Suppression dossiers dans C:\Program Files *** *** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Suppression dossiers dans D:\Documents and Settings\emily\Application Data *** *** Suppression fichiers *** *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu D:\Documents and Settings\emily\Local Settings\Temp effectué ! *** Sauvegarde du registre vers dossier Backupnavi*** sauvegarde du registre réalisée avec succès ! *** Nettoyage registre *** Nettoyage registre Ok *** Traitement Recherche complémentaire *** 1)Recherche fichiers connus: 2)Recherche et Suppression Heuristique : * ** *** **** ***** ****** ******* ******** *** Nettoyage termine le 27/03/2007 à 21:44:03,54 *** --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 07:36:06 28/03/2007 + Résultat de l'analyse: D:\Documents and Settings\emily\Cookies\emily@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@ehg-cogemag.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé. Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 21:44:42, on 27/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe D:\Documents and Settings\emily\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.incredimail.com/french R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Starware - {F7C7AA47-BCA6-451D-8DBC-C10A8F75C8C7} - C:\Program Files\Starware\bin\Starware.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Starware - {9839B3B7-3F99-4498-884D-6CFCCD251AB1} - C:\Program Files\Starware\bin\Starware.dll (file missing) O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: LXCGCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

Voilà : Logfile of HijackThis v1.99.1 Scan saved at 20:26:52, on 27/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Lexmark 2300 Series\lxcgmon.exe C:\Program Files\Lexmark 2300 Series\ezprint.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Windows Defender\MSASCui.exe C:\APPS\skype\phone\Skype.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\lxcgcoms.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\notepad.exe C:\PROGRA~1\INCRED~1\bin\ImNotfy.exe D:\Documents and Settings\emily\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.incredimail.com/french R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Starware - {F7C7AA47-BCA6-451D-8DBC-C10A8F75C8C7} - C:\Program Files\Starware\bin\Starware.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Starware - {9839B3B7-3F99-4498-884D-6CFCCD251AB1} - C:\Program Files\Starware\bin\Starware.dll (file missing) O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: LXCGCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

Salut Bruce Lee Merci pour ta réponse rapide Voici le rapport : Search Navipromo version 1.0.8 commencé le 27/03/2007 à 19:47:53,78 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis D:\Documents and Settings\emily\Bureau Mise a jour le 26.03.2007 a 08h00 by IL-MAFIOSO Executé en mode normal *** Recherche Programmes installes *** WebMediaPlayer 1.0 *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** C:\Program Files\WebMediaPlayer trouvé ! *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans D:\Documents and Settings\emily\Application Data *** *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html Fichier(s) caché(s) dans C:\WINDOWS\system32 : c:\WINDOWS\system32\mclqdf.dat C:\windows\system32\mclqdf.exe c:\WINDOWS\system32\mclqdf_nav.dat c:\WINDOWS\system32\mclqdf_navps.dat Processus caché(s) dans C:\WINDOWS\system32 : C:\windows\system32\mclqdf.exe *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf trouvé ! *** Recherche cles registre *** Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] Recherche Clé Magic Control HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de recherche complémentaire *** (recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : * C:\WINDOWS\system32\jzdfutixvc.dat trouvé ! C:\WINDOWS\system32\mclqdf.dat trouvé ! ** C:\WINDOWS\system32\gdyjfqrxse.dat trouvé ! C:\WINDOWS\system32\jzdfutixvc.dat trouvé ! C:\WINDOWS\system32\mclqdf.dat trouvé ! *** **** C:\WINDOWS\system32\gdyjfqrxse_navps.dat trouvé ! C:\WINDOWS\system32\jzdfutixvc_navps.dat trouvé ! C:\WINDOWS\system32\mclqdf_navps.dat trouvé ! ***** C:\WINDOWS\system32\gdyjfqrxse_nav.dat trouvé ! C:\WINDOWS\system32\jzdfutixvc_nav.dat trouvé ! C:\WINDOWS\system32\mclqdf_nav.dat trouvé ! ****** ******* C:\WINDOWS\system32\qutconwjh.exe trouvé ! ******** C:\WINDOWS\system32\aduiqsg.exe trouvé ! C:\WINDOWS\system32\bwlatmk.exe trouvé ! C:\WINDOWS\system32\eawckfg.exe trouvé ! C:\WINDOWS\system32\efmdnxjwa.exe trouvé ! C:\WINDOWS\system32\egaqwjik.exe trouvé ! C:\WINDOWS\system32\figqtohwcy.exe trouvé ! C:\WINDOWS\system32\hlacxkrq.exe trouvé ! C:\WINDOWS\system32\jzdfutixvc.exe trouvé ! C:\WINDOWS\system32\kiletqwzx.exe trouvé ! C:\WINDOWS\system32\lyfxkbcuam.exe trouvé ! C:\WINDOWS\system32\mclqdf.exe trouvé ! C:\WINDOWS\system32\nyrjzg.exe trouvé ! C:\WINDOWS\system32\nyrusel.exe trouvé ! C:\WINDOWS\system32\ozlghpjxub.exe trouvé ! C:\WINDOWS\system32\qcdoshejya.exe trouvé ! C:\WINDOWS\system32\qutconwjh.exe trouvé ! C:\WINDOWS\system32\ruhsceqaol.exe trouvé ! C:\WINDOWS\system32\umgkcvdy.exe trouvé ! C:\WINDOWS\system32\xiptkeyozu.exe trouvé ! C:\WINDOWS\system32\zpourcy.exe trouvé ! *** Analyse Terminé le 27/03/2007 à 19:51:52,56 ***

