djn

Bonsoir , Voilà, j'ai esssayé d'installer FindyKill de El Desaparecido mais sans succès. J'arrive à l'installer sur mon pc portable mais pas sur mon ordi infecté comment puis -je procéder? Merci d'avance pour l'aide que tu m'apportes; Bien à toi Djn

RE, Voilà ,ce qu'il m'indique C:\Documents and setting\HP_Propriètaire.NOM-EB\Bureau\Toolbar SD.exe n'est pas une application Win 32 valide. Merci Bien à toi Djn

Bonjour, J'ai télécharger Toolbar SD et en l'éxecutant il m'indique exe n'est pas une application valide. Je voulais juste te signialer que je suis Sur XP Merci de m'aider ,je suis perdu. Bien à toi Djn

bonsoir Apollo, Voilà , je n'arrive pas à faire les téléchargement des liens que tu m'as donné, il m'indique une ereur quand je les ouvre.Je me permets de te rappeler que je n'y connais rien en informatique pourrrais-tu m'aider S.T.P.Merci. Bien à toi Djn

Bonsoir , Voilà, je vous explique , je ne suis pas douée en informatique. Il y a déjà quelques jours que mon pc est lent et qu'il démarre une fois sur 2. Aujourd'hui, je viens d'installer avast et il me signiale qu'il a un cheval de toie qui a été bloquée mais il ne s'arrête pas de le signialer.Pourriez-vous m'aider ? Merci d'avance Voici le rapport HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:47:24, on 29/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\WINDOWS\system32\HerculesWiFiService.exe C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Fichiers communs\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Hercules\WiFiStationN\WiFiN.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 01net informatique high-tech : actu, produits, téléchargement logiciels et jeux R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par IE 8 FOURNI PAR 01NET.COM R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar2.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar2.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [PCMServ

bonsoir, Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:08:29, on 10/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wscntfy.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: CyberLink PowerCinema O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://noorine01.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1171301581721 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: WindowsDriver - Unknown owner - C:\WINDOWS\system32\spool.exe (file missing) -- End of file - 11039 bytesvoici le rapport hijackthis: pour le kapersky ,je n'y arrive pas a faire l'analyse,il me demande 1 code d'accès. merci