Voici mes rapports de scan (j'avais oublié) Logfile of HijackThis v1.99.1 Scan saved at 17:40:43, on 27/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Lexmark 2300 Series\lxcgmon.exe C:\Program Files\Lexmark 2300 Series\ezprint.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Windows Defender\MSASCui.exe C:\APPS\skype\phone\Skype.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\lxcgcoms.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe D:\Documents and Settings\emily\Bureau\eradiquer win\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.incredimail.com/french R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Starware - {F7C7AA47-BCA6-451D-8DBC-C10A8F75C8C7} - C:\Program Files\Starware\bin\Starware.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Starware - {9839B3B7-3F99-4498-884D-6CFCCD251AB1} - C:\Program Files\Starware\bin\Starware.dll (file missing) O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: LXCGCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe 03/27/07 17:41:16 [info]: BlackLight Engine 1.0.55 initialized 03/27/07 17:41:16 [info]: OS: 5.1 build 2600 (Service Pack 2) 03/27/07 17:41:17 [Note]: 7019 4 03/27/07 17:41:17 [Note]: 7005 0 03/27/07 17:41:19 [Note]: 7006 0 03/27/07 17:41:19 [Note]: 7011 1492 03/27/07 17:41:19 [Note]: 7026 0 03/27/07 17:41:19 [Note]: 7026 0 03/27/07 17:41:19 [Note]: 7024 3 03/27/07 17:41:19 [info]: Hidden process: C:\windows\system32\mclqdf.exe 03/27/07 17:41:27 [Note]: FSRAW library version 1.7.1021 03/27/07 17:44:17 [info]: Hidden file: c:\WINDOWS\system32\mclqdf.dat 03/27/07 17:44:17 [Note]: 10002 1 03/27/07 17:44:18 [info]: Hidden file: C:\windows\system32\mclqdf.exe 03/27/07 17:44:18 [Note]: 10002 1 03/27/07 17:44:18 [info]: Hidden file: c:\WINDOWS\system32\mclqdf_nav.dat 03/27/07 17:44:18 [Note]: 10002 1 03/27/07 17:44:18 [info]: Hidden file: c:\WINDOWS\system32\mclqdf_navps.dat 03/27/07 17:44:18 [Note]: 10002 1 03/27/07 17:45:03 [Note]: 2000 1012 03/27/07 17:45:03 [Note]: 2000 1012

Bonjour J'ai de nouveau des problème avec Winantispyware qui me harcèle pour que je le télécharge, + d'autres du meme style Quelqu'un pourrait il m'aider ? Je n'ose pas refaire les même manip que la dernière fois sans quelques conseils Voici mes rapport Hijackthis et F-Secure au cas où si veut bien me les analyser. D'avance merci

Coucou Bruce lee Déjà j'ai plus de pop up quand je suis sur IE, et je t'en remercie, c'est super!!! par contre je continue à recevoir des messages louches me proposant de la pharmacie (Viagra, Xanax, Valium...) ou des sacs de marques...et au minimum 2 par jour ce qui pollue pas mal ma messagerie. Pourtant je remarque que j'en reçois beaucoup moins depuis les dernières manip' que tu m'a fais faire, mais c'est qu'il doit tout de même rester quelque chose quelque part....Sais-tu si d'autres ont eut le même probleme que moi ? et si on peut y faire quelque chose ? Merci d'avance @ +

Coucou Bruce lee Je t'envoie le rapport de kapersky, il est hyper long mais bon A part ça j'espère qu'on a eut ce satané virus, et au fait tu sais pas comment je l'ai attrappé ? et si j'ai pu le refiler à d'autres ?, j'espère pas ...Et c'est vrai que déjà là j'ai plus de fenetres qui s'ouvrent, c'est cool quand ça s'arrete.... UN GRAND MERCI pour ton aide précieuse @ + KASPERSKY ON-LINE SCANNER REPORT Saturday, January 13, 2007 6:45:32 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 13/01/2007 Enregistrements dans la base antivirus Kaspersky : 243732 Paramètres d'analyse Analyser avec la base antivirus suivante standard Analyser les archives vrai Analyser les bases de messagerie vrai Cible de l'analyse Poste de travail C:\ D:\ E:\ G:\ H:\ I:\ J:\ Statistiques de l'analyse Total d'objets analysés 65822 Nombre de virus trouvés 0 Nombre d'objets infectés 0 / 0 Nombre d'objets suspects 0 Durée de l'analyse 00:33:52 Nom de l'objet infecté Nom du virus Dernière action C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AGENT_LOG1.txt L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BINARY\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\BWDocMap.pht L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\BWInfopakMap.pht L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\chandir.dat L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\chandir.idx L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\chn.dat L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\chn.idx L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\D0000000.FCS L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\inuse.txt L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\L0000018.FCS L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\main.log L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\prs.dat L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\prs.idx L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\prs_die.dat L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\prs_die.idx L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\prs_dnd.dat L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\prs_dnd.idx L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\prs_ext.dat L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\prs_ext.idx L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\prs_rcv.dat L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\prs_rcv.idx L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\storydb.dat L'objet est verrouillé ignoré C:\Program Files\Logitech\Desktop Messenger\8876480\Users\emily\Data\storydb.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\debug.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\debug.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\error.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\error.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\hips.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\hips.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\ids.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\ids.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\network.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\network.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\system.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\system.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\warning.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\warning.log.idx L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\web.log L'objet est verrouillé ignoré C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\web.log.idx L'objet est verrouillé ignoré C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP316\change.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\EventCache\{CE607718-90E9-4042-8AD2-C686CA1A424D}.bin L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\Temp\Perflib_Perfdata_7f8.dat L'objet est verrouillé ignoré C:\WINDOWS\Temp\TMP000000A2B80573065BCAF2AF L'objet est verrouillé ignoré C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré D:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-01052007-230149.log L'objet est verrouillé ignoré D:\Documents and Settings\emily\Cookies\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\emily\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\emily\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré D:\Documents and Settings\emily\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré D:\Documents and Settings\emily\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{271F719A-869D-41E1-BDBD-512BF8FC0D01} L'objet est verrouillé ignoré D:\Documents and Settings\emily\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\emily\Local Settings\Historique\History.IE5\MSHist012007011320070114\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\emily\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré D:\Documents and Settings\emily\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\emily\NTUSER.DAT L'objet est verrouillé ignoré D:\Documents and Settings\emily\ntuser.dat.LOG L'objet est verrouillé ignoré D:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré D:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré D:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré D:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré D:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré D:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré D:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP316\change.log L'objet est verrouillé ignoré Analyse terminée.