bonjour, oké,j'ai compris, merci: Avira AntiVir Personal Date de création du fichier de rapport : lundi 26 janvier 2009 01:43 La recherche porte sur 1274799 souches de virus. Détenteur de la licence :Avira AntiVir PersonalEdition Classic Numéro de série : 0000149996-ADJIE-0001 Plateforme : Windows XP Version de Windows :(Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur :NOM-EB85C523610 Informations de version : BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:00 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16 LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36 ANTIVIR1.VDF : 7.1.1.113 2817536 Bytes 14/01/2009 00:37:07 ANTIVIR2.VDF : 7.1.1.172 958464 Bytes 23/01/2009 00:37:09 ANTIVIR3.VDF : 7.1.1.176 35328 Bytes 25/01/2009 00:37:09 Version du moteur: 8.2.0.60 AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56 AESCRIPT.DLL : 8.1.1.32 340347 Bytes 26/01/2009 00:37:14 AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 15:06:41 AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38 AEPACK.DLL : 8.1.3.5 393588 Bytes 26/01/2009 00:37:14 AEOFFICE.DLL : 8.1.0.33 196987 Bytes 26/01/2009 00:37:13 AEHEUR.DLL : 8.1.0.86 1552759 Bytes 26/01/2009 00:37:12 AEHELP.DLL : 8.1.2.0 119159 Bytes 26/01/2009 00:37:11 AEGEN.DLL : 8.1.1.10 323957 Bytes 26/01/2009 00:37:10 AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56 AECORE.DLL : 8.1.5.2 172405 Bytes 26/01/2009 00:37:10 AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58 AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43 Configuration pour la recherche actuelle : Nom de la tâche..................: Contrôle intégral du système Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, D:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: arrêt Fichier mode de recherche........: Sélection de fichiers intelligente Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Début de la recherche : lundi 26 janvier 2009 01:43 La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'jucheck.exe' - '1' module(s) sont contrôlés Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpsysdrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'ALCXMNTR.EXE' - '1' module(s) sont contrôlés Processus de recherche 'WLLoginProxy.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'kbd.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpqste08.exe' - '1' module(s) sont contrôlés Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'CLSched.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleDesktop.exe' - '1' module(s) sont contrôlés Processus de recherche 'spool.exe' - '1' module(s) sont contrôlés Module infecté -> 'C:\WINDOWS\system32\spool.exe' Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'RealOneMessageCenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpqtra08.exe' - '1' module(s) sont contrôlés Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés Processus de recherche 'LSSrvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'CLMLServer.exe' - '1' module(s) sont contrôlés Processus de recherche 'CLCapSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés Processus de recherche 'CalCheck.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleDesktop.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'apdproxy.exe' - '1' module(s) sont contrôlés Processus de recherche 'realsched.exe' - '1' module(s) sont contrôlés Processus de recherche 'dragdiag.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpwuSchd2.exe' - '1' module(s) sont contrôlés Processus de recherche 'PCMService.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés Le processus 'spool.exe' est arrêté C:\WINDOWS\system32\spool.exe [RESULTAT] Contient le cheval de Troie TR/Dldr.Banload.CH.52 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49ec0842.qua' ! '54' processus ont été contrôlés avec '53' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD2 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD3 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD4 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '56' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <HP_PAVILION> C:\hiberfil.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\Documents and Settings\HP_Propriétaire\Incomplete\Preview-T-5745425-100 Chansons Francaises - Pauline - Allo le monde.mp3 [RESULTAT] Contient le modèle de détection de l'exploit EXP/ASF.GetCodec.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49e208e3.qua' ! C:\Documents and Settings\HP_Propriétaire\Incomplete\T-3545425-leona lewis - forgive me .mp3 [RESULTAT] Contient le modèle de détection de l'exploit EXP/ASF.GetCodec.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49b008a2.qua' ! C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\GL0H0P99\_freescan[1].htm [RESULTAT] Contient le modèle de détection du virus de script Java JS/FakeAlert.abf [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49ef2296.qua' ! C:\Documents and Settings\HP_Propriétaire\Shared\100 Chansons Francaises - Pauline - Allo le monde.mp3 [RESULTAT] Contient le modèle de détection de l'exploit EXP/ASF.GetCodec.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49ad43ed.qua' ! C:\Lop SD\Backup-Lop\LopScript\WINDOWS\system32\taskmg.exe --> Object [1] Type d'archive: RSRC --> Object [RESULTAT] Contient le cheval de Troie TR/Dldr.Banload.CH.52 [RESULTAT] Contient le cheval de Troie TR/Dldr.Delphi.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49f04455.qua' ! C:\Program Files\support.com\vault\ie\IEDefaultHomePage.vbs\13373_5aff06491_ [0] Type d'archive: CAB (Microsoft) --> IEDefaultHomePage.vbs [RESULTAT] Contient le code suspect : HEUR/HTML.Malware [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49b04682.qua' ! C:\Program Files\support.com\vault\ie\IEDefaultHomePage.vbs\13419_58e17d088_ [0] Type d'archive: CAB (Microsoft) --> IEDefaultHomePage.vbs [RESULTAT] Contient le code suspect : HEUR/HTML.Malware [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49b14688.qua' ! C:\Program Files\Trend Micro\HijackThis\backups\backup-20090122-220315-957.dll [RESULTAT] Contient le cheval de Troie TR/Fakealert.auc.6 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49e046c8.qua' ! Recherche débutant dans 'D:\' <HP_RECOVERY> Fin de la recherche : lundi 26 janvier 2009 06:34 Temps nécessaire: 4:51:12 Heure(s) La recherche a été effectuée intégralement 9217 Les répertoires ont été contrôlés 405105 Des fichiers ont été contrôlés 9 Des virus ou programmes indésirables ont été trouvés 2 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 9 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 2 Impossible de contrôler des fichiers 405092 Fichiers non infectés 16065 Les archives ont été contrôlées 6 Avertissements 9 Consignes