hello Bruce lee Voici le rapport de blacklight, @ + et merci encore pour ton aide...( j'espère qu'on va en venir à bout) 01/13/07 14:43:00 [info]: BlackLight Engine 1.0.55 initialized 01/13/07 14:43:00 [info]: OS: 5.1 build 2600 (Service Pack 2) 01/13/07 14:43:00 [Note]: 7019 4 01/13/07 14:43:00 [Note]: 7005 0 01/13/07 14:43:07 [Note]: 7006 0 01/13/07 14:43:07 [Note]: 7011 1560 01/13/07 14:43:08 [Note]: 7026 0 01/13/07 14:43:08 [Note]: 7026 0 01/13/07 14:43:17 [Note]: FSRAW library version 1.7.1021 01/13/07 14:46:11 [Note]: 2000 1012 01/13/07 14:46:11 [Note]: 2000 1012

Re Petit problème j'ai pas de dossier logs dans C:\!killbox!, donc pas de fichier texte à copier... Je fais quoi ? @ + PS : Je t'envoie le rapport hijackthis au cas où... Logfile of HijackThis v1.99.1 Scan saved at 19:37:18, on 12/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Lexmark 2300 Series\lxcgmon.exe C:\Program Files\Lexmark 2300 Series\ezprint.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\APPS\skype\phone\Skype.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\ctfmon.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\lxcgcoms.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\Program Files\Internet Explorer\iexplore.exe D:\Documents and Settings\emily\Bureau\eradiquer win\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.incredimail.com/french R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: LXCGCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

Salut Bruce lee Ca y est je viens juste de faire toutes les manip', ça m'a occupé un moment...mais j'ai pas rencontré de problème particulier. AVG m'a trouvé 18 fichiers infectés... Je ne me faisais donc pas des idées, par contre je sais pas comment j'ai fait pour les choper, emule peut être...; j'ai pourtant avast, kerio, et ad-aware mais a vrai dire j'y comprends rien si ça se trouve ils sont mal parametrés ? Peut tu m'éclairer ? Bon pour l'instant je t'envoie les rapports, et je croise les doigts pour que tu sauve mon ordi. @ + --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 20:40:53 11/01/2007 + Résultat de l'analyse: D:\Documents and Settings\emily\Cookies\emily@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@com[1].txt -> TrackingCookie.Com : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@banner.grandonline[2].txt -> TrackingCookie.Grandonline : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@grandonline[2].txt -> TrackingCookie.Grandonline : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@www.vegasred[1].txt -> TrackingCookie.Vegasred : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé. D:\Documents and Settings\emily\Cookies\emily@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé. Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 20:52:33, on 11/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Lexmark 2300 Series\lxcgmon.exe C:\Program Files\Lexmark 2300 Series\ezprint.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\APPS\skype\phone\Skype.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\lxcgcoms.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe D:\Documents and Settings\emily\Bureau\eradiquer win\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.incredimail.com/french R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: LXCGCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe 01/11/07 21:00:36 [info]: BlackLight Engine 1.0.55 initialized 01/11/07 21:00:36 [info]: OS: 5.1 build 2600 (Service Pack 2) 01/11/07 21:00:37 [Note]: 7019 4 01/11/07 21:00:37 [Note]: 7005 0 01/11/07 21:00:39 [Note]: 7006 0 01/11/07 21:00:39 [Note]: 7011 1540 01/11/07 21:00:40 [Note]: 7026 0 01/11/07 21:00:40 [Note]: 7026 0 01/11/07 21:00:40 [Note]: 7024 3 01/11/07 21:00:40 [info]: Hidden process: C:\windows\system32\gdyjfqrxse.exe 01/11/07 21:00:50 [Note]: FSRAW library version 1.7.1021 01/11/07 21:02:51 [info]: Hidden file: c:\WINDOWS\system32\gdyjfqrxse_nav.dat 01/11/07 21:02:51 [Note]: 10002 1 01/11/07 21:02:51 [info]: Hidden file: c:\WINDOWS\system32\gdyjfqrxse.dat 01/11/07 21:02:51 [Note]: 10002 1 01/11/07 21:02:51 [info]: Hidden file: C:\windows\system32\gdyjfqrxse.exe 01/11/07 21:02:51 [Note]: 10002 1 01/11/07 21:02:51 [info]: Hidden file: c:\WINDOWS\system32\gdyjfqrxse_navps.dat 01/11/07 21:02:51 [Note]: 10002 1 01/11/07 21:03:27 [Note]: 2000 1012 01/11/07 21:03:27 [Note]: 2000 1012