bonsoir, voila les rapports;merci;A+++ ogfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:14:06, on 24/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spool.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\svhist.exe C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: CyberLink PowerCinema O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://noorine01.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1171301581721 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: WindowsDriver - Unknown owner - C:\WINDOWS\system32\spool.exe -- End of file - 10409 bytes --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3200+ ) BIOS : Phoenix - Award BIOS v6.00PG USER : HP_Propriétaire ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.0 [VPS 090101-0] 4.8.0 (Activated) Firewall : Norton Internet Worm Protection 2006 (Not Activated) C:\ (Local Disk) - NTFS - Total:227 Go (Free:207 Go) D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go) E:\ (CD or DVD) F:\ (CD or DVD) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [4] ( sam. 24/01/2009|21:08 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script C:\WINDOWS\system32\taskmg.exe \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\WINDOWS\system32\taskmg.exe Supprime! - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\nstmp Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertstream[2].txt Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adultfriendfinder[1].txt Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertising[1].txt Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@banner.cotedazurpalace[1].txt Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adopt.euroclick[1].txt Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@partypoker[2].txt Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@banner.32vegas[2].txt \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [13/01/2009|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} [20/06/2007|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [12/05/2007|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic [13/01/2009|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [13/01/2009|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [21/11/2007|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7 [18/12/2008|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender [07/04/2006|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [06/10/2006|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix [13/01/2009|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [14/12/2007|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [07/04/2006|01:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [07/04/2006|01:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [12/01/2009|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [30/08/2008|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [06/12/2006|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies [16/12/2006|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [07/04/2006|01:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [07/04/2006|01:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [28/09/2006|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com [12/02/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SupportSoft [11/02/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [10/01/2009|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [11/10/2006|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems [10/12/2006|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [13/10/2006|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [26/03/2008|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [27/01/2007|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [26/10/2005|23:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [07/04/2006|02:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [07/04/2006|01:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real [14/12/2008|00:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe [17/03/2007|18:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM [13/01/2009|23:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer [21/11/2007|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AVG7 [05/12/2006|19:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Bitdefender [01/07/2006|10:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CyberLink [06/10/2006|20:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Droppix [24/11/2007|17:44] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google [14/12/2007|21:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Grisoft [03/03/2007|12:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Groove Games [06/10/2006|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help [21/11/2007|19:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Hemera [03/11/2007|20:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP [05/10/2006|20:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ [26/10/2005|23:34] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities [15/07/2007|12:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Image Zone Express [01/07/2006|12:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech [26/10/2006|20:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia [12/01/2009|14:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes [04/11/2007|12:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft [30/10/2007|19:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla [06/12/2006|16:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\muvee Technologies [12/05/2007|09:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\NCH Swift Sound [14/12/2008|11:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real [25/06/2008|19:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Shareaza [30/03/2008|20:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Shareaza(2) [16/02/2008|17:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SolwaySoftware [01/07/2006|12:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic [30/09/2006|12:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun [11/10/2006|17:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems [16/02/2008|14:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Uniblue [21/11/2007|19:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7 [21/11/2007|19:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [21/11/2007|19:07] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [21/11/2007|16:04] C:\DOCUME~1\noorine\APPLIC~1\Bitdefender [21/11/2007|19:06] C:\DOCUME~1\noorine\APPLIC~1\Microsoft [21/11/2007|19:06] C:\DOCUME~1\noorine\APPLIC~1\Real --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [14/01/2009 19:26][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [30/03/2008 19:59][--a------] C:\WINDOWS\tasks\Internet Services.job [11/01/2009 14:43][--a------] C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job [16/02/2008 14:43][--a------] C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job [16/10/2007 13:48][--a------] C:\WINDOWS\tasks\Connexion facile … Internet.job [24/01/2009 19:05][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 12:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [20/06/2007|22:07] C:\Program Files\Adobe [17/11/2006|17:40] C:\Program Files\Alwil Software [10/01/2009|18:54] C:\Program Files\Angle Interactive [16/08/2006|10:01] C:\Program Files\Anuman Interactive [13/01/2009|23:26] C:\Program Files\Apple Software Update [16/12/2008|08:53] C:\Program Files\Autodesk Network License Manager [12/02/2007|20:35] C:\Program Files\Belgacom [13/01/2009|23:28] C:\Program Files\Bonjour [17/10/2006|19:21] C:\Program Files\CartaGoGo [15/04/2007|22:15] C:\Program Files\City Interactive [21/06/2007|21:50] C:\Program Files\Common Files [20/10/2005|20:06] C:\Program Files\ComPlus Applications [07/04/2006|01:50] C:\Program Files\CyberLink [08/03/2008|19:46] C:\Program Files\DIFX [02/04/2008|13:03] C:\Program Files\eMule [13/01/2009|23:26] C:\Program Files\Fichiers communs [21/11/2007|19:06] C:\Program Files\Focus Multimedia [14/01/2009|00:37] C:\Program Files\Google [14/12/2007|21:12] C:\Program Files\Grisoft [07/04/2006|02:12] C:\Program Files\Hewlett-Packard [07/04/2006|01:49] C:\Program Files\HP [15/10/2006|11:31] C:\Program Files\Illustrate [11/01/2009|22:59] C:\Program Files\InstallShield Installation Information [11/12/2008|11:11] C:\Program Files\Internet Explorer [13/01/2009|23:28] C:\Program Files\iPod [13/01/2009|23:28] C:\Program Files\iTunes [20/01/2009|21:09] C:\Program Files\Java [18/01/2009|10:52] C:\Program Files\LimeWire [12/01/2009|14:02] C:\Program Files\Malwarebytes' Anti-Malware [19/12/2008|17:38] C:\Program Files\Messenger [21/11/2007|19:06] C:\Program Files\Micro Application [30/03/2008|20:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [26/10/2005|23:36] C:\Program Files\microsoft frontpage [27/10/2008|19:51] C:\Program Files\Microsoft Silverlight [11/10/2006|17:48] C:\Program Files\Mingjong [19/12/2008|17:34] C:\Program Files\Movie Maker [10/01/2009|16:14] C:\Program Files\Mozilla Firefox [14/05/2007|20:15] C:\Program Files\MP3 To Wave Maker Plus [26/10/2005|23:36] C:\Program Files\MSN [27/12/2006|22:44] C:\Program Files\MSN Apps [26/10/2005|23:36] C:\Program Files\MSN Gaming Zone [20/12/2008|10:32] C:\Program Files\MSN Messenger [23/11/2006|20:37] C:\Program Files\MSXML 4.0 [07/04/2006|01:53] C:\Program Files\muvee Technologies [12/05/2007|09:59] C:\Program Files\NCH Swift Sound [19/12/2008|17:30] C:\Program Files\NetMeeting [26/10/2005|23:36] C:\Program Files\Online Services [19/12/2008|17:30] C:\Program Files\Outlook Express [08/03/2008|19:46] C:\Program Files\Packard Bell MP3 [17/07/2007|23:12] C:\Program Files\Phototool [13/01/2009|23:28] C:\Program Files\QuickTime [07/04/2006|01:46] C:\Program Files\Real [07/04/2006|02:01] C:\Program Files\Services en ligne [25/06/2008|19:58] C:\Program Files\Shareaza [30/03/2008|20:02] C:\Program Files\Shareaza(2) [11/12/2006|21:23] C:\Program Files\Softwin [07/04/2006|01:48] C:\Program Files\Sonic [07/10/2006|02:52] C:\Program Files\Sony [07/10/2006|02:52] C:\Program Files\Sony Setup [09/01/2008|23:00] C:\Program Files\Sunbelt Software [28/09/2006|16:39] C:\Program Files\support.com [21/11/2007|17:41] C:\Program Files\TEC-IT [16/12/2006|20:18] C:\Program Files\Thomson [12/12/2007|10:41] C:\Program Files\Trend Micro [11/10/2006|17:49] C:\Program Files\Ulead Systems [20/10/2005|20:06] C:\Program Files\Uninstall Information [06/10/2006|18:05] C:\Program Files\VirtualDJ [07/10/2006|02:52] C:\Program Files\Vstplugins [26/03/2008|20:53] C:\Program Files\Windows Live [12/12/2007|11:17] C:\Program Files\Windows Live Favorites [12/12/2007|11:17] C:\Program Files\Windows Live Toolbar [11/10/2006|17:48] C:\Program Files\Windows Media Components [18/03/2007|15:03] C:\Program Files\Windows Media Connect 2 [19/12/2008|17:30] C:\Program Files\Windows Media Player [19/12/2008|17:30] C:\Program Files\Windows NT [20/10/2005|20:05] C:\Program Files\WindowsUpdate [26/10/2005|23:37] C:\Program Files\xerox [27/01/2007|21:55] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [20/06/2007|22:07] C:\Program Files\Fichiers communs\Adobe [13/01/2009|23:28] C:\Program Files\Fichiers communs\Apple [07/04/2006|01:34] C:\Program Files\Fichiers communs\Hewlett-Packard [07/04/2006|01:40] C:\Program Files\Fichiers communs\HP [30/05/2007|18:20] C:\Program Files\Fichiers communs\InstallShield [07/04/2006|01:20] C:\Program Files\Fichiers communs\Java [12/12/2007|11:17] C:\Program Files\Fichiers communs\LightScribe [26/10/2005|23:35] C:\Program Files\Fichiers communs\Microsoft Shared [26/10/2005|23:35] C:\Program Files\Fichiers communs\MSSoap [26/10/2005|23:35] C:\Program Files\Fichiers communs\ODBC [14/12/2008|10:59] C:\Program Files\Fichiers communs\Real [26/10/2005|23:35] C:\Program Files\Fichiers communs\Services [16/01/2007|08:39] C:\Program Files\Fichiers communs\Softwin [07/04/2006|01:47] C:\Program Files\Fichiers communs\Sonic Shared [26/10/2005|23:35] C:\Program Files\Fichiers communs\SpeechEngines [12/02/2007|20:35] C:\Program Files\Fichiers communs\Supportsoft [07/04/2006|01:47] C:\Program Files\Fichiers communs\SureThing Shared [11/02/2007|21:17] C:\Program Files\Fichiers communs\Symantec Shared [19/12/2008|17:30] C:\Program Files\Fichiers communs\System [07/04/2006|01:48] C:\Program Files\Fichiers communs\TiVo Shared [30/03/2008|20:03] C:\Program Files\Fichiers communs\WindowsLiveInstaller [14/12/2008|11:00] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 52 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-24 21:09:24 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 13 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\HP_PRO~1\Local Settings\Temporary Internet Files\Content.IE5\EK9NGIEJ\sharon_stone_p_diddy_is_on_crack[1].jpg [F:226][D:10]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp [F:255][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies [F:16157][D:23]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - sam. 24/01/2009|21:11 - Option : [4] --------------------\\ Fin du rapport a 21:11