Bonjour Bruce lee, et un grand merci de me répondre , j'ai fais ce que tu disais et je t'envoie les copies des deux rapports : hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 12:24:36, on 07/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Lexmark 2300 Series\lxcgmon.exe C:\Program Files\Lexmark 2300 Series\ezprint.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Windows Defender\MSASCui.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\APPS\skype\phone\Skype.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\lxcgcoms.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\WINZIP\winzip32.exe D:\Documents and Settings\emily\Local Settings\Temp\wz6b4c\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.incredimail.com/french R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [jzdfutixvc] c:\windows\system32\jzdfutixvc.exe jzdfutixvc O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O18 - Protocol: bw+0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {DC044544-1A75-4DBD-BCD6-5927EE3B2021} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: LXCGCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe F-Secure 01/07/07 12:38:06 [info]: BlackLight Engine 1.0.55 initialized 01/07/07 12:38:06 [info]: OS: 5.1 build 2600 (Service Pack 2) 01/07/07 12:38:07 [Note]: 7019 4 01/07/07 12:38:07 [Note]: 7005 0 01/07/07 12:39:28 [Note]: 7006 0 01/07/07 12:39:28 [Note]: 7011 1540 01/07/07 12:39:28 [Note]: 7026 0 01/07/07 12:39:28 [Note]: 7026 0 01/07/07 12:39:28 [Note]: 7024 3 01/07/07 12:39:28 [info]: Hidden process: C:\windows\system32\gdyjfqrxse.exe 01/07/07 12:39:31 [Note]: FSRAW library version 1.7.1021 01/07/07 12:41:28 [info]: Hidden file: c:\WINDOWS\system32\gdyjfqrxse_nav.dat 01/07/07 12:41:28 [Note]: 10002 1 01/07/07 12:41:28 [info]: Hidden file: c:\WINDOWS\system32\gdyjfqrxse.dat 01/07/07 12:41:28 [Note]: 10002 1 01/07/07 12:41:28 [info]: Hidden file: C:\windows\system32\gdyjfqrxse.exe 01/07/07 12:41:28 [Note]: 10002 1 01/07/07 12:41:28 [info]: Hidden file: c:\WINDOWS\system32\gdyjfqrxse_navps.dat 01/07/07 12:41:28 [Note]: 10002 1 01/07/07 12:42:11 [Note]: 2000 1012 01/07/07 12:42:11 [Note]: 2000 1012 Voilà, @ + Et encore merci

Bonjour à tous, et HELP !!!! Apparement je suis pas la seule a avoir des pb avec winantispyware2006 qui me harcele pour que je le télécharge + toutes ces autres fenetres qui s'ouvrent et ralentissent tout, + des mails bizzares sur ma messagerie, mon anti virus que je dois reactiver manuellement régulièrement. J'ai bien peur que mon ordi soit deja bien infecté Je sais pas quoi faire, si qq un pouvait m'aider à le tuer j'ai vu que certains avaient réussit a s'en débarasser mais ça a l'air super compliqué....