re, qu'est ce que je dois faire avec ça? C:\WINDOWS\system32\taskmg.exe bon je crois que j'ai fait ce que tu m'as dit appollo escuse-moi si j'ai oublié quelque chose, je ne m'y connais pas bien, merci, pour ta patience

bonsoir, voila le rapport: ogfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:57:38, on 22/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spool.exe C:\WINDOWS\system32\taskmg.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\svhist.exe C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Research - {0B014B81-4E12-46F9-806F-55867AF8FD3C} - C:\WINDOWS\system32\winsystems.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: CyberLink PowerCinema O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://noorine01.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1171301581721 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: WindowsDriver - Unknown owner - C:\WINDOWS\system32\spool.exe -- End of file - 10664 bytes Thanks

bonsoir, voici le rapport (désolé cela appris du temps) merci de ton aide, a bientot. JavaRa 1.13 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Tue Jan 20 21:09:40 2009 Found and removed: C:\Program Files\Java\j2re1.4.2_04 Found and removed: C:\Program Files\Java\jre1.5.0_09 Found and removed: C:\Windows\System32\jpicpl32.cpl Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4 Found and removed: Software\JavaSoft\Java2D\1.5.0_05 Found and removed: Software\JavaSoft\Java2D\1.5.0_11 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Classes\JavaPlugin.150_05 Found and removed: SOFTWARE\Classes\JavaPlugin.150_11 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142040} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\Installer\Products\8A0F841731866D117AB7000B0D410204 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D410204 Found and removed: SOFTWARE\Classes\JavaPlugin.142_04 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.2_04 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.2_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.4.2_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\JavaPlugin.142_04 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_11\ ------------------------------------ Finished reporting.

désoléLogfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:33:04, on 12/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Research - {0B014B81-4E12-46F9-806F-55867AF8FD3C} - C:\WINDOWS\system32\winsystems.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: CyberLink PowerCinema O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://noorine01.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1171301581721 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O20 - AppInit_DLLs: doqjvg.dll gqxdvl.dll xsjfwg.dll O20 - Winlogon Notify: xxyxUkjG - xxyxUkjG.dll (file missing) O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8929 bytes distraite, voila le rapport apres redemarrage,

voila, les rapports -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3200+ ) BIOS : Phoenix - Award BIOS v6.00PG USER : HP_Propriétaire ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.0 [VPS 090101-0] 4.8.0 (Activated) Firewall : Norton Internet Worm Protection 2006 (Not Activated) C:\ (Local Disk) - NTFS - Total:227 Go (Free:209 Go) D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go) E:\ (CD or DVD) F:\ (CD or DVD) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( lun. 12/01/2009|15:17 ) -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (HP_Propri‚taire) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.google.fr/" "Search Page"="http://www.google.com" "Search Bar"="http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" "SearchAssistant"="http://www.crawler.com/search/ie.aspx?tb_id=60327" "CustomizeSearch"="http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! 1 - "C:\ToolBar SD\TB_1.txt" - dim. 11/01/2009|23:31 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - lun. 12/01/2009|13:58 - Option : [2] 3 - "C:\ToolBar SD\TB_3.txt" - lun. 12/01/2009|15:17 - Option : [2] -----------\\ Fin du rapport a 15:17:58,75la, ogfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:28:46, on 12/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\wscntfy.exe c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Research - {0B014B81-4E12-46F9-806F-55867AF8FD3C} - C:\WINDOWS\system32\winsystems.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: CyberLink PowerCinema O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://noorine01.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1171301581721 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O20 - AppInit_DLLs: doqjvg.dll gqxdvl.dll xsjfwg.dll O20 - Winlogon Notify: xxyxUkjG - xxyxUkjG.dll (file missing) O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8931 bytes

bonjour : voila les 3 rapports; Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:07:08, on 12/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\wscntfy.exe c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Research - {0B014B81-4E12-46F9-806F-55867AF8FD3C} - C:\WINDOWS\system32\winsystems.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: CyberLink PowerCinema O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://noorine01.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1171301581721 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O20 - AppInit_DLLs: doqjvg.dll gqxdvl.dll xsjfwg.dll O20 - Winlogon Notify: xxyxUkjG - xxyxUkjG.dll (file missing) O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8929 bytes Malwarebytes' Anti-Malware 1.32 Version de la base de données: 1645 Windows 5.1.2600 Service Pack 3 12/01/2009 15:00:38 mbam-log-2009-01-12 (15-00-38).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|) Eléments examinés: 129335 Temps écoulé: 26 minute(s), 12 second(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 5 Clé(s) du Registre infectée(s): 17 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 55 Processus mémoire infecté(s): C:\Program Files\Antivirus 2009\av2009.exe (Rogue.Antivirus 2009) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\WINDOWS\system32\pgbbibpj.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\wvUmMggD.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\doqjvg.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\gqxdvl.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\xsjfwg.dll (Trojan.Vundo) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76f265a8-f811-4879-8f8a-d0befccd641b} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{76f265a8-f811-4879-8f8a-d0befccd641b} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d034d37b-8e5b-4f48-9b87-2341134c31e4} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d034d37b-8e5b-4f48-9b87-2341134c31e4} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ba317125-fc24-41ac-bf6b-6b42f26d1994} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{df297cc3-2143-4038-8e3e-e1f61cc3f524} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d034d37b-8e5b-4f48-9b87-2341134c31e4} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{76f265a8-f811-4879-8f8a-d0befccd641b} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Alert Popup (Trojan.Zlob) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\09028ece (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\40544111869750915561668694527133 (Rogue.Antivirus 2009) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\wvummggd -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\wvummggd -> Delete on reboot. Dossier(s) infecté(s): C:\Program Files\Antivirus 2009 (Rogue.Antivirus 2009) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\system32\wvUmMggD.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\DggMmUvw.ini (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\DggMmUvw.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xsjfwg.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\edlnldpx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xpdlnlde.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jgrhvcnk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kncvhrgj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kesmxxaa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\aaxxmsek.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pgbbibpj.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\jpbibbgp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rlfbrdff.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ffdrbflr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\twhutaac.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\caatuhwt.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vnuilwuu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uuwliunv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\doqjvg.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\gqxdvl.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\mgpavxvd.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\agnsxk.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\bdlich.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cbsyxbco.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dkxmgjow.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hdoikyuq.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hevkchfx.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ieupdates.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\iyutioiv.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\khfGvuSm.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kjlkyoal.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kmbmkfmv.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ncescu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\owxxjj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\oxlwyr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pvfypjtb.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qyjblsix.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rqRliGYo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rssijt.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\scemufeg.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\scui.cpl (Rogue.XPantivirus) -> Quarantined and deleted successfully. C:\WINDOWS\system32\srqdimam.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tmfgmv.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uhnxprqp.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wgmjlo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\woyogemh.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xnaxyste.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\yayyXOFX.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\yeuehdml.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ymqdfhhm.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Program Files\Antivirus 2009\av2009.exe (Rogue.Antivirus 2009) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\byXPFUKe.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\efcDTMEx.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\yayxvWPH.dll (Trojan.Vundo) -> Quarantined and deleted successfully

bonsoir , merci pour ton aide,voici le rapport demandé ,merci d'avance: -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3200+ ) BIOS : Phoenix - Award BIOS v6.00PG USER : HP_Propriétaire ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.0 [VPS 090101-0] 4.8.0 (Activated) Firewall : Norton Internet Worm Protection 2006 (Not Activated) C:\ (Local Disk) - NTFS - Total:227 Go (Free:209 Go) D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go) E:\ (CD or DVD) F:\ (CD or DVD) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( dim. 11/01/2009|23:29 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\WINDOWS\iun6002.exe C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml -----------\\ Extensions (HP_Propri‚taire) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.google.fr/" "Search Page"="http://www.google.com" "Search Bar"="http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "SearchAssistant"="http://www.crawler.com/search/ie.aspx?tb_id=60327" "CustomizeSearch"="http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327" --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\DggMmUvw.ini C:\WINDOWS\system32\DggMmUvw.ini2 C:\WINDOWS\system32\wvUmMggD.dll ==> VUNDO <== --------------------\\ ROGUES .. C:\PROGRA~1\Antivirus 2009 1 - "C:\ToolBar SD\TB_1.txt" - dim. 11/01/2009|23:31 - Option : [1] -----------\\ Fin du rapport a 23:31:26,82

salut, tout d'abord bonne année ,a tous,voila j'ai un probleme avec mon pc, il bloque pendant que je surf puis plus moyen de continue ni a surfer,ni a l'éteindre,de plus de puis quelques jours des pubs qui apparraissent.voila j'ai fais un rapport c'est tous ce que je sais faire pourriez-vous m'aide svp, merci d'avance. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:25:37, on 7/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\CameraFixer.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\svchost.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe C:\WINDOWS\explorer.exe C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis.zip\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: CyberLink PowerCinema O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Crawler Search - tbr:iemenu O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://noorine01.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1171301581721 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O20 - AppInit_DLLs: doqjvg.dll gqxdvl.dll O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 11275 bytes

re, voila , j'ai suivie les instructions mais il n'y a pas le fichier donc je n'ai pas sus le désinstaller comment je pourrais pro céder. pour le virus qui restecomment l'éradier.merci.

re, voici le rapport, un petit probleme ,j'ai un program que je veux deinstaller winsos mais je n'y arrive pas a chaque fois il m'indique qu'il n'arrive pas atrouvé la source comment je peux proceder pour le supprime merci de ton aide a bientot. KASPERSKY ONLINE SCANNER REPORT Sunday, January 06, 2008 7:20:23 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 6/01/2008 Kaspersky Anti-Virus database records: 503089 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ F:\ H:\ I:\ J:\ K:\ Scan Statistics Total number of scanned objects 87702 Number of viruses found 1 Number of infected objects 2 Number of suspicious objects 0 Duration of the scan process 01:41:54 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-11022007-223422.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture01.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture02.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture03.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture04.jpg.41b29522.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture05.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture06.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture07.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture08.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture09.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture10.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3EA73186.par Infected: Trojan-Downloader.WMA.Wimad.d skipped C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\402F5FD7.par Infected: Trojan-Downloader.WMA.Wimad.d skipped C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Cookies\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{F9C9E535-F170-4FE4-8E67-9DDEFDAB83F0} Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\MSHist012008010620080107\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\hpodvd09.log Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\_hphtra07.log Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\ntuser.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped C:\Program Files\Softwin\BitDefender10\aspdict.dat Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP7\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\bdss.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt Object is locked skipped C:\WINDOWS\Temp\sqlite_DdNrS2h7wAz6AR9 Object is locked skipped C:\WINDOWS\Temp\tmp0000603b\tmp00000000 Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

re, voici le rapport: C:\Documents and Settings\HP_Propriétaire\Application Data\setup_fr[1].exe moved successfully.

re, merci pour info, voila le rapport Thursday, December 27, 2007 9:00:05 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 26/12/2007 Kaspersky Anti-Virus database records: 494953 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ F:\ H:\ I:\ J:\ K:\ Scan Statistics Total number of scanned objects 86316 Number of viruses found 5 Number of infected objects 20 Number of suspicious objects 0 Duration of the scan process 01:29:20 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-11022007-223422.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture01.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture02.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture03.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture04.jpg.41b29522.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture05.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture06.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture07.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture08.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture09.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture10.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3EA73186.par Infected: Trojan-Downloader.WMA.Wimad.d skipped C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\402F5FD7.par Infected: Trojan-Downloader.WMA.Wimad.d skipped C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Application Data\setup_fr[1].exe Infected: not-a-virus:Downloader.Win32.WinFixer.cc skipped C:\Documents and Settings\HP_Propriétaire\Cookies\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\MSHist012007122620071227\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\ntuser.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped C:\Program Files\Softwin\BitDefender10\aspdict.dat Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000089.exe/WISE0044.BIN/stream/data0005 Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000089.exe/WISE0044.BIN/stream Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000089.exe/WISE0044.BIN Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000089.exe WiseSFX: infected - 3 skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000089.exe WiseSFXDropper: infected - 3 skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000095.exe Infected: Trojan-Downloader.Win32.Agent.dwe skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000096.exe/WISE0044.BIN/stream/data0005 Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000096.exe/WISE0044.BIN/stream Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000096.exe/WISE0044.BIN Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000096.exe WiseSFX: infected - 3 skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000096.exe WiseSFXDropper: infected - 3 skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000103.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000115.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000115.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000115.exe RarSFX: infected - 2 skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000121.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\A0000138.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\bdss.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt Object is locked skipped C:\WINDOWS\Temp\sqlite_FBIIeZ7V4ffmDiq Object is locked skipped C:\WINDOWS\Temp\tmp00000c08\tmp00000000 Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\change.log Object is locked skipped Scan process completed. @+

Bonsoir' bruce lee, je voudrais te poser une question comment faire pour trouver ce fichier et le mettre dans la corbeille merc iiiiiiiiiiiiiiiiiiii de ton aide djn

re, voici les rapports: KASPERSKY ONLINE SCANNER REPORT Tuesday, December 25, 2007 1:06:33 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 25/12/2007 Kaspersky Anti-Virus database records: 493349 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ F:\ H:\ I:\ J:\ K:\ Scan Statistics Total number of scanned objects 84201 Number of viruses found 5 Number of infected objects 26 Number of suspicious objects 0 Duration of the scan process 01:36:31 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-11022007-223422.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture01.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture02.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture03.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture04.jpg.41b29522.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture05.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture06.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture07.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture08.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture09.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\muvee Technologies30625\dscrp\Sample_Picture10.jpg.41b29524.mpd Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3EA73186.par Infected: Trojan-Downloader.WMA.Wimad.d skipped C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\402F5FD7.par Infected: Trojan-Downloader.WMA.Wimad.d skipped C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Application Data\setup_fr[1].exe Infected: not-a-virus:Downloader.Win32.WinFixer.cc skipped C:\Documents and Settings\HP_Propriétaire\Cookies\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{9CA7F516-9CCC-4653-8ACA-A8CA069C484B} Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\MSHist012007122520071226\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\hpodvd09.log Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\_hphtra07.log Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\Mes documents\setup_fr.exe Infected: not-a-virus:Downloader.Win32.WinFixer.cc skipped C:\Documents and Settings\HP_Propriétaire\ntuser.dat Object is locked skipped C:\Documents and Settings\HP_Propriétaire\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped C:\Program Files\Softwin\BitDefender10\aspdict.dat Object is locked skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc38.exe/WISE0044.BIN/stream/data0005 Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc38.exe/WISE0044.BIN/stream Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc38.exe/WISE0044.BIN Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc38.exe WiseSFX: infected - 3 skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc38.exe WiseSFXDropper: infected - 3 skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc48\reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc50\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc51\Navilog1.zip/Navilog1.exe/file09 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc51\Navilog1.zip/Navilog1.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc51\Navilog1.zip ZIP: infected - 2 skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc51\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc51\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc51\SmitfraudFix.exe RarSFX: infected - 2 skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc57\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc57\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc57\SmitfraudFix.zip ZIP: infected - 1 skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc58\BearShareV6int.exe/WISE0044.BIN/stream/data0005 Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc58\BearShareV6int.exe/WISE0044.BIN/stream Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc58\BearShareV6int.exe/WISE0044.BIN Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc58\BearShareV6int.exe WiseSFX: infected - 3 skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc58\BearShareV6int.exe WiseSFXDropper: infected - 3 skipped C:\RECYCLER\S-1-5-21-4043045673-3118007569-3466283886-1008\Dc62\WinBuninstaller.exe Infected: Trojan-Downloader.Win32.Agent.dwe skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP1\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\bdss.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt Object is locked skipped C:\WINDOWS\Temp\sqlite_GL1Plaz2PvmUZrD Object is locked skipped C:\WINDOWS\Temp\tmp00002879\tmp00000000 Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. File/Folder :\Documents and Settings\HP_Propriétaire\Application Data\WinButler not found. File/Folder C:\Documents and Settings\HP_Propriétaire\Bureau\degats tempete\jedba\latifa\BearShareV6int.exe not found. File/Folder C:\Documents and Settings\HP_Propriétaire\Bureau\SmitfraudFix not found. File/Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\41KLU7WL\Navilog1[1].zip not found. File/Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\OH6J4P2N\SmitfraudFix[1].exe not found. File/Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\WZLBIM71\SmitfraudFix[1].zip not found. File/Folder C:\Documents and Settings\HP_Propriétaire\Mes documents\Navilog1.zip not found. File/Folder C:\Documents and Settings\HP_Propriétaire\Mes documents\Navilog1.zip not found. File/Folder C:\Documents and Settings\HP_Propriétaire\Mes documents\SmitfraudFix not found. File/Folder C:\Documents and Settings\HP_Propriétaire\Mes documents\SmitfraudFix.exe not found. File/Folder C:\Program Files\Navilog1 not found. Created on 12/25/2007 13:13:51